{"report_id":"c0aaebf5-0303-45e6-b8fd-8b151268f5b7","version":6,"status":"done","tags":[],"date":"2026-03-28T06:09:42Z","url":{"schema":"https","addr":"one-drop.sbs/","fqdn":"one-drop.sbs","domain":"one-drop.sbs","tld":"sbs"},"ip":{"addr":"172.67.214.217","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"one-drop.sbs/","fqdn":"one-drop.sbs","domain":"one-drop.sbs","tld":"sbs"},"title":"Airdrop Live | Claim Solana Token Airdrops","dom":{"size":344,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (344), with no line terminators","md5":"b3219a0bfefd14862a4addfe852197ca","sha1":"e4d0b5f76ec137b166759810c07d78d844c6b9cc","sha256":"263deff77c1f058224c6a8e1730080b941d38d165d743c5f21a8c5d35ace47ca","sha512":"47aa1dd9e5378ed4f590506983133d6699aca21e96edab8f8be4c54d6c9cb943814b26b574bed173d87c924b4fe2aa289ee4454e18da89417d74994ad6962456","ssdeep":"","tlshash":"28e026e91db5c83564f4128620f5e39c162061a0b611eb8452d9d87bae10fd38c92998","dom_hash":"domhashfa92bf49a0529f3ae8099507699ba65b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"one-drop.sbs/","fqdn":"one-drop.sbs","domain":"one-drop.sbs","tld":"sbs"},"ip":{"addr":"172.67.214.217","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-02T06:09:42Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"dallying-reveler.fontmaxplugin.cc","ip":{"addr":"172.67.172.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-02","domain_rank":0,"first_seen":"2026-02-24T21:05:37.722165Z","last_seen":"2026-03-20T20:37:20.128759Z","alert_count":16,"request_count":4,"received_data":1002687,"sent_data":1908,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"api.coingecko.com","ip":{"addr":"172.66.172.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-03-26","domain_rank":442226,"first_seen":"2018-05-18T12:16:11Z","last_seen":"2026-03-27T20:46:48.047543Z","alert_count":0,"request_count":1,"received_data":1242,"sent_data":477,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"one-drop.sbs","ip":{"addr":"172.67.214.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-16","domain_rank":0,"first_seen":"2026-03-28T06:09:43.595436Z","last_seen":"2026-03-28T06:09:43.595436Z","alert_count":12,"request_count":4,"received_data":3188826,"sent_data":1961,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-22T22:20:05.651051Z","alert_count":0,"request_count":1,"received_data":10794,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"6851e73c37cf1fb20ab740e78c35c660","sha1":"0944e05c68194277c2351bf9d20d10b4bbf04f20","sha256":"edcb5950632390770337109822f6a33f2f001ecc62599d86745905a26b037b2e","sha512":"6a93bafdfb23452fafa451d76284b8b1af50ac68c01152e0feafe9562676eec6ccceae646c189eb145eef3a2d47e0a489054ff7c54266fb5df5bb410a07d78cb","ssdeep":"","tlshash":"54d0235519b5847151d9014610b5e39c7570315477117bc091cdcd3f7e11dd344f5558","size":217,"data":"","first_seen":"2026-03-28T06:09:47.654245Z","last_seen":"2026-03-28T06:09:47.654245Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"one-drop.sbs/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"one-drop.sbs","domain":"one-drop.sbs","tld":"sbs"},"ip":{"addr":"172.67.214.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1be128c9e90ff0cba8e35a3ae20d255c","sha1":"ee9ac09a630156e01f6a4eec592e88a8a1d734f8","sha256":"325bfed017d46e0fa613cfc4a7c1e1118b425e610c02ec1bf7030b9dc3d473ac","sha512":"f937158138e9ab2e46d1421be182a8ee2a2b1269b3222b385ec762476d08cd8b759192067af5b20fdbac5f4d120dfc9e7a00aed8e7c768b008b84ea10efd0716","ssdeep":"768:h0slpGefA3A3m35hjMpqGf2KDlJQTTtCHkhUfRcnq:h0sahjMv2eTUZCE6fRcq","tlshash":"41c2c6cf7ec7787bd372647010bb34cbe2eead04a0945944c210dea8f9a6398955af5c","size":27858,"data":"","first_seen":"2026-03-25T07:46:09.861406Z","last_seen":"2026-04-02T14:50:22.378275Z","times_seen":597,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"dallying-reveler.fontmaxplugin.cc/api/visit?origin=one-drop.sbs","fqdn":"dallying-reveler.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"172.67.172.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://one-drop.sbs/","date":"2026-03-28T06:09:21.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"POST /api/visit?origin=one-drop.sbs HTTP/1.1\r\nHost: dallying-reveler.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://one-drop.sbs/\r\nOrigin: https://one-drop.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 28 Mar 2026 06:09:22 GMT\r\ncontent-type: text/plain;charset=utf-8\r\ncontent-length: 2\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a0HbCmVSYuugiRq5YXVRMvyXc9ZX41YIEBLFNrhUI0IaEQsAf1Dtw7fVcAeQZ1suUKhH01h6feHk%2FWaHXywBchAgSaFxcjEAJuC0%2FPP7m6jfFc8NJ1Za3akq2VqqBO3XVJorqrNYRr%2BCn2468h4uC4he6qg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e34772e9f840afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-04-12T20:46:20.593745Z","times_seen":394761,"resource_available":true,"data":null}},"time_used":438,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":438,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.coingecko.com/api/v3/simple/price?ids=solana\u0026vs_currencies=usd","fqdn":"api.coingecko.com","domain":"coingecko.com","tld":"com"},"ip":{"addr":"172.66.172.219","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://one-drop.sbs/","date":"2026-03-28T06:09:19.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.coingecko.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 07 Mar 2026 16:39:57 GMT","end":"Fri, 05 Jun 2026 17:39:55 GMT"},"fingerprint":{"sha1":"B1:44:A5:9B:AC:F3:25:52:00:21:91:75:61:8B:17:93:85:F4:78:C4","sha256":"E0:56:40:D8:85:96:53:52:4F:90:29:79:2C:CF:17:88:F0:D7:07:24:3B:53:CE:49:85:97:D9:4A:B3:F6:97:4A"}}},"request":{"raw":"GET /api/v3/simple/price?ids=solana\u0026vs_currencies=usd HTTP/1.1\r\nHost: api.coingecko.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://one-drop.sbs/\r\nOrigin: https://one-drop.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 28 Mar 2026 06:09:20 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS\r\naccess-control-expose-headers: link, per-page, total\r\naccess-control-max-age: 7200\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: max-age=30, public, must-revalidate, s-maxage=60\r\naccess-control-request-method: *\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization\r\nvary: Accept-Encoding, Origin\r\ncontent-encoding: gzip\r\netag: W/\"8b37ff46cb7bb1db1def99b4ecd443d4\"\r\nx-request-id: eb901ffb-bfe1-4e1d-ae03-50b7659cc65a\r\nx-runtime: 0.002461\r\nalternate-protocol: 443:npn-spdy/2\r\ncontent-security-policy-report-only: script-src https://accounts.google.com/gsi/client; frame-src https://accounts.google.com/gsi/; connect-src https://accounts.google.com/gsi/;\r\nstrict-transport-security: max-age=15724800; includeSubdomains\r\ncf-cache-status: HIT\r\ncf-ray: 9e3477236a840731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1770db33b1899e45543437cc1e37a3bb","sha1":"40bcbe1e8b4bbbf8ed710d243ab00425756b4e7f","sha256":"a6e03cf1dca7f48636a34956f7906d548452f6168c3f1829a06e7060008c4dfb","sha512":"88d6f5674a91e37ccf4d2195753d3568987e68c3b7d261095c22f9b276800a06a8b33b19e3339b7ccaa549785d5f4c60076af96adc3f885b6c7633936ec228fd","ssdeep":"","tlshash":"0970002000e00f2f0c00002208300200c2822032002c030c080ca880088c38a20808e8","first_seen":"2026-03-28T06:09:47.644555Z","last_seen":"2026-03-28T06:09:47.644555Z","times_seen":1,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":125,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dallying-reveler.fontmaxplugin.cc/api/is-banned","fqdn":"dallying-reveler.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"172.67.172.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://one-drop.sbs/","date":"2026-03-28T06:09:21.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/is-banned HTTP/1.1\r\nHost: dallying-reveler.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://one-drop.sbs/\r\nOrigin: https://one-drop.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 28 Mar 2026 06:09:21 GMT\r\ncontent-type: text/plain;charset=utf-8\r\ncontent-length: 1\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncache-control: private, max-age=300\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yH4y07uSM7aWByAPy3BTBRGe9ZEoZKoCcHn1FzJZhV1gRofX1sw%2FDk8pT9%2FYOI1NDzHJBa6Zf%2FJYau3EYZd7tZ9og3fA0oe0jNofmb2B%2FYfJEcTV5HpAV0c%2FTJFR1pN68NiWrjMkycouDZfFOF0LrSpF0BU%3D\"}]}\r\ncf-ray: 9e34772dfd3ba0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"cfcd208495d565ef66e7dff9f98764da","sha1":"b6589fc6ab0dc82cf12099d1c2d40ab994e8410c","sha256":"5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9","sha512":"31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99","ssdeep":"","tlshash":"c700000000000000c00000300000000000000000000000000000000000000000000000","first_seen":"2023-03-07T01:37:31Z","last_seen":"2026-04-12T20:56:29.315404Z","times_seen":104644,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"one-drop.sbs/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?","fqdn":"one-drop.sbs","domain":"one-drop.sbs","tld":"sbs"},"ip":{"addr":"172.67.214.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://one-drop.sbs/","date":"2026-03-28T06:09:21.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"one-drop.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 09:01:14 GMT","end":"Sun, 14 Jun 2026 09:01:13 GMT"},"fingerprint":{"sha1":"12:26:13:10:FC:57:89:84:AF:D2:77:56:35:15:35:5B:59:76:6A:3A","sha256":"3E:22:8A:42:E5:42:13:5A:35:71:BF:E6:CF:EB:6E:E7:A4:A2:32:2F:E0:66:75:EA:CC:63:F1:4C:76:40:8E:3D"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js? HTTP/1.1\r\nHost: one-drop.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Sat, 28 Mar 2026 06:09:21 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9e34772eae642efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27858,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (27858), with no line terminators","md5":"1be128c9e90ff0cba8e35a3ae20d255c","sha1":"ee9ac09a630156e01f6a4eec592e88a8a1d734f8","sha256":"325bfed017d46e0fa613cfc4a7c1e1118b425e610c02ec1bf7030b9dc3d473ac","sha512":"f937158138e9ab2e46d1421be182a8ee2a2b1269b3222b385ec762476d08cd8b759192067af5b20fdbac5f4d120dfc9e7a00aed8e7c768b008b84ea10efd0716","ssdeep":"768:h0slpGefA3A3m35hjMpqGf2KDlJQTTtCHkhUfRcnq:h0sahjMv2eTUZCE6fRcq","tlshash":"41c2c6cf7ec7787bd372647010bb34cbe2eead04a0945944c210dea8f9a6398955af5c","first_seen":"2026-03-25T07:46:09.861406Z","last_seen":"2026-04-02T14:50:22.378275Z","times_seen":597,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"one-drop.sbs/cdn-cgi/challenge-platform/h/g/jsd/oneshot/ea2d291c0fdc/0.36707159097325237:1774424211:9_pSV23kWGmNtldQToc5YDBzJFUfKD8QS_h75YB-Zx0/9e347720ed7356be","fqdn":"one-drop.sbs","domain":"one-drop.sbs","tld":"sbs"},"ip":{"addr":"172.67.214.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://one-drop.sbs/","date":"2026-03-28T06:09:21.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"one-drop.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 09:01:14 GMT","end":"Sun, 14 Jun 2026 09:01:13 GMT"},"fingerprint":{"sha1":"12:26:13:10:FC:57:89:84:AF:D2:77:56:35:15:35:5B:59:76:6A:3A","sha256":"3E:22:8A:42:E5:42:13:5A:35:71:BF:E6:CF:EB:6E:E7:A4:A2:32:2F:E0:66:75:EA:CC:63:F1:4C:76:40:8E:3D"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/jsd/oneshot/ea2d291c0fdc/0.36707159097325237:1774424211:9_pSV23kWGmNtldQToc5YDBzJFUfKD8QS_h75YB-Zx0/9e347720ed7356be HTTP/1.1\r\nHost: one-drop.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12137\r\nOrigin: https://one-drop.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://one-drop.sbs/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":12137,"data":"y6B0QdM7VrkNNMYMNNu7jVNMtuyVuy0MYMtaBu$0fYkGuvPllq83AYkDBWhuk0lS3uc7Z0ktuacoM137eUh8hulbhghuVSn3uMd0MOuPlYMcrBa6$WQUPtBML9POeiQL60usCZB63$6ns6PXEquuy7oa1rnVuW3fM7TE3qjk00fLoEs1aGedCntKC3ouSr3UE0r+DuMTgxirVocVFVNyjZuMx20uZufsvmoM5UXYPsfbWF8B$6sgGXBV0FuMS70ueaW4U5-Dh50uR-vD2Gs5VuuTgKcunfuM-em0zfkaCuk-WK4fcp5DCquu57$091a7Cge2i916y3ua9oYi2$1uumfRVCf8VYaaYaNY3uh+Huq4Cj3uB1Vo9OK-Us3MT9ffo5i2BkAXTAvnemfjszuxBc56PABgHoj5peuuldW6Bu05agZEW0u$Dsd65sd567Aa8srHirLiNc5rFhVjazefu79UBuucy+zd+3sKKWKx30A71K9+SYKMs+1Tc9Svi5K2q4EqgDDJtTJumQnBXU2+GVpDw60kutJyNL+fjLCPmPZABPAgOjSXkS0PhENa1toMLiq6jPfkT5DosD0Y+GiVGyLPGH4pnlSRo-2NtRJyrRtMoiE0sJbNGvut51aUhTn47rKaianCiMPp3AK3q42Ee1ggXrh56ESRVe7w$0F18eFmDDE7e$hK5F0dKTnJ0tZ60yuTYuTt$hnH2uRQNMUgdHKKvXMPOvF$WjA102rxm1jKCiydWH072uCpNdenC1jJQ8NtQbbB3hkfmHuk8cUd+dQVKQ3CucyCd0i5HfHWdw-M0kYA$Wk6l6Kg0SbRtly1GB6S0Sid4JKVH61LmuO4PuBLuE47WMrQChdLBYh1VkYdKKy3QuVQoCkOtf04Oyod47r3Tc$y3B$0fNY0dVBPnb5BeM0QCY0ogEKBPKurco836dCqUhdnmuuCFmBs1u0hmTh+dAijmB20kmuJ1$Dr3+ifU2dEt3hd-AUy4y-37T+HlWucVBZM-mBxaz7UFTdULz3QrffjXe03pcky6L6l5X+5t3Ok6VdLu5nlhDTqVjGQULnKDrUMpMULSC$35qak4a9fKWdhdjyo2$uXCDGAVo20lah9L0v3AiLAsFo1TjTkb7yuVtOkMDuengeVJQVe05kslBAun-Cqco61JtHw1h0cykNrJdoZVAe5QMCN3hVB8YsdNlEwVsw43B054yyjEypkar3YuoiCZePl3W5yToWPafkYMTt4Y1dq4J9fkQdQJp6WnzMlCVZrBVOdrCmNGyvwkPr4ryQME0n0V5mr0MaxjzB7sn+voYVAAaq$0r3lCn4r21BdHL0m9sXcDDHNlCWdCjMYYydfodAaCnAYMnozN-2voB0+muXCXYzWM+O33nRJohdsPzh$60k5MXJuUaw7Yh00jYr+vtbBuV6fXM6uxCuNrBA-Vp0rXmfYrCmmzuz-wpn846pvVnQeWu0oBydmlEdwL6HRlvMZGRb$ZO++$ZrXEaHKgjAfy72R0lEjzLBVj57ywiFqmN3xqK1PBFRQZJFh02C$kwzzZh0fu9Feu7YTMu1u9q7oskTM0V3u0BM9EibwLXv8y3+kEhWuLs0bMBMiSmMuq0EM$k7UhCum73BgCbRGkLPoUYx-NglkQ5xuu2vor3vUcukfatjm0CNEkjeBmoU$h$gUx3cOTtr5$$kz4S0hl8m-eSjBY7ZSoB0E4suji0ktNdJYK3Jr373EV04mefMv7ooam2bdWOYqoeMgHZANdE3wenvA7apmB-CYl7vWe77TAPL$+UvoVYgBlkss4Pk7UalYn3pV8poAVMfjKEVCed2KUt+4fKaegHLkWmKd0kuaVoAl2K3MUeJW37X5VM1NrOurTdQN7bo5JYsBXT3CVvkuVqeDO4f0hAoV-maOumvaVVqVKP8-f0$AdYsNupu3xfoV1f8lnnK4tTJiXY0d0MiPVgk4U0B$kB84vivTJWuc0GA2MiegksfHTKg0r30$ns6gQDSsp0vCziXeD9m9Pbnqs0mntGTfOMjKkkGPBq6RLgvTBuyldfau5BXKHaHC42nasB5L4uOGENUWhl7vsGUtSz46jn+kdVL19BXx$4nYNHq3J05Hd1pDRqclth0DYapS1rEoJlqSBs2gBWRhu4X4pgYjZBo+WdsdTlK0uTONdgZygXct+4YfTHjXR0ZxyV5hxcmbMDV4XehE4Qg7GMYq4TcU4dDOX052s$UPQaHU3EgGRBM$jmBlEefp1WfylhDz92z71VMN2SbKon0aRqBGK+R0c-mDlV5Kke+oQ5YoZig-BWYJ34wXWMmJlB4XSAlt4Ytrf+EXE84-JNuiNlAdZnrNPmgJEVD5XPBM32$cbLH+i0TTyyB0nH8U7Dyhgy5hAU2BYUcQDaJPv9UeH$58Th8HQY9PxuXsU8gig0URlQX4Bs8o63vxYa3CueE+H9HoVdft2o4tZrajyyiDBU5nnGmGDRauXTGJBGD15HdTno+vpBP84YQdL$gpzOvv3fDdy-PWTMU7GHUalh7HAamNPUrCMQmHyrGOWuzjt4uAmeDeNCuiZomW8Uh$xkskddEXCCu-jVH6PuV6qT+Ynv63BHBoQzGsxnOT+T9KWP7S-8c2yoQgsufaY2beAKuDnEBwAnJMWd9SFR2YyKnrVHYvJLMogigtJUCMwDY7OBDfXwA1vWAhHnNYpn3eSnV8cU2JnWVW9S07RGuoZMzJfx9MX$Y0vffdk86UmvKnm3M$a1Odl8G7Wg0MHBn5UfNuszCZudQsTH2ddBl$U7myWVMBefUbSQgnAe-Tyo+1WxpJDA+iHUowSC8XXG5$a97DfMMdB-2+x$dElGDUVcBMiaLkYrakhtDJgyDzxC46-mpGNZeXqKTkKg05yYeXp+Zf92+u8rrJ3d$tUMuJGyHXwPNtNCG09B8vMKR1$xxkVy+onMNAjLxYfs$u4mUgwN1oR$XttS+Yaa6qkjKZQRgdzSZbjGtx5agSfZfnVEpN+Y+1rriOQk4DufmR$H0NAoeq2hQsbiNpJb3nhBDLaMq$ohLl-Km56hCFlz3FEfSdMD8HYS0-QtUsdTCcU4ef$aY7u-FQ8RPQzAoVa6Sz2xVN2BCzVXavVC+i$UzDT1NntxYh7VjS6cGazyQ5ZDPAonMMyRP151ux7p1B-S7g$XQuDrcfy5m5KOJxnHsWh2nBy593x+n$JXRJ8sWDYMl2bphPl4qr6hgX$$2VZZqDld1h$aNguSX4QQqQMS4Gg3rHpBBU8wvfrvsu89UMgYs8jM-io3HKtHjYKoMkg5XOhdE7cMWCNbgaJX1p++RwGME5xl0Y$MFiyX$m6ytLbpAQl3egfBP6tprhnaFG9P2kr3jA0SL--HL+xlGKzp5jv1+Lzp0-ezbjYHbffXXmQMOYdMM5zQTC04-0u5m+V-jnZre+H1MkxBwxbRCxOlboJBvRL6B1QxZvJYGkpJ-Q0oovaVN3C6JJpHdbOQPVNnZXNu8oGHVvO0LS+YQh7SEg$hT+x0JScxsMBo+VaM3dKxM4QvBYTYkuL25CZuqV6x62afTlyYEd3Y0ftn1Sz21KavaXCn4V13TcWBzV2C5S4J0YzVqMe6yKZnmB3Q3Ak6B$8VNM76nvXbNvHdJvJXNlauYHK+868486vkfuGcnkwM3$nREJThRXBg+uVV7cMn7f4vJx6xYmVmJJ3AOhjfBm+Ygl1S4hRAOVxBcMh3yYmUq39XSbX2aJH$-hJBKKobClMnDoCRUdTv7KD0Cho1kQ7VXKtYp6jCpbY64gzXRn5+BbJgqHPQNcB0J6QJ$bTQ4bthWm9x$6HAugDAsfvcfV+fB$+SU+l1nmlb$hLmqYQfDvrKSujc7VfV1UxllU2SfxO$Wfwm-vwf0kNQJ1+BoSKgj1Tmd6GfwKx0qkjSCKEBwgqMvY4AFJRbtJ8oEMZb-bnXq6AB7HvK8l3HcucRDSch53o0NMCYjcSS$bCl+0rgpf4HkugVr66fhxjuS2-6NKvgthvAOMU23iYY$gToVBGVeb2KlCg6$Yo0tJ12tYvVPkCQuvBf4bS4MbNiFl7Q3$-2tScXUuK$FfqhmVuPcYy4sMWUM3$K12$hcbNCikrV+k6Jq2$hRX73yKaoiURXeQo0iUUl5bvJVsvxUlxcKM0fE33mJCEbTnVPdifVau9oqfV6o05mKuJ1ug7QzxVV7Q7BECO2KPy3UAgMu$dcMSD2d0Sc7krVqkOlrQugVHb$R4ffz$5gKYoSxb7ub6Nn1SKX3sEiCBJ1MMuAo1MRE+bdhKfV3RPu13dkN+9MQxMiskzf5bauWxu$zJaJThU+7BZkakR2ZU1385asc2ni1muXXP+soSzk7kjkhsp2EXdmVPxHLCsSu1nnAYqViY0$nbNo0JM50uUCgkpcOsxgtU4+chssKK4s83CRgv7VXRNHkuYQo0xSnPxlCka6ebKn-5lgHPB5UkqMh4n3ei3HV2RAgYlAxByYfb-hXs-RjxV+ZlFM1xHvdkOsK5uDYAod1A0UB0-SmMY5aludfuFhCXTuHfrff2u9XfhR0UuDj1NuxdN3OmuTe6Z6j9nnzmWo9+Ti06L5xCLsoRQPDdsCmu9XKvA4DkrKD0RS7lPfLADcp3c4v53TL6oDbUb+2xpctgNbbfkkJTjMEkmVmiv+rsQJ0R44rc0idURJZ34h-3K4zmgDQuLoKfknKmmoLocifH0uJ0jMEC89umRgNuZbJ9u6T+cAjkcPYsTBih8hYoc+96yCQotaHAzUXi2+BdScVYiUT2k3Si4laAv+lPt20xBdGKEMt3hbTnBhzuZVvkPkTR8Sfv8vehMuJmz5oRW4m9e4uHlS-H7hQc9XO98YGBw3uAwDA+Ukjx6kChoB2aBdk6oPgQPVAmwfod9ChnCgDAS+tSwDSXGsngUdsdMk7MrSgMHfSgJC1Sk9-HJdvuSC6SCnkAClUMaMHD0hQs$HmJnM4ctHtJCPd6SSuPPh6uhT53bHssecFMUuCBXKfM-ASX1YhuyuNV7aX3ODfX$KO2lVE90iOVpbgin9vBJ9QmuTUQOs0YSD75EDjJH4nkBstaLJ168JSarpCmv3kxNG2oAl5XsvzfvnVukY$9ZPiT3d2J1m1dAbmVoLKv4MWxCThQy2JP$3zfTl+d5MgvrT3Q$oTBsLdaNsw4yTfSHJZ+kX$40GMnhuwKKul3ZSOH8bfVihYcWTWhvTnAtLWmhsmGa+u11Qzb15V59aLCKg6g2cNasTKgnDxmD6ChA2+Mmuv5apkf4hufJSjkdk4VQkZTUManxaFDDdPxegD0aiTC4Cms3DtSUuSmrDLUHCNucAvBi5b+tx1V0x0xfudfTibb$i1fGM4AtbtHOJqk4DElrKwo9PQDDY8X6vr5jAzU1YkBzJMShUUVSH0x9gDfHGJ66LK56sBahxyxnVC9jMN2iMRhnsJC6DPiZgK+1o3s8L8GqVX9$v-cJvFRmkJXtj-l59r4fcMmaBv3gPTbT6xCVRSs$6lDLkeK2hmn4xwGlMW0w$7sBi0vH0BmjknXLCZnmkpJCAg2k6XUmU85umEoPjFMUA85THHssTVs-2B1tivSCgejG6JxyYyRfXb9$iuXLpHovMzouGiDje7n+dlLsaCh35gkaQM3waJdScx+u1hKyc9vFVQQS4Zh4CiA9HyAOJzRzf6PaoWjJAPu6XKymJjk+fO9yScijVoGVX54VHRCHsh3BRu9X6oP054ozuzkFug22JTRyjfo6Q3cgVMy+bGhuaodaPodtSRgqD+M3XZ4OBim02s$ClC$2eAj0V$Lr4-hJtKuScNouXGmlMiMoxASWUtrZkH0dHGj0iWl4cOiZmkkki0t6G2GalUBUGjL$ijLfLrjNjvl5j5kmVPM+2D97b$PdeoBjfTT19q2Zh-XegSR-v-vh5Ts3bV936SJ4C1SB6H6PQ5SRvuLeHifUsp5541rPMPVm9Ri7Rh4rkoPrTU+j0ADuaTKvcaV9K4uWU4LHJ2JDUo+ugDAhLJyU5UVV2mhvg-shANJTR-p9Xgm7Kmftk5oOsrUakrAu0hgfBgVKCkCMTS3M28tn5WiUpD2b0E3ZyGYwu0RuTVf71iGM3EkmmVGuHOpCQFRjasDlTGUYCM3X4nngeV$QUdD$2EJxUXYfeKe9ygVpt4e15YjdVnjGkw9oD7LfjdLv3x4oaW99v-GzGaJHO1SzmfgrTBhC$uNyxPuBtauvLlcmiG5PiraLT7ZLjo2E8r9tXayPjMTvHXoCoOyvgK+yhz4mM1xtg5LjS1b2N9+ROdjsSgTTGu6t9DHzM1Y2HQlQldV1rX9rKSKvXLiLrhRECz2PX3fmPNGUhjfv4ZVqMNmdyTVE4t526P5XpCl5eOu$TDb8TzGn55AUjJrTLNLP5piOMsS5ngsEYZgOf1tOHXvxyVT3bLPjd+hAQyPnsJ9urfpLNEmyhpmZjT65x1JacZpmHpndVPrGMWLBAsLdVnk2Rtx+PjVObw9g6o0-vahzKNV2RE3jy7KZM-D6SudPpxpB02yh8qkqQ$pjP5pjNgjTtNV8VzPL8eQkknuwnB$0jkHMk+p$8fv8AnetaeRmMpeYt6tWc6epJdY7HzSlsJbDkQuGuuGTbNtfvhLrybZmHktgS7LlNx4dpoq5LTC1itLKHdjdMliahRnuvlv+BMnbA1YkGVGw9jVZl5Z+fJd+6MK6sPHeQ9L+ZpyuT5PdAw9ibyvhOQO+Y-gDVTbHvfVKlOCQkmrVUrXPPtsussY7gdtxQRWnCF5liO$6S-uCxD5B0iArZGtN+ANpN6qxo5aTQ4eqU8oGpWeyySDmTdHKvXegtQQsmo-PtDSlLGsJG6bxl+SEjlZeLaaqxaB0$1R+Mbp-tlkrvWvHChk9PpS53m9+S08ct1TW$SrLkDVOWjPalRienAPZbB91211wZoTf6shd8bpr-Ha+sp5EHbDcQcQLXh81tjdCPgMbhPq$aX3Cb4euHVZsHCKRTCgsJiVEC3OaaSLFklQUGMjdgnDRS+DuDM9+-uOFxkHkHUyHAFVUJluuvmndaJrKa9vOiPuVrGoH6Mnx4P8$fb1L9JvsUu8rTDGnMVy$KwyPxdkMRpOXZhUhMpZpjBH8CRvwZkxe+HaTtGUpq2QZkiNfEy+$52fLQUjW2KujeHjJXaN6$NWEq-CsEDWaFp80ZH0G8quNlLpgMd9B1tn2nKzTbSG4Wlue9gumAW2WP0aGebR1d5pQqfhiPMYHXntUHRAo$+SUb7KBYbKKOV$x4MlBdkjl679O0K08qT96ZiDSM1xz5Jc+5+MgiN6+bpC+dMkguroMnbjN75O27FYR7$4TT++mqA+bX8FaMWf1gz3+y+yh3gr01AOlDqMzxkP9ZV+xX9sO5O5vH88TbOsmS5nov53-enrbgnt$Z1lOy4CkB1lvvYa0FTKjUKizfsG-zzEtE0kHpkVgZWWqRw7zBaa4gCqPU+$WU4EnvwiHfvUUMzBVzrOQL7jsLXPVS+EovcqTlG7xegMyUdm59Cl+GWKjUJPnVXzFMUX+d1AncAqGfcdlk+K4mou0pn0if30uo4WsnCV15Yvd$dKu05f3mnN1uq3S4Obulb8rfKAXMf0cPNnmCcu$x7QyLGfKDMvgeVKmOfodhCYWPRJM0KnnPKYyv0QT-5dK5-HLzXwHWqYtEfHko5gHwonTuC$gnzolESpqYl5uybqncuwoBPf8GSx7rPEWuqYtruuC0Mvdy02XuHQGkduZHGOymkMsafG-YYvTtBgHBK0JVE0HJeKQmKakxs4Nw0NWVH$NVKBzBzsqu+3o5vgVz0TN+6kVn3li-o3PauSVBVR$aa1uayKstft4KnkUuj3gmidumMCVCWH8nBW0$VdCkloE3j9ULA$da0bYjWnctVM+UbOa$C3Ef$lMYmfa$jlU7H4arm07X+E43E1tzA2VyVB3c31u-mPomWC7Mrm7ft4VelOVz0R0DHmuAmfTVCNb3ORBqjiuTV-jaCWf8TiPmpsS0Y0W2veTkuTkamof-MHC3GUdM-ta2SjOH4GAyVc$esV6n91KUhVr$bKnBxsykVDnF+h3PsXKUY$1hifWoA6KbkwuqVz04ff3kkGXJa$8s8aYglzUVUbMdY8JmfYYDVUKk+3VB5v$zfr+ya2WQsyf3X0CU-kkVa8efY0KnUq3M0rplzmTMlmB1rn9jQAAE+K$RCCupUmYlKAmuNlv8S3dfBvm+mn3o+K7M+tVVSfYHSs3HZYyj$-dTX00my-s-jVqCrCXn78Bxltf5f7SQ0SPUAXVrsfV7DWxJrfxcAuUbkGrWWMJy4VGdCOloRBb+tDnG3jd2EwupPVDKVC$VE0yHdcXKUMmfz4$s0VyXKVamoCZnL0Jf7PiyAOMQnHYA+rEQkfn19nZKxx0EiKAA5gugo-ieB+Dft3SVYuyrDmlPmS1xBWt9r-fp+AhdwYX-BNaZpMufX-oqjK7koMvUodS010z3H3V$MgMwBL31Hqd$OcAVW$A3LB99pou5-BCT14UgmfJd3zEr6ojfTj4xfbXCn5025rWnLXNdRCpuMNxtt$kwd8j7S4d+G+pm40S0Qae7DGrXux0bVoJu2raBk0ThdCWokt+wank1kzP64quAPBE073R$MRqJyuG+fsYPj6H53y3kYke3hm4suy8VVus048uaye+XEUEK40r63i2YSG105FkLuJkYyg6mpAAdSsDfP8tVu2$hTN6DCQ5MPUMuZ$Cuwuu3tYUxAHETtCsW4$ferkS6rNgr+WQs10crno0y0yABUiY5i3aYvg9Kl8nfuVKEuWsBBtlluMAU7gCdVXQltLhzo8WSZDGrrdnMNUJP1Uk5Mgpl2J1hube-ptYAWVw5EuCFBEZ4fQbLuTGOSeS05UY5J6nNHeVotF5wMgMhazrVGZdpEVmS1r3rycuhmzm6UgM2MrfunaHKNKfKk01+BKGfMTuRlh0uuUBkMt3iuXoyQLZ4mHMuOH8OUB0-XoUUm60un+OjrvjoAsn7M39sf7nGlFM867iuUtt4RkxsdByuqHy1QZOUC4a80OdJYB+68fy006uWjxx6Oz0U3tXNVUskRVOBGwT3ed9EmB$Sw5vao9NmcCNuMXzfRGXtfdPz1n$J2ekgmm8gn-F8p3P0+WazftT+3vrKBt+BnkTCjCHY-gnwjuPDuLX5Br5t+rEJWnCnQoaD$OmeRa$mY$u9Pt+evU4BeXMgTido0wsGTmDp36fBdMtXL1UjGZ7fuUkLUTKpXlm7aSVm$u-1lo4sfCr$jpUo1PuuauSr4t+AbdLuE6OR7hM4hac+3Xr5fucBcMC$yBylrb0NMV1Y7Zu50AHm1d1ca1FMWMK0tGQ0h4Co3u0-2+BMTm$$C0KHRYlafzftuRPyHD0fEkWuTBBaejsRMHuckyaCByYP8uhMWkk4t0VlfGqULhd+TZN1UKG7ytOP6-+YTuuD2TuNdKVLPWuMJmSVi0tnkBCs-GDOUDk443PBuxGK8rEuNu6gbN$PUAlTBCcDu10C3+YfVkZO4tksa6yP$1iAYxYm7v6Tb+EK3HWsifPtxaAZ0SJYYP7FbkABZHUJLu4uftxi+w$kXpSbYN+QDQkiycGhFyt8atPK1eUWhP3MtQb+b5mMzt3S48WGej$LcWBmD+87h+d3W3EDSp+ltF$9PtnuaFe-GSYm1sUcQunNMotb+PJ+u2MF5MJrqBlngkthCEhRtbeLXpc48SaQW39eLX530rYS+GuFeak1cf0ks4HkwTei8cFh60lfrxlYku+7Hkm2gAFyLbAd0U8ZTDlpB09kc6UehDw39yYdHa0NksM3yAA-s+uqJwVwt39+459hthpsnykxi-iVkhhjV50+9LFijQ3Y-VcYUyuQPN+O7REEiZOsg0EC1Nd0-6t-0OihECuKk-GKuHBlXTthTfZztoHC+jQCUTNYu5ov9o8CCULtMNWbe$5dMiHD$t$KMGHJB0UUmVETew9f96VqhhdGjWcmrD-JzBBEVzk0HLm2CYh4rqM76XNVu+KUAdvGmpV7T9uxsV7-C3fO4Pr+WYBK5M-6XVD0+nh6KNcepQHaXLUsedGCMi$qiwns5BKLl2+oQi1uXSrH6YQYX0T-ME5rNvY26fbdMJfCpf-py0vb1TQkuREL0Q-dsC+U$UcKh7N7dO04JaGkR2Mg6HufUJ2tCJ2MHjgj9UTGY9NrwSX1RDaCQUmVFu$c32a-JABBN00XR$2atnunvcmk+NNDaxQt5EJc8DNX-1k++VgEzW4YfgaUcJuS3moyhUE0Ucg6XJQOe9fY9e+Laf+Ww39yMmfud5CtWWyYjdkFQ7gmOt$2VvV$9QJNks20AffnP-JABE+iMDUUxUQzsTLjHmx3eBDLMzt5o$JkrVkJaoS79tQ$ahQHa3XdTEB-NDBflTGcYKCtab8beAdlYswks+kkOVSaZEo6m7WJejkJ$VJkXns9$9EeCatT$ExjDCWVAksZQeXfs96kCf8UKgw6-JsCunjE$3dUTqoidACVnMqEr3foO$DEr71KJr2sgZYAbly9kuHTfNELTAlEDvKcTFdwlY0GODa$rCl49g3-1yTrcAP$gyjS3ykVMMEro++N46Xn6$gz0XK1m$mZ5iKcUS$0Vy3hVHVWJ1TeNOLnZBkP40sLOuYt4ie4aq+S0tEG8a2O15lcjLX25adiQHkWMJLpnfT-CkcTSgmLFsWOxJv5D8CsEh2N8WDNv5LgWLwgsG3prxTmgGhAzf-at1mTyvnLrKzy2tHKDcg$jsKE-SsVtT+gXhx7y-xerXdtvvuKEv$AVB8aVg5TS+Swa2gQakgJYcwWnuWZYkBHZUngdwT3gxapJyLOgbha2Oq5$o$8ARCwDHAqPig5TwOT-x2H09pg5TfVP-aGH09cgHyNVHlxMXF+BQoyVV677$v3DZvT5DVzyx0NTDGgVUSgBLDDgxDs+XUKgd$2eM6Syg2Uq2g1qBoZDz3hV421$WPH6D4g1TpVhvioXp+VQzJooGLnBge9ExV0sdN-agXsDbaPyEdP1WCgaTagDygddzqLdaY-J5TGdpnDt+Tam+6NtRzdll5BLVxxnomHcOYHciKxTyd2KKZDvda8Q25GmiCDMvojwQjU$miC9u8Bjw+sy1Pdl2$gELPSByQPsl4MgyTlQvyy0xl28lFaMn3OZgqsnU83j5QQThKi-9sNKGTM9T421X9eyNjSx55yRcQS4mG9bK5TwDzPfSXPa1QOLGDHLD7OmagxxTyDJPUrZ4ayxKOpKdzK7HtaSYGyKg1vKTgGTOQWCWJJ0tNvRL-QPBbDFSKLH89XvjOxoOd1YVFARgUuFf2Y9WtDLRS8nM+3n-4iECruJU6B2okj5GLEhnyWok7VEuSma$GLX$VuMPVgMeMK5E2FJ0wQGocMN+woURuBmehpN-nugj2Y9uBQp73$w0$JQ8cWPX2fLZG8fxm8VMe2an7PCVqGcha7groe0nSVBf0uuMR4ATf0uVjRR0oTKdWkDJeGyHVsVwM34g3-f4oxnMXuckQXQuMGl6ucNrKV3ror5Ay3uulT0guluBKV3neMz0FsK3etnOM$-9V4aMdMre9mH090N3zKUTyNnb0X-zYw990uoMbuOuit0uM3$uiouuKsUpKb8ubn-g$PANuNurBn8CoDuklndb80f8cAnvgLp2RQ-yus3lcHlV7b4oP80uyJ7RQ-KVqp2NVkG7ROYruDju0fLpRbt-um-my3fCjK0OuX6Se7iNhGJBS0$sTYl180Vnby-n8iEN3mA1nBro7WO0Mnejuqxu0nP92$PfrV6b2323g97omrMugzo-W50upHmu6uvBcWoUT-MOklvRu1uUZnoV0$fUlo$jC0-HrTuG$ja-wQp8Yd01G3eC0auyMPUTMC$7-zfQVliQg+2o1nh3gW0sf85nJUJ9dMgupuckOvr-e0-Hrxm9Gw-j3sMmjA1HlLdKx0af2RH7fNuG$ez8w0ATo$OM2Mx3dWLuBi8f$BMt-D0luluVjMYMBufHSEU$VS56YmH4s2snPu$KrRlX56RsTMAM+i5dnhf8BuRMWMz31uQuyuwpvouP4WufwMjA37zDTndkWuMjlreTDbnjSAu1ruumBXztM+Vt-OeSjCa-MpkA-1vqj9TV-B04A3RUn1dMqfOouuQb+m0uu"}},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-out-s: eGEeE1rfUeaBZAu+37KvCQ==$SnG5AyzNS6f5tr3dul38VA==\r\nset-cookie: cf_clearance=q1pVw_TZPX5o7_zlewOtvynfoQ4zFbrqXmHiCSMDt.o-1774678161-1.2.1.1-FJ_Bl9dxne9132LSc5xpTDkNXtXOy8N9UM35Bq_yEpqkasyw6_94L7Vnmzy_pKyMzPesgWX5.JdvnpGoKBPFYrPM6y3OVsXqAXMyj9lVy0MiiR5ICAqTa8meHRwD_07mSbDwfH4rBu2GAbYTUYMO6okycDguy3c9.xrMqwhRmkzkq1LBfScpnYj1.1QGQxIFgywcVURg06r7MEmkFHkN20PxdPU154GpaFEjWvFpASw; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=one-drop.sbs; Expires=Sun, 28 Mar 2027 06:09:21 GMT\r\ntiming-allow-origin: https://one-drop.sbs\r\ndate: Sat, 28 Mar 2026 06:09:21 GMT\r\ncontent-length: 0\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9e34772f4e682efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T20:55:58.966498Z","times_seen":13677413,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"one-drop.sbs/","fqdn":"one-drop.sbs","domain":"one-drop.sbs","tld":"sbs"},"ip":{"addr":"172.67.214.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-28T06:09:19.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"one-drop.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 09:01:14 GMT","end":"Sun, 14 Jun 2026 09:01:13 GMT"},"fingerprint":{"sha1":"12:26:13:10:FC:57:89:84:AF:D2:77:56:35:15:35:5B:59:76:6A:3A","sha256":"3E:22:8A:42:E5:42:13:5A:35:71:BF:E6:CF:EB:6E:E7:A4:A2:32:2F:E0:66:75:EA:CC:63:F1:4C:76:40:8E:3D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: one-drop.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 28 Mar 2026 06:09:19 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6sNzm%2BuNRXEy7nLkM87PSJLTiC62zkQbiFqzI7WoP8qCVhuDFQZXmP8HLyP4bSoYEm7fdStTF5jEQOq5088IoU9Js3OTqHrTwFJ4C24MZlg%2FGUzXzXR0EgTFgiYf5Sk%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9e347720ed7356be-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3130967,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (52452)","md5":"363a9112a260aaac05de359da98d3684","sha1":"87947da9a6423f7e5d2b451592be20c62ca3ea61","sha256":"9b40326937ddd7e449d2c9b90d0e8131da7fd44d204fdd64e99b71a8d645ef83","sha512":"81f2593a9adb6e4b7f75849ea310ca107613f4144fb8777220858e9bb7d2659962396fd484cdcd5b6b7b9b3191bba54e7126adfe2159f1920000398d5185f5d4","ssdeep":"24576:ocYqh9mfXICgNUl1vbiOl9V8c/8xvXEdlo:ocBQvWPb","tlshash":"a82572b991af15c45b12e460130622406b2df627c908cc1cfacfba9edfd6155ceea6dc","first_seen":"2026-03-28T06:09:47.64826Z","last_seen":"2026-03-28T06:19:13.069351Z","times_seen":2,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":66,"dns":54,"connect":1,"send":0,"wait":62,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dallying-reveler.fontmaxplugin.cc/_nuxt/assets/index.js","fqdn":"dallying-reveler.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"172.67.172.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://one-drop.sbs/","date":"2026-03-28T06:09:19.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /_nuxt/assets/index.js HTTP/1.1\r\nHost: dallying-reveler.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://one-drop.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://one-drop.sbs/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 28 Mar 2026 06:09:20 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 20 Mar 2026 13:49:33 GMT\r\netag: W/\"69bd506d-f4033\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=300, must-revalidate\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GvEI47h51qRXOZjBhaOgUl%2BBiLvZg0JZ%2Bg5Ihm3R%2FIi46eesp2edJETiaEb%2FtJ9Oqcg4NkVavvtfeNMesiwrLUNNrZa5EymxkVfgAbpE1wpwwez6%2FzfZveI9e5e%2B7baHPSWCcIVH57Y6kXqiCNU3Nu1QSmc%3D\"}]}\r\ncf-ray: 9e3477228ad9a0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":999475,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (63044), with no line terminators","md5":"d1597426f697a07c7926cc4a50064a7b","sha1":"bb3220a3bfe25ec6a8752db5095642f87d195581","sha256":"d0846a6ab5a4ec900707fb94a2b1d443b827a2d7f818ef529029414b93aaf5e8","sha512":"7e32c70d58d19cf29c68e9d68d2ee041c87586368e41c7cc6e54a5191252d8a37f8d925d3ed45cf0145260ca3112faceeff3c2f4c0de782aaa2994e647beb83c","ssdeep":"24576:HzRI7jNBZADJvsFQ5TgUsiRQD19mYC46GhBd4B+A7hRE1N1Krt+CG:HJ5TgUsiemYC8hBmFR7t+CG","tlshash":"b42595db110de3789e903cf538b43cb50cdd5881ec2854b8b642bd866937bfb6389a59","first_seen":"2026-03-28T06:09:47.649733Z","last_seen":"2026-03-28T06:09:47.649733Z","times_seen":1,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":49,"dns":24,"connect":1,"send":0,"wait":246,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://one-drop.sbs/","date":"2026-03-28T06:09:21.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 08:37:40 GMT","end":"Mon, 01 Jun 2026 08:37:39 GMT"},"fingerprint":{"sha1":"5F:99:6E:26:2A:3A:DA:FF:7F:0D:EE:C5:8B:2A:01:AE:28:26:AD:C4","sha256":"2B:88:E7:79:70:E5:E9:DE:0E:A9:0A:B8:F1:F5:C6:D6:10:77:F0:C9:0F:E6:2A:13:A3:D6:08:F9:89:A3:60:E8"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://one-drop.sbs/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 28 Mar 2026 06:09:21 GMT\r\ndate: Sat, 28 Mar 2026 06:09:21 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-04-12T21:25:43.214128Z","times_seen":20759,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":172,"dns":2,"connect":7,"send":0,"wait":20,"receive":0,"ssl":159},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"one-drop.sbs/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"one-drop.sbs","domain":"one-drop.sbs","tld":"sbs"},"ip":{"addr":"172.67.214.217","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://one-drop.sbs/","date":"2026-03-28T06:09:21.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"one-drop.sbs","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 09:01:14 GMT","end":"Sun, 14 Jun 2026 09:01:13 GMT"},"fingerprint":{"sha1":"12:26:13:10:FC:57:89:84:AF:D2:77:56:35:15:35:5B:59:76:6A:3A","sha256":"3E:22:8A:42:E5:42:13:5A:35:71:BF:E6:CF:EB:6E:E7:A4:A2:32:2F:E0:66:75:EA:CC:63:F1:4C:76:40:8E:3D"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: one-drop.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\ncontent-length: 0\r\ndate: Sat, 28 Mar 2026 06:09:21 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9e34772dfe522efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27858,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T20:55:58.966498Z","times_seen":13677413,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"one-drop.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dallying-reveler.fontmaxplugin.cc/api/config","fqdn":"dallying-reveler.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"172.67.172.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://one-drop.sbs/","date":"2026-03-28T06:09:21.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: dallying-reveler.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://one-drop.sbs/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://one-drop.sbs\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 28 Mar 2026 06:09:21 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hJb54U0bypYJJyanBH5THE9vSaTes4Thwsl%2BXfnWZwZVfCPUlo5bnndfQmJ7W8Qee%2B79naCFWR3inifYDqSsRhPNP0G72UWUShNKeQCqYKkqH7Ky3pH48VIddy66eIW89WP%2F%2Bb4SwarT1yKXMuEpgna%2B6iU%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9e34772dfd3ca0f0-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":179,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"data","md5":"73b43287f3d7d19425cd9d028dd5b37a","sha1":"58552e1764e4b2753beadcaa09b9c9cb5553bef6","sha256":"73c7981cd6fbf1ae42e75a2dd7dababceddd06ac762b9fd95ae4887dcaa81a34","sha512":"491f016070adca2c160c6272a4ea6e475a0ad0ab1414f8da6dcb7cc5285855ce72d88090c3cf43d840e6b012c129e0fc55071002dad46af024d24f3a97a58dd9","ssdeep":"","tlshash":"7fd02ba45b9163a6e2011210b281071a2dc6a1086dd581c51a305236240536987ef4b8","first_seen":"2026-03-28T06:09:47.651966Z","last_seen":"2026-03-28T06:09:47.651966Z","times_seen":1,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-28","alert":"Sinkholed","trigger":"dallying-reveler.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}