{"report_id":"b0b0d840-e631-4a27-8903-d2679ff7b0ea","version":6,"status":"done","tags":[],"date":"2026-02-09T01:28:12Z","url":{"schema":"https","addr":"sonicairdrop.vip/","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"sonicairdrop.vip/","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"title":"Troll Airdrop","dom":{"size":34445,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15949)","md5":"185ab540cb692fb85e7b2f7e619897b2","sha1":"f0d6f8989d08c79f8d12af031b16b2f85e552535","sha256":"1a7c5b636512c09bf9247ec83eb39da6ee6356f24d252d4cf0da8092aa06c3e9","sha512":"797600d3f3ff5dc40bd365434e21ab24e827a01f1b563f9a2259124f96535f95c7329d588bdbc17f8e3a455eef85d51ab2d2cef19ba2a7acb41d4884fdd16ba6","ssdeep":"768:EXqzQH2L0r82It4uSRhKut5NFgl+FU+xHyvfSDIJPJWf3b8fzwZPROHXL0hDgmwy:MqzqyrYXUDB4Cu","tlshash":"e1f26284fb0c1d3f760761fe46d4dedd621d70334806baae79b490c5e0ca9bb0ab5928","dom_hash":"domhash3bf4a068389001564cbdc19fbf2b04db","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"sonicairdrop.vip/","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-16T01:28:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"sonicairdrop.vip","ip":{"addr":"172.67.184.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-24","domain_rank":0,"first_seen":"2026-02-09T01:05:08.307618Z","last_seen":"2026-02-09T01:05:08.307618Z","alert_count":14,"request_count":7,"received_data":716657,"sent_data":3115,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-08T22:14:51.234086Z","alert_count":0,"request_count":2,"received_data":17596,"sent_data":1088,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api.coingecko.com","ip":{"addr":"104.20.41.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-03-26","domain_rank":442226,"first_seen":"2018-05-18T12:16:11Z","last_seen":"2026-02-05T19:38:31.234362Z","alert_count":0,"request_count":3,"received_data":38361,"sent_data":1594,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-08T22:17:48.645662Z","alert_count":0,"request_count":2,"received_data":13180,"sent_data":947,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"sonicairdrop.vip/","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"40eb8eae1abb55a4eee699120f054051","sha1":"185d82ca3c7d712aa6b8a6c1b47eb7a7f9ec9678","sha256":"80ad344a2df9654c5e764d425718a366629df1cc0a2dd1ab0f8c2df5d4122f34","sha512":"a22aabb9662cb030776fa1bc3814a18c3cecf2193c71f5e1576cc351174c633f9ee92bddc315803ed2b05bdfae212157b06d9c1755b93b0b3f6160b8517b572a","ssdeep":"192:JlsnHlQvkEsJr+DMiTT+7JzkV5gD8lJTf2e:bsnHlQvkEar+4iTT+75kV5ggJrX","tlshash":"58f162e8b72d383e4389305e8539a14da16df13b7a4ad0eb761c065844e182fd37ceb6","size":8046,"data":"","first_seen":"2025-09-02T17:52:49.940035Z","last_seen":"2026-02-09T01:28:13.970201Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sonicairdrop.vip/_nuxt/assets/index.js","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f3b9047d3490d720dc3156447b73ad88","sha1":"b1f570c7c17c964d5791cce8a605cf54ca7b000a","sha256":"b9f62822bbaf4dc5eb917e3ef42947669b10c23003bc4eacab8ebe6b771a5498","sha512":"f5c0d67de015e8477b59084ef6867bd09e8f75dbf54180b2c62048f4bee464eabd41845c19aa9d42d9e2b3c82fbdac4d0f9ca68518e1ba0830eca356f17f3d19","ssdeep":"6144:zvjROSXPxRPCzE4arAS6/zZdas4QZKWJ1jy4Dmm4stPFnY4uWYLEVee3:zjQS3Cz5arAS6K4/tPtY4uDLEEi","tlshash":"8de4d6c32172ac6832957dad3ced7e306ec0597484194db9f687cd40dee287a73a76a0","size":678747,"data":"","first_seen":"2026-02-09T01:00:02.721451Z","last_seen":"2026-02-09T10:24:40.60605Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sonicairdrop.vip/","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"102f4ba82bcd4a5fe999b48df556a6e6","sha1":"bdb89bb9aa69ec493df6a5c78713bf1bb8e50860","sha256":"36eb787a0df419171b319efdbe569a37a36e58ad23f184c130a0fc9e696a5148","sha512":"14356660aac8d1ed4f5af08aaaa50c72ac795e130d9ad53abfbe57fd7a546aa473e7ed2dfebfd7c4c090bdd14d44df11041c40e2afd89d7b9557d9189afe1b8d","ssdeep":"6144:jGkJTfC6vVvOPzZdas8QZKWLrSCiMkmy0n8eNhm+gkOuc:Kk1C6vJO6CiCn8eXm+gBD","tlshash":"cad4198722729c35219959ee3cce7bf46e0006b4c4dd8d99f6958500efe687a31eb3b4","size":650554,"data":"","first_seen":"2026-02-09T01:00:02.723403Z","last_seen":"2026-02-09T10:24:40.614002Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"sonicairdrop.vip/_nuxt/assets/index.js","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:51.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sonicairdrop.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 07:59:40 GMT","end":"Sat, 25 Apr 2026 08:59:30 GMT"},"fingerprint":{"sha1":"8B:FC:29:94:84:E4:9C:4A:5A:E5:1B:8B:EC:9C:5E:24:BE:94:5D:7D","sha256":"70:21:B3:76:D5:13:2B:21:25:00:3C:C8:1E:76:74:CD:0C:3F:8A:B7:AC:8F:4C:FE:B5:0A:13:67:38:B8:31:07"}}},"request":{"raw":"GET /_nuxt/assets/index.js HTTP/1.1\r\nHost: sonicairdrop.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sonicairdrop.vip/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 09 Feb 2026 01:27:51 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nlast-modified: Mon, 09 Feb 2026 00:59:07 GMT\r\netag: \"6989315b-a60b9\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=300, must-revalidate\r\ncontent-encoding: gzip\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RFemESbNUTItVZnAClrDKB%2BPP2Y%2FC%2BMaefrPdZ5BHxg4JBM4WJ4b3MzExiJACsVQLbLmpL9K2kQnhfzVca0brPScZwRntjZ7zX5L7SyB%2BzA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9caf963138711525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":680121,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (56914), with no line terminators","md5":"f3b9047d3490d720dc3156447b73ad88","sha1":"b1f570c7c17c964d5791cce8a605cf54ca7b000a","sha256":"b9f62822bbaf4dc5eb917e3ef42947669b10c23003bc4eacab8ebe6b771a5498","sha512":"f5c0d67de015e8477b59084ef6867bd09e8f75dbf54180b2c62048f4bee464eabd41845c19aa9d42d9e2b3c82fbdac4d0f9ca68518e1ba0830eca356f17f3d19","ssdeep":"6144:zvjROSXPxRPCzE4arAS6/zZdas4QZKWJ1jy4Dmm4stPFnY4uWYLEVee3:zjQS3Cz5arAS6K4/tPtY4uDLEEi","tlshash":"8de4d6c32172ac6832957dad3ced7e306ec0597484194db9f687cd40dee287a73a76a0","first_seen":"2026-02-09T01:00:02.721451Z","last_seen":"2026-02-09T10:24:40.60605Z","times_seen":28,"resource_available":true,"data":null}},"time_used":324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/silkscreen/v6/m8JUjfVPf62XiF7kO-i9aAhAfmyi2A.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:51.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:55 GMT","end":"Mon, 06 Apr 2026 08:37:54 GMT"},"fingerprint":{"sha1":"C9:11:F3:8A:1F:95:BA:78:F0:71:09:AC:AA:E5:AC:D1:ED:83:E4:04","sha256":"61:45:36:53:9C:8E:E6:E3:72:93:D5:B6:2E:25:31:08:2F:70:5B:C8:FA:43:EA:70:B8:CE:11:BF:74:C7:92:98"}}},"request":{"raw":"GET /s/silkscreen/v6/m8JUjfVPf62XiF7kO-i9aAhAfmyi2A.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://sonicairdrop.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7524\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 06 Feb 2026 13:37:07 GMT\r\nexpires: Sat, 06 Feb 2027 13:37:07 GMT\r\ncache-control: public, max-age=31536000\r\nage: 215444\r\nlast-modified: Mon, 08 Sep 2025 18:13:38 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7524,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7524, version 1.0","md5":"658004a4448ebcc98820a90d5ff555e1","sha1":"67996e4e8c294851ad11955a5786a1158b7372a3","sha256":"5741b7f01a127f40ed70281fa2f686e8fc2cfe241930a120e4d1a1cebe78f995","sha512":"0bbe93f2fc27627b972b74e94ebe5c583b98a0ad92ae262f2af89ad5a57c0e58ddc3f4c8e485b1e7564e6209fe160ea42f00e0841f78f66314eb27c4d1c8d8b7","ssdeep":"192:Z0dbKSl6YdBbcjJ0lCzo8BRTqVLxQ6rek0VD8ug2+1ISRCtx:Z0hKSlm6XuTELxBd0xv","tlshash":"04f1b03ffd9e4711fb294bb284126e3d7b8e9c264e9e60159b8a03c40c9d829029d1f6","first_seen":"2025-09-18T21:23:16.402034Z","last_seen":"2026-06-07T21:45:36.07934Z","times_seen":167,"resource_available":false,"data":null}},"time_used":375,"timings":{"blocked":182,"dns":1,"connect":9,"send":0,"wait":8,"receive":1,"ssl":171},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.coingecko.com/api/v3/coins/troll-sol?localization=false\u0026tickers=false\u0026market_data=true\u0026community_data=false\u0026developer_data=false\u0026sparkline=false","fqdn":"api.coingecko.com","domain":"coingecko.com","tld":"com"},"ip":{"addr":"104.20.41.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:51.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.coingecko.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 16:24:57 GMT","end":"Tue, 07 Apr 2026 17:24:54 GMT"},"fingerprint":{"sha1":"E1:4B:1B:A2:D2:C9:EC:37:56:C9:D8:56:DB:77:06:13:2D:BE:F6:F6","sha256":"D7:85:C0:6E:4F:51:BC:EA:FD:4C:47:BA:06:EF:6F:72:CB:A0:B2:59:C7:8E:4E:38:22:A4:6C:6E:32:39:D6:A8"}}},"request":{"raw":"GET /api/v3/coins/troll-sol?localization=false\u0026tickers=false\u0026market_data=true\u0026community_data=false\u0026developer_data=false\u0026sparkline=false HTTP/1.1\r\nHost: api.coingecko.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sonicairdrop.vip/\r\nOrigin: https://sonicairdrop.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 09 Feb 2026 01:27:51 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS\r\naccess-control-expose-headers: link, per-page, total\r\naccess-control-max-age: 7200\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\naccess-control-request-method: *\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization\r\nvary: Accept-Encoding, Origin\r\ncontent-encoding: gzip\r\ncache-control: no-cache\r\nx-request-id: 08e91f06-d8d0-4429-b815-3aa2ca7e8deb\r\nx-runtime: 0.004665\r\ncontent-security-policy-report-only: script-src https://accounts.google.com/gsi/client; frame-src https://accounts.google.com/gsi/; connect-src https://accounts.google.com/gsi/;\r\nstrict-transport-security: max-age=15724800; includeSubdomains\r\ncf-cache-status: EXPIRED\r\ncf-ray: 9caf963439eb4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"46dfdf5ce0639d29ca80a527a6ab6da5","sha1":"940055dd6eea55577c5119d67c3fb95c14c4cc59","sha256":"6bc1ea2a2ab04ba73a3eb2ce20bd1d924cecf6f5cdc55c26edd63f9354a7970c","sha512":"eed65fd80b4508b2fe0ee6b4fe9352b214b29e20fd7a38de80e7d94e2c8926f8bb128b7d7553e39fd8495ffa08e93323f758d86d83332706d5653a77d869d8ca","ssdeep":"","tlshash":"b780002c0282020e2822e0a00a88283020882280b820ce220800820800800828c00088","first_seen":"2025-09-02T17:52:49.926491Z","last_seen":"2026-04-30T05:53:43.493729Z","times_seen":10,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":58,"dns":34,"connect":1,"send":0,"wait":149,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.coingecko.com/api/v3/coins/troll-2?localization=false\u0026tickers=false\u0026market_data=true\u0026community_data=false\u0026developer_data=false\u0026sparkline=false","fqdn":"api.coingecko.com","domain":"coingecko.com","tld":"com"},"ip":{"addr":"104.20.41.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:52.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.coingecko.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 16:24:57 GMT","end":"Tue, 07 Apr 2026 17:24:54 GMT"},"fingerprint":{"sha1":"E1:4B:1B:A2:D2:C9:EC:37:56:C9:D8:56:DB:77:06:13:2D:BE:F6:F6","sha256":"D7:85:C0:6E:4F:51:BC:EA:FD:4C:47:BA:06:EF:6F:72:CB:A0:B2:59:C7:8E:4E:38:22:A4:6C:6E:32:39:D6:A8"}}},"request":{"raw":"GET /api/v3/coins/troll-2?localization=false\u0026tickers=false\u0026market_data=true\u0026community_data=false\u0026developer_data=false\u0026sparkline=false HTTP/1.1\r\nHost: api.coingecko.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sonicairdrop.vip/\r\nOrigin: https://sonicairdrop.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 09 Feb 2026 01:27:52 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS\r\naccess-control-expose-headers: link, per-page, total\r\naccess-control-max-age: 7200\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=30, public, must-revalidate, s-maxage=30\r\naccess-control-request-method: *\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization\r\nvary: Accept-Encoding, Origin\r\ncontent-encoding: gzip\r\netag: W/\"384900bfa7c50e902d83d5fd64183b1a\"\r\nx-request-id: 8619c456-6abd-4229-89d4-f6f90a3733a1\r\nx-runtime: 0.065997\r\nalternate-protocol: 443:npn-spdy/2\r\ncontent-security-policy-report-only: script-src https://accounts.google.com/gsi/client; frame-src https://accounts.google.com/gsi/; connect-src https://accounts.google.com/gsi/;\r\nstrict-transport-security: max-age=15724800; includeSubdomains\r\ncf-cache-status: EXPIRED\r\ncf-ray: 9caf9637ee5f4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28397,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"83c4c98e6f898f955453098ec3d2151e","sha1":"cd5477d682efcc7195fb3af951987a822d6b4abd","sha256":"38f949e3dcc988cea36a656a247095a842454a356bbb66c96555d30b65e8d59d","sha512":"8481354f01631ae8db57b890ce75aefe4c632b95ba7c6c33b694982ddf441ec80d988ce7b98226ce193e21ea0f0c9b79a7f4313e00238eb8ef241ccd161ecc61","ssdeep":"384:6ASrfnUYc7hCUIDG1Lv29pjCR744+hBT7D4vE9vqbMcGBOfsgCO6PWZfde:5qg67CZhEAbx+","tlshash":"afd2c7714ffc91b9a4bd57cc0e4234bd986db1ba0005aeeb32a49d5c91e81bf358b41e","first_seen":"2026-02-09T01:28:13.962033Z","last_seen":"2026-02-09T01:28:13.962033Z","times_seen":1,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sonicairdrop.vip/api/visit","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:52.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sonicairdrop.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 07:59:40 GMT","end":"Sat, 25 Apr 2026 08:59:30 GMT"},"fingerprint":{"sha1":"8B:FC:29:94:84:E4:9C:4A:5A:E5:1B:8B:EC:9C:5E:24:BE:94:5D:7D","sha256":"70:21:B3:76:D5:13:2B:21:25:00:3C:C8:1E:76:74:CD:0C:3F:8A:B7:AC:8F:4C:FE:B5:0A:13:67:38:B8:31:07"}}},"request":{"raw":"POST /api/visit HTTP/1.1\r\nHost: sonicairdrop.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sonicairdrop.vip/\r\nOrigin: https://sonicairdrop.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 09 Feb 2026 01:27:52 GMT\r\ncontent-type: text/plain;charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KVDUF0%2B2ETyBsltw3iHV%2FPIbgQMN%2FwcDgr1KkrS74uihD8mw4%2B%2Bk2ik9Fa71bjQiqTWgruIoM3q0%2BQCIX9OAz7e3XFRJIm%2BtygLNqm%2FP9zk%3D\"}]}\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9caf963638b41525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-06-08T16:36:13.376714Z","times_seen":423547,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.coingecko.com/api/v3/search?query=troll","fqdn":"api.coingecko.com","domain":"coingecko.com","tld":"com"},"ip":{"addr":"104.20.41.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:52.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.coingecko.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 16:24:57 GMT","end":"Tue, 07 Apr 2026 17:24:54 GMT"},"fingerprint":{"sha1":"E1:4B:1B:A2:D2:C9:EC:37:56:C9:D8:56:DB:77:06:13:2D:BE:F6:F6","sha256":"D7:85:C0:6E:4F:51:BC:EA:FD:4C:47:BA:06:EF:6F:72:CB:A0:B2:59:C7:8E:4E:38:22:A4:6C:6E:32:39:D6:A8"}}},"request":{"raw":"GET /api/v3/search?query=troll HTTP/1.1\r\nHost: api.coingecko.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sonicairdrop.vip/\r\nOrigin: https://sonicairdrop.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 09 Feb 2026 01:27:52 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS\r\naccess-control-expose-headers: link, per-page, total\r\naccess-control-max-age: 7200\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=30, public, must-revalidate, s-maxage=600\r\naccess-control-request-method: *\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization\r\nvary: Accept-Encoding, Origin\r\ncontent-encoding: gzip\r\netag: W/\"3a5a060e549cd74ac3441333b76a9725\"\r\nx-request-id: 6b9381be-30f3-45b5-b94e-d4cbe96056a2\r\nx-runtime: 0.075227\r\nalternate-protocol: 443:npn-spdy/2\r\ncontent-security-policy-report-only: script-src https://accounts.google.com/gsi/client; frame-src https://accounts.google.com/gsi/; connect-src https://accounts.google.com/gsi/;\r\nstrict-transport-security: max-age=15724800; includeSubdomains\r\ncf-cache-status: EXPIRED\r\ncf-ray: 9caf96365c4e4c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6297,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"cc2191ffc0871d9690891cb89c756161","sha1":"bcec701420b419426012c85ee16de6984a30d9c0","sha256":"4d26b2ecd8450d77eb23427617559991092283fac9fb01e8026c055f0b10b9aa","sha512":"c47121cfc310d4711c59a7140848e0911890f6661c1c437e85cf47d6dbc8fc1aa6744bae469221a84f48f5c9f7fbfa079b74ce850e8ccc8629a29c2327cb692a","ssdeep":"96:HWeVxOWRkdafDF01OlEz2kIzqIcHUAQODntcNEAf7IbV1mW2uHWn0NemKCMiMaox:hf2MO/90MBipInMRiRoS8Q8WxY","tlshash":"fad169925767acdf57c065a3719b2e4c8c46394a49c0ee4b7e7cce8d06c86c224ea3d6","first_seen":"2026-02-09T01:28:13.963869Z","last_seen":"2026-02-09T01:28:13.963869Z","times_seen":1,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sonicairdrop.vip/","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-09T01:27:50.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sonicairdrop.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 07:59:40 GMT","end":"Sat, 25 Apr 2026 08:59:30 GMT"},"fingerprint":{"sha1":"8B:FC:29:94:84:E4:9C:4A:5A:E5:1B:8B:EC:9C:5E:24:BE:94:5D:7D","sha256":"70:21:B3:76:D5:13:2B:21:25:00:3C:C8:1E:76:74:CD:0C:3F:8A:B7:AC:8F:4C:FE:B5:0A:13:67:38:B8:31:07"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: sonicairdrop.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 09 Feb 2026 01:27:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 07 Aug 2025 20:49:50 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5iZ0ABo9TLz19bWOfXiq1RlIKxvxIMjL%2BhmVKM6Mxc4Sv0f0tKzDZIVKKMED6%2F%2FTfYBXCSehyQBrI4sSc1%2FSSzNHZu6WPvfmfXxIXLkkFvw%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9caf962e59cda0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":18409,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"7727330579d589a214469b114abb30ea","sha1":"02b311c9e51b93757314dc245a0dfd0b9df2656a","sha256":"341b2e0d55f31a9637d833bd48f456b91bfccc9f29fd0c823e6cf62bae10d990","sha512":"ffefa49f8098152be0617f933fa237ed0301c457be932b46aafa3eae7b8d68513b20319c8691a4112716ffd08d388b3c8e24c817f2de0357fccf61c0f6bf45c9","ssdeep":"384:GOSjWfuRsTx2Tpx6KUsnHlQvkEar+4iTT+75kV5ggJrx:G3TRgT/8+4CV","tlshash":"8682b8e1fb0d383e920a619d597863cf607ee4339d064cfbbc6e626840d941f522da79","first_seen":"2026-02-09T01:05:11.231887Z","last_seen":"2026-02-09T01:28:13.964783Z","times_seen":2,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":59,"dns":34,"connect":1,"send":0,"wait":292,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/silkscreen/v6/m8JXjfVPf62XiF7kO-i9YLNlaw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:51.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:55 GMT","end":"Mon, 06 Apr 2026 08:37:54 GMT"},"fingerprint":{"sha1":"C9:11:F3:8A:1F:95:BA:78:F0:71:09:AC:AA:E5:AC:D1:ED:83:E4:04","sha256":"61:45:36:53:9C:8E:E6:E3:72:93:D5:B6:2E:25:31:08:2F:70:5B:C8:FA:43:EA:70:B8:CE:11:BF:74:C7:92:98"}}},"request":{"raw":"GET /s/silkscreen/v6/m8JXjfVPf62XiF7kO-i9YLNlaw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://sonicairdrop.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8404\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 07 Feb 2026 18:46:22 GMT\r\nexpires: Sun, 07 Feb 2027 18:46:22 GMT\r\ncache-control: public, max-age=31536000\r\nage: 110489\r\nlast-modified: Mon, 08 Sep 2025 18:16:49 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8404,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8404, version 1.0","md5":"5eef6cee3f3dc19e37add9708df39a80","sha1":"c40ed2272b0b88f50daaf87b6e6e944ef4ad9534","sha256":"e6c72ea4702249202bcdd79d3343057e4e25ef1f04e3fcffd8602ab53b40b4cc","sha512":"c7ffdd5e2ced689c8bc15d087b623f9e9c800629520587c867118f6321af1ac45a2a0622731d039737e9560e59c504ac8328c93ba968ca6fb1d47c331c755098","ssdeep":"96:xVl453WtoFwxKzfS+9yF0JuvWTVQyIjr6INYSzIzMZMAJ8AcpxBrbfHHZ0hpKvkL:flnoFwMSLFATp5QIAZRGBrbgpKvbFDS","tlshash":"7002ae33e4091d4bd6be2ff1aa49027d0652be27cbe0bdaa41f42d179993091f613984","first_seen":"2025-09-18T21:23:16.404647Z","last_seen":"2026-06-07T21:45:36.08258Z","times_seen":448,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":121,"dns":1,"connect":7,"send":0,"wait":8,"receive":1,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sonicairdrop.vip/favicon.svg","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:51.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sonicairdrop.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 07:59:40 GMT","end":"Sat, 25 Apr 2026 08:59:30 GMT"},"fingerprint":{"sha1":"8B:FC:29:94:84:E4:9C:4A:5A:E5:1B:8B:EC:9C:5E:24:BE:94:5D:7D","sha256":"70:21:B3:76:D5:13:2B:21:25:00:3C:C8:1E:76:74:CD:0C:3F:8A:B7:AC:8F:4C:FE:B5:0A:13:67:38:B8:31:07"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: sonicairdrop.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sonicairdrop.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 09 Feb 2026 01:27:51 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wgm3NEzw0CtMgylGJV%2FXv6NxScEAJkT9vrBqvxDndKEHEexFZN%2BLR7Yi2L7%2B%2FCEFuISnNr3BgM313yo5S%2B6PFdX0QSQCwDI35YQgXz4anq0%3D\"}]}\r\npriority: u=6,i=?0\r\nlast-modified: Thu, 07 Aug 2025 20:32:02 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\ncontent-encoding: br\r\nage: 1384\r\ncf-cache-status: HIT\r\netag: W/\"68950d42-15d\"\r\ncf-ray: 9caf9635f8a11525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":349,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"417f598ecfc064ea4e4f89c14fea5461","sha1":"c8749bf4befe41d8928596ec33de85dd66bf3806","sha256":"3cec8ffa90406eb6d20617305c551eb2e577c0d97fd5ed8f2ff9c17df8fd9c6c","sha512":"64c07fadef5b3f7a2db165dcdd8758e5949b726e7d212e7ca5d4ef623de135a19f86454c0abc6b45513da1e233065b4cb595c5ea533466499599e3e439398829","ssdeep":"","tlshash":"0ee0c047b1c40709cb348c0a67043c59ec0e70d44885455cf4d4721bacc69a12295609","first_seen":"2025-09-02T17:52:49.936144Z","last_seen":"2026-02-09T01:28:13.966375Z","times_seen":5,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sonicairdrop.vip/api/config","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:51.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sonicairdrop.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 07:59:40 GMT","end":"Sat, 25 Apr 2026 08:59:30 GMT"},"fingerprint":{"sha1":"8B:FC:29:94:84:E4:9C:4A:5A:E5:1B:8B:EC:9C:5E:24:BE:94:5D:7D","sha256":"70:21:B3:76:D5:13:2B:21:25:00:3C:C8:1E:76:74:CD:0C:3F:8A:B7:AC:8F:4C:FE:B5:0A:13:67:38:B8:31:07"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: sonicairdrop.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sonicairdrop.vip/\r\ncontent-language: en-US,q=0.8;en\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 09 Feb 2026 01:27:52 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M8EFQj%2FfGZ%2FH%2FytOS9LzVlnhrCpgln6zIN870UzCpabKcOO5qiCzYjig8ExZ%2FlFyao6YyksxLeM1IwFzZBdBEA0IRRMIJrlu08HFRddC6oU%3D\"}]}\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9caf9635f8a61525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":184,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"data","md5":"76b280c18bb0c30259133100347045f3","sha1":"2a048fbbd048446c55cf66ebf04b988b7b22c8c4","sha256":"e16183e7344b8a1a5d16013989d3d916716043e67f8944d9a37cac664b6d1ef8","sha512":"fa7ce0d3e73935b3dfc5667b4e8ce72f2e63fff31c4101ffd5b9871ed0286a4a96d9bec31eb52599701b17c9723cdd5575af67ea2b73c99c0a3f7e4a3e97c5d5","ssdeep":"","tlshash":"3dd075a33603e30c9783702a5f6040c4ddc38c9278e91440c4b53b0e31a22f0dc87909","first_seen":"2026-02-09T01:28:13.967179Z","last_seen":"2026-02-09T01:28:13.967179Z","times_seen":1,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sonicairdrop.vip/logo.avif","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:51.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sonicairdrop.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 07:59:40 GMT","end":"Sat, 25 Apr 2026 08:59:30 GMT"},"fingerprint":{"sha1":"8B:FC:29:94:84:E4:9C:4A:5A:E5:1B:8B:EC:9C:5E:24:BE:94:5D:7D","sha256":"70:21:B3:76:D5:13:2B:21:25:00:3C:C8:1E:76:74:CD:0C:3F:8A:B7:AC:8F:4C:FE:B5:0A:13:67:38:B8:31:07"}}},"request":{"raw":"GET /logo.avif HTTP/1.1\r\nHost: sonicairdrop.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sonicairdrop.vip/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 09 Feb 2026 01:27:51 GMT\r\ncontent-type: image/avif\r\ncontent-length: 12693\r\npriority: u=4,i=?0\r\nlast-modified: Thu, 07 Aug 2025 20:32:02 GMT\r\netag: \"68950d42-3195\"\r\naccept-ranges: bytes\r\nage: 1384\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sBiWcXHE9VKGvvDqag4psnOs%2FJJR9r%2F9kmRQ47udJhS54I9%2F027Tk3p1sxR9Zh3ORYLFvhFs500T0enmoVPKonojCBCs8o5a3JJ%2FpK50rhs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9caf963138721525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12693,"size_decoded":0,"mime_type":"image/avif","magic":"ISO Media, AVIF Image","md5":"f7a9f89b42a355108889d02870ce56ae","sha1":"27336152776272944f5e148b8142ad15c9120e2e","sha256":"ae0f4805bb6618519a84017c1dd293d18d6b6b061d9ccd0289d9f1cb7ecf91cc","sha512":"cc909e315f31b51e9953e1f96eb2d525f446c28aeab94a7a1b3e3da0273f4764ae0caf11bd4ca1f55c119f967ae2fc3c0f69b4134f3498e355cfd6120ad53030","ssdeep":"192:+zC+ZU6ymMebd5gcsP2HvFoZ/+c0DTGoW8+UL40bWegbkM3oQnR8wD:SvKqNu+TDq1N0bWe/B68wD","tlshash":"d142cf9e107b1c05e91a18774852068b83c8eac36d47d287cccce8342d2cddbc9ea96a","first_seen":"2025-08-03T11:52:26.390469Z","last_seen":"2026-02-09T01:28:13.968075Z","times_seen":9,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:51.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:56 GMT","end":"Mon, 06 Apr 2026 08:37:55 GMT"},"fingerprint":{"sha1":"DE:3B:B4:94:98:33:3A:CB:2A:A9:96:A1:CB:19:8C:84:B5:8D:23:E9","sha256":"D0:A1:5A:83:80:77:19:74:AA:CB:27:69:4A:C7:2C:F0:DA:06:9C:79:1E:07:77:9A:4D:7B:5D:AA:A2:D2:D4:E9"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sonicairdrop.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 09 Feb 2026 01:27:51 GMT\r\ndate: Mon, 09 Feb 2026 01:27:51 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-06-08T16:50:07.809328Z","times_seen":29617,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sonicairdrop.vip/api/is-banned","fqdn":"sonicairdrop.vip","domain":"sonicairdrop.vip","tld":"vip"},"ip":{"addr":"172.67.184.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:51.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sonicairdrop.vip","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 25 Jan 2026 07:59:40 GMT","end":"Sat, 25 Apr 2026 08:59:30 GMT"},"fingerprint":{"sha1":"8B:FC:29:94:84:E4:9C:4A:5A:E5:1B:8B:EC:9C:5E:24:BE:94:5D:7D","sha256":"70:21:B3:76:D5:13:2B:21:25:00:3C:C8:1E:76:74:CD:0C:3F:8A:B7:AC:8F:4C:FE:B5:0A:13:67:38:B8:31:07"}}},"request":{"raw":"GET /api/is-banned HTTP/1.1\r\nHost: sonicairdrop.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sonicairdrop.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Mon, 09 Feb 2026 01:27:52 GMT\r\ncontent-type: text/plain;charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PuZ%2B8SEocDEuFnKfu2lwgzNZwPKWAp%2FSPUE%2BIfKMgNySP82gZ1ArpTR9YFW9So1s5A9Bk0C14HPaK2pLG3gGp%2B8X0RTDRqRfXFij1EXODto%3D\"}]}\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncache-control: private, max-age=300\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9caf9635f8a31525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"cfcd208495d565ef66e7dff9f98764da","sha1":"b6589fc6ab0dc82cf12099d1c2d40ab994e8410c","sha256":"5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9","sha512":"31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99","ssdeep":"","tlshash":"c700000000000000c00000300000000000000000000000000000000000000000000000","first_seen":"2023-03-07T01:37:31Z","last_seen":"2026-06-08T16:19:21.739469Z","times_seen":114415,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-09","alert":"Sinkholed","trigger":"sonicairdrop.vip","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Silkscreen:wght@400;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://sonicairdrop.vip/","date":"2026-02-09T01:27:51.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:56 GMT","end":"Mon, 06 Apr 2026 08:37:55 GMT"},"fingerprint":{"sha1":"DE:3B:B4:94:98:33:3A:CB:2A:A9:96:A1:CB:19:8C:84:B5:8D:23:E9","sha256":"D0:A1:5A:83:80:77:19:74:AA:CB:27:69:4A:C7:2C:F0:DA:06:9C:79:1E:07:77:9A:4D:7B:5D:AA:A2:D2:D4:E9"}}},"request":{"raw":"GET /css2?family=Silkscreen:wght@400;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sonicairdrop.vip/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 09 Feb 2026 01:27:51 GMT\r\ndate: Mon, 09 Feb 2026 01:27:51 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1720,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"6d31cb0b0c5334f82ddca613a0401944","sha1":"1f9cefa0fe9da9cf3b147680ca5b517961001f66","sha256":"a6864b92dbfb8c0ee810a80aaca13966dba33083ad66d41a9ea32bac4a0f4389","sha512":"aee3c9c9b150ef22c61551851c0785f57ad0ef63b3b27b24b7e579375a3c99430fde575e0b8dda3de2e8e36caf1a8b74f877c35da76d91cf960701201889c70f","ssdeep":"","tlshash":"7d31f2d2082b9504dfd30dc312ca7d33fe1e62906400e9b5aefe14d8ec6ad2a8316b0d","first_seen":"2025-09-18T21:23:16.418421Z","last_seen":"2026-06-05T10:42:39.234448Z","times_seen":28,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":108,"dns":1,"connect":20,"send":0,"wait":33,"receive":0,"ssl":88},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}