{"report_id":"ac54eedf-cac8-40f0-8ee4-1a0ac7c2c4ac","version":6,"status":"done","tags":[],"date":"2026-04-06T12:49:02Z","url":{"schema":"http","addr":"key-drop.cyou","fqdn":"key-drop.cyou","domain":"key-drop.cyou","tld":"cyou"},"ip":{"addr":"75.2.60.5","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.key-drop.cyou/","fqdn":"www.key-drop.cyou","domain":"key-drop.cyou","tld":"cyou"},"title":"Keydrop","dom":{"size":3671,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"0493a57675bf79183ca8c4271596bd90","sha1":"487039f6004d8b0b25697c646747677ecae010f6","sha256":"b28113ddce1176808dd3580cf5c774a737c3a2d0bd91d8f473ee70ee5690ec8c","sha512":"fd66dd8b0b20973533b124fb6d87d86376d639daf6a781fb118a91c47a5e795519eb7bc791c9e3ef7c9281a957ee5e393e2df9a11b54569ba0bf3d149a40a4e4","ssdeep":"","tlshash":"d5712f8b61f311172c2394655fe7674eb291e407d20fee193edc92888fc69898da379c","dom_hash":"domhashd1b574d039d1f386f2ba48bf0c73a821","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"key-drop.cyou","fqdn":"key-drop.cyou","domain":"key-drop.cyou","tld":"cyou"},"ip":{"addr":"75.2.60.5","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-11T12:49:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"key-drop.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"www.key-drop.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"key-drop.cyou","ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-04-04","domain_rank":0,"first_seen":"2026-04-06T12:49:02.813725Z","last_seen":"2026-04-06T12:49:02.813725Z","alert_count":1,"request_count":1,"received_data":4015,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}]},{"fqdn":"www.key-drop.cyou","ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2026-04-04","domain_rank":0,"first_seen":"2026-04-06T12:49:02.817108Z","last_seen":"2026-04-06T12:49:02.817108Z","alert_count":3,"request_count":3,"received_data":9101,"sent_data":1403,"comment":"","tags":null,"fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"staflink.cc","ip":{"addr":"172.67.169.175","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":1038,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.key-drop.cyou/","fqdn":"www.key-drop.cyou","domain":"key-drop.cyou","tld":"cyou"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d6d291b48a7af6e23a9074f5073fac7a","sha1":"e8faf4e89d5cdb47d8b174f54aa6eff618bbf6c6","sha256":"512a5da85812901c4ce7f0abfc77d792d02f8e55a2107f98a4e83691cd8249a9","sha512":"da931aff5770a06d22cffd91d125c4d0c0dc203334d01ed62ce16b1be9442db3767748fd3c0a4371e9b529b862c414d87c6f19ab4b4d4d58a4fe0318be707007","ssdeep":"","tlshash":"2ef0245e707b627f01bb126e5b8ba2dbb202604f364cc849ba0c45422fc062acad1f94","size":620,"data":"","first_seen":"2026-04-06T12:49:17.439986Z","last_seen":"2026-04-06T13:05:55.769514Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"key-drop.cyou/","fqdn":"key-drop.cyou","domain":"key-drop.cyou","tld":"cyou"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T12:48:40.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.key-drop.cyou","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 16:58:17 GMT","end":"Sat, 04 Jul 2026 16:58:16 GMT"},"fingerprint":{"sha1":"2D:81:8B:1C:11:B0:97:2F:10:DB:57:3E:B5:AA:B6:20:85:F2:F5:05","sha256":"DC:A4:64:B8:59:85:A2:69:92:7E:5E:B0:A8:63:27:9B:3E:A4:59:30:59:C8:20:8E:9B:95:67:09:40:3E:69:E0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: key-drop.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-type: text/plain; charset=utf-8\r\ndate: Mon, 06 Apr 2026 12:48:40 GMT\r\nlocation: https://www.key-drop.cyou/\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDD2GSE801G5K10BV2Z2HW\r\ncontent-length: 41\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3720,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T01:11:48.314333Z","times_seen":13443173,"resource_available":true,"data":null}},"time_used":354,"timings":{"blocked":166,"dns":113,"connect":1,"send":0,"wait":21,"receive":1,"ssl":49},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"key-drop.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.key-drop.cyou/","fqdn":"www.key-drop.cyou","domain":"key-drop.cyou","tld":"cyou"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T12:48:40.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.key-drop.cyou","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 16:58:17 GMT","end":"Sat, 04 Jul 2026 16:58:16 GMT"},"fingerprint":{"sha1":"2D:81:8B:1C:11:B0:97:2F:10:DB:57:3E:B5:AA:B6:20:85:F2:F5:05","sha256":"DC:A4:64:B8:59:85:A2:69:92:7E:5E:B0:A8:63:27:9B:3E:A4:59:30:59:C8:20:8E:9B:95:67:09:40:3E:69:E0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.key-drop.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 279\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Mon, 06 Apr 2026 12:48:40 GMT\r\netag: \"0deee89f01a6b6bc3ba9891cfbdab7bd-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KNHDD2PH0KG2C7CRACGD0JNX\r\ncontent-length: 1103\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3720,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"d57887d99cc6e02a2f36b4c3fb626949","sha1":"4a9a863bf9fbaca4473dbc7b3586cb00fc5b6d1a","sha256":"b6bbb3a28c76bca656985ee38c0987b9716713c1cf126816af7436cf92b89c0f","sha512":"a1680dff651d9ccb314fa8664e9274fd7656dc40b2b05a4ba3909d046f86a11bae197d38b8b53b4452046bba2964cc0b433100cbfa50c9bec4853bfa322cdf63","ssdeep":"","tlshash":"ad71318b65f311172c2394645fe7674ab291d407e20fed193edc62888fc29898de339c","first_seen":"2026-04-06T12:49:17.435913Z","last_seen":"2026-04-06T13:05:55.765191Z","times_seen":2,"resource_available":true,"data":null}},"time_used":335,"timings":{"blocked":155,"dns":101,"connect":23,"send":0,"wait":23,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"www.key-drop.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.key-drop.cyou/assetss/public/images/lg.png","fqdn":"www.key-drop.cyou","domain":"key-drop.cyou","tld":"cyou"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.key-drop.cyou/","date":"2026-04-06T12:48:40.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.key-drop.cyou","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 16:58:17 GMT","end":"Sat, 04 Jul 2026 16:58:16 GMT"},"fingerprint":{"sha1":"2D:81:8B:1C:11:B0:97:2F:10:DB:57:3E:B5:AA:B6:20:85:F2:F5:05","sha256":"DC:A4:64:B8:59:85:A2:69:92:7E:5E:B0:A8:63:27:9B:3E:A4:59:30:59:C8:20:8E:9B:95:67:09:40:3E:69:E0"}}},"request":{"raw":"GET /assetss/public/images/lg.png HTTP/1.1\r\nHost: www.key-drop.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.key-drop.cyou/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 279\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/png\r\ndate: Mon, 06 Apr 2026 12:48:40 GMT\r\netag: \"1864ad3082e70c14996c2adbc4c9ef0d-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDD2XTRXDDATBZ02KJ9ZEM\r\ncontent-length: 3658\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3658,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 269 x 67, 8-bit colormap, non-interlaced","md5":"6e9c4f089fd596dd22b9dc32b58a44f1","sha1":"285567714984c1b54f20049c78e3c955759b7bb9","sha256":"db7875d9690b5396c7856aa635f8b5513b033142676148ffd9562649e41c5a62","sha512":"411588b120febf8a8277300dc8bc6a07a8cc6bf0e7a597bf9c0d90e6cf053112f7f1ab2363ec5388863bf1b1898692783da34eb76663a05af0637f7ba1fa28e9","ssdeep":"","tlshash":"0a715d4c6991cf315fe12e2ad640f9082f011ef56d99120491be52147176e8b2b65a81","first_seen":"2026-04-06T12:49:17.436859Z","last_seen":"2026-04-06T13:06:15.275734Z","times_seen":5,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"www.key-drop.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"staflink.cc/api/links/key-drop.cyou","fqdn":"staflink.cc","domain":"staflink.cc","tld":"cc"},"ip":{"addr":"172.67.169.175","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.key-drop.cyou/","date":"2026-04-06T12:48:40.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"staflink.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Apr 2026 22:29:50 GMT","end":"Fri, 03 Jul 2026 23:27:23 GMT"},"fingerprint":{"sha1":"67:00:E2:CF:51:80:60:82:38:82:28:97:52:23:93:D8:09:F9:80:A7","sha256":"3A:80:CD:0D:00:65:B5:D0:EC:1D:E9:CE:C0:C5:03:6B:30:98:83:E4:0A:E3:01:4B:D1:CE:AA:77:75:25:DD:AF"}}},"request":{"raw":"GET /api/links/key-drop.cyou HTTP/1.1\r\nHost: staflink.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.key-drop.cyou/\r\nOrigin: https://www.key-drop.cyou\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 12:48:41 GMT\r\ncontent-type: application/json\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, Authorization\r\naccess-control-allow-methods: GET,POST,PUT,DELETE,PATCH,OPTIONS\r\naccess-control-allow-origin: *\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1p43nkw1nowTFgddkrVJZ1ykcPxYvce33fOsU98VSHs5KqRgMCgLb%2F8GhcqzYRC5SVG5mXKqcLN4UAwfq2xNc27FjUZzsA8gLI4ql7XbOdS5WYqAxUdhXoMEyhWQwQ%3D%3D\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e80e87fcc55b509-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":98,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0d5e11a890bbf5b331c29edcbf33325b","sha1":"ef5134b5b2aa71a7f33edd476a93d62e1adfe7cf","sha256":"b8c39b89a054adafd03e1043de21a5453898e39ef17f4d2ab10d279edf80822b","sha512":"b7969e21b79cd3282ed5bc257285e5df683abf24a409d273a6f1392c4008e56f5bb53ec2ed23767905ebc7b89482973f1bea20d6987bee849e99a3503dcc1a10","ssdeep":"","tlshash":"c8b0127b01bf70b933d817b10c013c2a020ea03595bc3c0433ccd40909704b9590e4c4","first_seen":"2026-04-06T12:49:17.438073Z","last_seen":"2026-04-06T13:06:15.273461Z","times_seen":5,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":44,"dns":21,"connect":5,"send":0,"wait":105,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.key-drop.cyou/assetss/public/images/fav.svg","fqdn":"www.key-drop.cyou","domain":"key-drop.cyou","tld":"cyou"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.key-drop.cyou/","date":"2026-04-06T12:48:41.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.key-drop.cyou","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 05 Apr 2026 16:58:17 GMT","end":"Sat, 04 Jul 2026 16:58:16 GMT"},"fingerprint":{"sha1":"2D:81:8B:1C:11:B0:97:2F:10:DB:57:3E:B5:AA:B6:20:85:F2:F5:05","sha256":"DC:A4:64:B8:59:85:A2:69:92:7E:5E:B0:A8:63:27:9B:3E:A4:59:30:59:C8:20:8E:9B:95:67:09:40:3E:69:E0"}}},"request":{"raw":"GET /assetss/public/images/fav.svg HTTP/1.1\r\nHost: www.key-drop.cyou\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.key-drop.cyou/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 280\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-type: image/svg+xml\r\ndate: Mon, 06 Apr 2026 12:48:41 GMT\r\netag: \"1791326468286e53f76ef52b0cb33e3f-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KNHDD31TZNP5QA4B2HG2SE9A\r\ncontent-length: 487\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":487,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f68dfdf6461bfffec69a3528432c617f","sha1":"751524c937f8518503b973fcd4d86abcf77c562f","sha256":"5ba733234bedc2a7cd42e4a0b53392a183cd98670110ae23c5f3e339cb2ec5da","sha512":"4d627bc9e6193c74ecad852cc9efc67ce6ce19dc39366225c38e25e59ce6bd10ca610bdb24c7a8adec198e1bb696b1281ea2ebfe0cb7fa047adc3a12a0bc4b10","ssdeep":"","tlshash":"c2f0dcfec590c384d0a585fc7e8bb72454cdf0c8c09ec31640aa02e050e64e0f3be080","first_seen":"2026-04-06T12:49:17.439019Z","last_seen":"2026-04-06T13:06:15.277712Z","times_seen":5,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"www.key-drop.cyou","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}