{"report_id":"2827cc75-7eed-4776-9fea-0a97fe84ac19","version":6,"status":"done","tags":[],"date":"2026-04-06T12:49:18Z","url":{"schema":"http","addr":"key-drop.sbs","fqdn":"key-drop.sbs","domain":"key-drop.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.key-drop.sbs/","fqdn":"www.key-drop.sbs","domain":"key-drop.sbs","tld":"sbs"},"title":"Keydrop","dom":{"size":3582,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"b0f0c2b50baf5a1427f1aea2311de5c1","sha1":"b5e09ec35f634545d187584e53c982cc11cea86d","sha256":"3541cab9a212a6991478a06d049a6bf46d2bdbe80125fc96dafa5a332acd2744","sha512":"e10e53c7d0fda4dc6595c7d1b470d9d8a33d1cc73851612b209e12337cc54dd62f568ae93ce9e43357dd0d528fe0be7f0413c98217e7e3850b737b9f573bcfee","ssdeep":"","tlshash":"f2711fdb66f310132c13a4641fe7574eb291e403e50ede293eac62c88fc59898da3798","dom_hash":"domhashe51de276a1f3bdf3c9bca3beca00d5ce","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"key-drop.sbs","fqdn":"key-drop.sbs","domain":"key-drop.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-11T12:49:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"key-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"www.key-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"key-drop.sbs","ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-04-04","domain_rank":0,"first_seen":"2026-04-06T12:49:18.155547Z","last_seen":"2026-04-06T12:49:18.155547Z","alert_count":1,"request_count":1,"received_data":3925,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}]},{"fqdn":"www.key-drop.sbs","ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2026-04-04","domain_rank":0,"first_seen":"2026-04-06T12:49:18.156926Z","last_seen":"2026-04-06T12:49:18.156926Z","alert_count":3,"request_count":3,"received_data":9019,"sent_data":1398,"comment":"","tags":null,"fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"staflink.cc","ip":{"addr":"172.67.169.175","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-07","domain_rank":0,"first_seen":"2026-04-06T12:49:02.815583Z","last_seen":"2026-04-06T12:49:02.815583Z","alert_count":0,"request_count":1,"received_data":1040,"sent_data":453,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.key-drop.sbs/","fqdn":"www.key-drop.sbs","domain":"key-drop.sbs","tld":"sbs"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"3afe78e5695b724750e3302d286b3f0d","sha1":"e0a40078b77f82a21401ea8c6ba206258af5e92d","sha256":"e0751f01830771df222a3cec1122b185dc2ab8487065685088e1c868ba988e11","sha512":"085ee65fecaa6f9ef39875ba943a49715ee6c9fb21d0c72bf0fe8f1c51172a3c6ba6bd5073ed6bb46e45bacfea6406c46fce7b1ef30695a90a5806ed64858eeb","ssdeep":"","tlshash":"8bf02b6d703a627f00b7115e5b87b2cbb242604f364cc859ba0c16411fc422a89d1fd4","size":619,"data":"","first_seen":"2026-04-06T12:49:22.626567Z","last_seen":"2026-04-06T13:06:01.627826Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"key-drop.sbs/","fqdn":"key-drop.sbs","domain":"key-drop.sbs","tld":"sbs"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T12:48:55.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.key-drop.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 16:57:42 GMT","end":"Sat, 04 Jul 2026 16:57:41 GMT"},"fingerprint":{"sha1":"D9:E1:74:4C:D2:AB:81:B0:56:69:9F:3D:FA:0F:CC:1A:CF:81:F8:DE","sha256":"A1:1F:FE:4D:AF:06:1B:86:89:1A:83:D3:19:5F:52:BF:E7:B7:93:F2:56:42:BC:08:42:3C:42:94:CA:96:3B:D1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: key-drop.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-type: text/plain; charset=utf-8\r\ndate: Mon, 06 Apr 2026 12:48:56 GMT\r\nlocation: https://www.key-drop.sbs/\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDDHP0M7BEGPWD5P4AAEG9\r\ncontent-length: 40\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3631,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":457,"timings":{"blocked":171,"dns":120,"connect":1,"send":0,"wait":116,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"key-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.key-drop.sbs/","fqdn":"www.key-drop.sbs","domain":"key-drop.sbs","tld":"sbs"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T12:48:56.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.key-drop.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 16:57:42 GMT","end":"Sat, 04 Jul 2026 16:57:41 GMT"},"fingerprint":{"sha1":"D9:E1:74:4C:D2:AB:81:B0:56:69:9F:3D:FA:0F:CC:1A:CF:81:F8:DE","sha256":"A1:1F:FE:4D:AF:06:1B:86:89:1A:83:D3:19:5F:52:BF:E7:B7:93:F2:56:42:BC:08:42:3C:42:94:CA:96:3B:D1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.key-drop.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 12369\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Mon, 06 Apr 2026 12:48:56 GMT\r\netag: \"41bedcda59a6c5def34f16a8d951da18-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KNHDDHY02BYA41PED2QP7D0V\r\ncontent-length: 1081\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3631,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"9261cfd7c6de45aae8fd44800993db3a","sha1":"54cb80a45f36c083b1f29fb839954b9ed3681021","sha256":"aa847f283ee39985eb1bbcf5c89e4a43bff09a72346d08034dfa1f3689d1b32e","sha512":"f19a6a947b01ea6dff9dea5f6af0a33f71b7a9a54e87bf3f9d7cbc50185e969a20eb40bfc7862abf66e7488bbadeb76072a4325a960474b0bf6134434219dd98","ssdeep":"","tlshash":"fb711fdb66f310532813a4641fe7574ab251e403e60fde293edc62c88fc59898de3798","first_seen":"2026-04-06T12:49:22.622867Z","last_seen":"2026-04-06T13:06:01.626655Z","times_seen":2,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":125,"dns":69,"connect":23,"send":0,"wait":23,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"www.key-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.key-drop.sbs/assetss/public/images/lg.png","fqdn":"www.key-drop.sbs","domain":"key-drop.sbs","tld":"sbs"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.key-drop.sbs/","date":"2026-04-06T12:48:56.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.key-drop.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 16:57:42 GMT","end":"Sat, 04 Jul 2026 16:57:41 GMT"},"fingerprint":{"sha1":"D9:E1:74:4C:D2:AB:81:B0:56:69:9F:3D:FA:0F:CC:1A:CF:81:F8:DE","sha256":"A1:1F:FE:4D:AF:06:1B:86:89:1A:83:D3:19:5F:52:BF:E7:B7:93:F2:56:42:BC:08:42:3C:42:94:CA:96:3B:D1"}}},"request":{"raw":"GET /assetss/public/images/lg.png HTTP/1.1\r\nHost: www.key-drop.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.key-drop.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 12369\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/png\r\ndate: Mon, 06 Apr 2026 12:48:56 GMT\r\netag: \"1864ad3082e70c14996c2adbc4c9ef0d-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDDJ3PC7TBPMZPZZT59KES\r\ncontent-length: 3658\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3658,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 269 x 67, 8-bit colormap, non-interlaced","md5":"6e9c4f089fd596dd22b9dc32b58a44f1","sha1":"285567714984c1b54f20049c78e3c955759b7bb9","sha256":"db7875d9690b5396c7856aa635f8b5513b033142676148ffd9562649e41c5a62","sha512":"411588b120febf8a8277300dc8bc6a07a8cc6bf0e7a597bf9c0d90e6cf053112f7f1ab2363ec5388863bf1b1898692783da34eb76663a05af0637f7ba1fa28e9","ssdeep":"","tlshash":"0a715d4c6991cf315fe12e2ad640f9082f011ef56d99120491be52147176e8b2b65a81","first_seen":"2026-04-06T12:49:17.436859Z","last_seen":"2026-04-06T13:06:15.275734Z","times_seen":5,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"www.key-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"staflink.cc/api/links/key-drop.sbs","fqdn":"staflink.cc","domain":"staflink.cc","tld":"cc"},"ip":{"addr":"172.67.169.175","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.key-drop.sbs/","date":"2026-04-06T12:48:56.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"staflink.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Apr 2026 22:29:50 GMT","end":"Fri, 03 Jul 2026 23:27:23 GMT"},"fingerprint":{"sha1":"67:00:E2:CF:51:80:60:82:38:82:28:97:52:23:93:D8:09:F9:80:A7","sha256":"3A:80:CD:0D:00:65:B5:D0:EC:1D:E9:CE:C0:C5:03:6B:30:98:83:E4:0A:E3:01:4B:D1:CE:AA:77:75:25:DD:AF"}}},"request":{"raw":"GET /api/links/key-drop.sbs HTTP/1.1\r\nHost: staflink.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.key-drop.sbs/\r\nOrigin: https://www.key-drop.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 12:48:56 GMT\r\ncontent-type: application/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, Authorization\r\naccess-control-allow-methods: GET,POST,PUT,DELETE,PATCH,OPTIONS\r\naccess-control-allow-origin: *\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zLZgPc1HeQEdfOJlV2aarnxdMTsrsqAykPLeBDh7t0%2B%2FAp0cL9kTM9xNVTUY0KQVwO87jKhzk8jWwoNVMw3Ppr7dNZGQDAuCEJL7zlMUoHs1T1mnnMUaLmCUvPXnSg%3D%3D\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e80e8e0c971b4fd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":98,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0d5e11a890bbf5b331c29edcbf33325b","sha1":"ef5134b5b2aa71a7f33edd476a93d62e1adfe7cf","sha256":"b8c39b89a054adafd03e1043de21a5453898e39ef17f4d2ab10d279edf80822b","sha512":"b7969e21b79cd3282ed5bc257285e5df683abf24a409d273a6f1392c4008e56f5bb53ec2ed23767905ebc7b89482973f1bea20d6987bee849e99a3503dcc1a10","ssdeep":"","tlshash":"c8b0127b01bf70b933d817b10c013c2a020ea03595bc3c0433ccd40909704b9590e4c4","first_seen":"2026-04-06T12:49:17.438073Z","last_seen":"2026-04-06T13:06:15.273461Z","times_seen":5,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":17,"dns":0,"connect":1,"send":0,"wait":45,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.key-drop.sbs/assetss/public/images/fav.svg","fqdn":"www.key-drop.sbs","domain":"key-drop.sbs","tld":"sbs"},"ip":{"addr":"35.157.26.135","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.key-drop.sbs/","date":"2026-04-06T12:48:56.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.key-drop.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 16:57:42 GMT","end":"Sat, 04 Jul 2026 16:57:41 GMT"},"fingerprint":{"sha1":"D9:E1:74:4C:D2:AB:81:B0:56:69:9F:3D:FA:0F:CC:1A:CF:81:F8:DE","sha256":"A1:1F:FE:4D:AF:06:1B:86:89:1A:83:D3:19:5F:52:BF:E7:B7:93:F2:56:42:BC:08:42:3C:42:94:CA:96:3B:D1"}}},"request":{"raw":"GET /assetss/public/images/fav.svg HTTP/1.1\r\nHost: www.key-drop.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.key-drop.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/svg+xml\r\ndate: Mon, 06 Apr 2026 12:48:56 GMT\r\netag: \"1791326468286e53f76ef52b0cb33e3f-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDDJ76QW0HHNQ46EZMD79C\r\ncontent-length: 487\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":487,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f68dfdf6461bfffec69a3528432c617f","sha1":"751524c937f8518503b973fcd4d86abcf77c562f","sha256":"5ba733234bedc2a7cd42e4a0b53392a183cd98670110ae23c5f3e339cb2ec5da","sha512":"4d627bc9e6193c74ecad852cc9efc67ce6ce19dc39366225c38e25e59ce6bd10ca610bdb24c7a8adec198e1bb696b1281ea2ebfe0cb7fa047adc3a12a0bc4b10","ssdeep":"","tlshash":"c2f0dcfec590c384d0a585fc7e8bb72454cdf0c8c09ec31640aa02e050e64e0f3be080","first_seen":"2026-04-06T12:49:17.439019Z","last_seen":"2026-04-06T13:06:15.277712Z","times_seen":5,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":139,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"www.key-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}