{"report_id":"f555f9e1-5eb7-4d4b-a0ca-72bc5fdc3e2a","version":6,"status":"done","tags":[],"date":"2026-05-20T12:51:26Z","url":{"schema":"http","addr":"awtairdrop.click","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"awtairdrop.click/","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"title":"PancakeSwap","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"awtairdrop.click","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-24T12:51:26Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-05-17T22:41:40.561616Z","alert_count":0,"request_count":1,"received_data":1092106,"sent_data":439,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-17T22:21:01.756487Z","alert_count":0,"request_count":1,"received_data":5209,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bundle.run","ip":{"addr":"172.67.158.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-22","domain_rank":342986,"first_seen":"2017-08-29T17:49:00Z","last_seen":"2026-05-16T18:16:37.005664Z","alert_count":0,"request_count":1,"received_data":51858,"sent_data":412,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"awtairdrop.click","ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"domain_registered":"2026-05-12","domain_rank":0,"first_seen":"2026-05-20T12:51:31.550135Z","last_seen":"2026-05-20T12:51:31.550135Z","alert_count":200,"request_count":50,"received_data":3353511,"sent_data":23045,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"PHP:8.4.21","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-17T22:18:09.532627Z","alert_count":0,"request_count":4,"received_data":72168,"sent_data":2139,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"awtairdrop.click/","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"2b62005bbb19074b325ce7998b3433af","sha1":"c31e8e1b7c5764b74ad6d258403c53b0dabdcfca","sha256":"0c7d19d4b1e85fb9436c3768891117e4e944c5c15403f802e8c3cf223b9b9768","sha512":"aade5388dafeac3640a2a26add3a21ec239f5899256e73dbd9564a63e0e7e85700f8c0c05bdc8d3058b80dabe20098b546fe4ddea81c24799be84690a01a86a5","ssdeep":"","tlshash":"bc014eb813ab223545b370dc510f556c3a363b223096d504fe5c51b88fa1a7696f3dcd","size":660,"data":"","first_seen":"2026-05-20T12:51:37.615277Z","last_seen":"2026-05-20T12:51:37.615277Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"f3c432b58f23172a852c574bcf2525d6","sha1":"5819092562bde8a8eace3a4378fcbd987fb13695","sha256":"2a859402c30cf6e019d7cb61c1117e287259202bdcf7c0f840abf8859e88530d","sha512":"433e312f4c56d2bd3a01ab0883a92dfb40f3e94761a2468e808d9d40db04ddb29195dede056b945beb43ffedf9890ed0c326d2f78749ce52f20f4dfd058841a2","ssdeep":"","tlshash":"ec9000000f200022c0a0b8ae2ac2bfcf323a2828b0ca28020a02a82823200cb8a020b0","size":47,"data":"","first_seen":"2026-05-16T18:16:40.629708Z","last_seen":"2026-05-20T12:51:37.62732Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bundle.run/buffer@6.0.3","fqdn":"bundle.run","domain":"bundle.run","tld":"run"},"ip":{"addr":"172.67.158.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fff045b5dcb9991b68523eca940454c","sha1":"9da8944fc722166850125bde8ba2327422d5d364","sha256":"989fc3d36b4371b766b753dde670c8e845839af168e4b3985803fb006c42136d","sha512":"0bb9794242b92a4fcc9f477ef01d1b8d72b3de6ee1e69ad5f23d2d2e2e50d27df0e812f4a79516cb489423216cbe1d50dcc43e1301c3fe6ffa39100befb022cf","ssdeep":"768:XPymN5oPW0hEfVd+esmqrnVlVIT9H8D7OExxWAlnPQBfwBuWAzMkfc2YekFfHy3K:/yU+W04bLqrnKGXnadzfT93rCb7d","tlshash":"28339294b691b02a07937191046b544bf1b8ed68b48c18a8f360e4f728f99ded4bff74","size":50792,"data":"","first_seen":"2023-03-13T00:24:33Z","last_seen":"2026-05-20T12:51:37.594317Z","times_seen":92,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/tronweb@5.3.2/dist/TronWeb.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"52d2c48e0d40dab215c993e276c7b4c8","sha1":"953fa4ed22d4e68eeca22ea3d44a857027f9f460","sha256":"d9522e183a41f8bb059b8b61f5ff99c9eb831f2be6662bf6f1713771648adb59","sha512":"1a7da4e5eff61cd7738511ab84da171037f57eec3dd817f0b9425d0260d0c5addf36135cf6e48803d2abb26e22036e970bd1672710d92abf3ab8bccbce07eda3","ssdeep":"6144:y+WOYV+9x9JXV2vCRoIqbt15LAVbjsRyK2ZU13U+wZ/qpY9lgmpuLWiLyUvPDgea:rYVi9eIqbtvLAVbjsUKyqGSWYC493KYM","tlshash":"c435098876c6f166439220e0143b640eb23dbb5cd45ca554f398e4e37df9ada872bb34","size":1090996,"data":"","first_seen":"2026-02-01T05:32:39.425098Z","last_seen":"2026-05-20T12:51:37.629616Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"cc963bc82df2d91a478983d24965f53a","sha1":"2f187865c0023ae109947c719bbeaf8b23685819","sha256":"f1a695f3d81b4e993db495e590674b1e4fd4bb80ed39a513faccb2d655218172","sha512":"7678b8b6cc408b853ee5f7bad9f09aac190273608989aa3e0ff75382c22f71ed387269b7b5ba4fb24535ed354dbe0ed23e697a050c08bba90e1bab5400511e6f","ssdeep":"1536:KItqYP5o+OYD6y2SiHnnpkuGnM9YCG8jSk:3cYxo+nD6y27Ha+j7","tlshash":"e5334a66f2a670350533907dc36f621931318807894ae6107a6c8261affc95fa2bffdd","size":54377,"data":"","first_seen":"2026-05-20T12:51:37.632063Z","last_seen":"2026-05-20T12:51:37.632063Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/js/wallet.bundle.js?v=1779281459","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"efdd50b9f4a969377f4bec16d1db5568","sha1":"72b69354f136492e2a931d8ce4be86cac2266567","sha256":"d4c0716c3e22744e863cd02619e646de6ab4d7367f57f3e10138f54fab841ad5","sha512":"059981590fabc6ba5d534403c5e2236c8b584a65e4a7d95e34c61bb4e6b4c421ee778c0b55838fd096ea5c73ccf3b9e780e5f955c60021b3aafdb1a3a8d35245","ssdeep":"12288:kO4wr9CwhFW9vW8Hd1RycJMVIT90yvRkaHgM:kO4woW8HTwcu9yvRkaHx","tlshash":"14e45c9473b5b076439f91a9943b0102f339ec64601d402cfba8edef799498896bbf74","size":663679,"data":"","first_seen":"2026-05-20T12:51:37.607978Z","last_seen":"2026-05-20T12:51:37.607978Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"awtairdrop.click/","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-20T12:50:59.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-powered-by: PHP/8.4.21, PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"PHP:8.4.21","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":533648,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (28942)","md5":"da644cf4f216801d669dcc1e981b49cc","sha1":"ef2bec268406453673322817e24e02b6f49bfcfc","sha256":"09d281b5df336156f81fbcc66f77051514cf4223d79760443eb27ed139a7d1da","sha512":"0ab066450e407dc13b055d1290bf7554b0717877e185e91ca5163d967908030297206654199b45ff6285cf8354bb0af27b05e6e99fdc2248e677e3489ae4d637","ssdeep":"6144:6KewOu1c1K9YWv+Heg5KCT7udYbKybrs+u7RMyNj93p6edA0cYxo+nUHa+jg:6LHq+vQCT7udYeyM+2BbA7Yxp/","tlshash":"b5b4bff2429034bf021367d8d3166a5a3d1b34bffba5e64063f85391afc9c99e968c44","first_seen":"2026-05-20T12:51:37.533095Z","last_seen":"2026-05-20T12:51:37.533095Z","times_seen":1,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":121,"dns":48,"connect":33,"send":0,"wait":60,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/kanit/v17/nKKU-Go6G5tXcr5KPxWoVaF5NQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:51:00.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/kanit/v17/nKKU-Go6G5tXcr5KPxWoVaF5NQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://awtairdrop.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 10632\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 16 May 2026 12:55:56 GMT\r\nexpires: Sun, 16 May 2027 12:55:56 GMT\r\ncache-control: public, max-age=31536000\r\nage: 345304\r\nlast-modified: Wed, 10 Sep 2025 16:43:47 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10632,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10632, version 1.0","md5":"3718f4b13325e3890476f140ac8cafba","sha1":"6b84e3b0cfef137151aefdc4d622a806ab99b53c","sha256":"50a775bb97745903cf0133e99c9bb007f82cf1233798c5e173eeed9a677b70ff","sha512":"d4e4df4943ffdc4382c33b29edd23befd1a525da8f6f5342db2c0cf670c5bcf56f352605ae7c49017ecfa5a2283ee44a733440bfac4559359fbdb9b7b4294df6","ssdeep":"192:SAU/nSQh9RMp15OWuAkEIg9WCruU959Jw4lJgtI6Kl:SnRMpqTUt9xj","tlshash":"a522bf81b280c8c5f7005975c6cb9366c9ee02afecf76c302ab1faaf64491f99645907","first_seen":"2025-05-04T12:49:03.528052Z","last_seen":"2026-05-20T12:51:37.535128Z","times_seen":405,"resource_available":false,"data":null}},"time_used":543,"timings":{"blocked":257,"dns":1,"connect":28,"send":0,"wait":26,"receive":3,"ssl":223},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/8453-m.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/8453-m.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2997\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-bb5\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2997,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bdf20718b06aa3e265ab8aecc4feecd8","sha1":"284f7b254da4686eb98cf925ef9ea6ca56cdbe83","sha256":"1027c0b803d5dc261a3e18bae492601950fafc3f882509a121498ade59c4b8f5","sha512":"10e48ac7a94bc16b70eb08c152c0e5b26f92b3db0a862d8aceb71e0140b149697808c6a874bb073dda553b689cd5e4fd7352e36ea8fa62fd0086955db5eadf9c","ssdeep":"","tlshash":"a05165e76220a74c0e4ee50e9f2650e8661f609eb9a7d89215cfa72d590f5c9ee008dc","first_seen":"2026-05-20T12:51:37.535762Z","last_seen":"2026-05-20T12:51:37.535762Z","times_seen":1,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/tokens/weth-base.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/tokens/weth-base.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 9698\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-25e2\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9698,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"beb7d965451940499cb2b188a92d44b4","sha1":"60a14464773c5a4a44bc43f5f83a39f5ac319f7c","sha256":"228ddcb906c830630fd41ffc9774a595614ba2b5bb955577fc5bd7cccb85271a","sha512":"d9e9753f0f333586681e3d0e9a2dcf8eac5d25af39e5493f8488cefed9a29dcf609062400dbd394bfb5a2d9278855c0a7ec9e438efc222e6cd3cecd6989935a8","ssdeep":"192:NSS1sjXH9c0MHDz66hBQ8vpTMDgVAl6hrbrkMWfF:Mt7H9DUm2uVco6hrfE","tlshash":"d2129ed0130058cb6f1938ed614b0b7164b3a29ed0792c508295ede1fe6bf5e611ddf9","first_seen":"2025-11-13T03:47:26.99457Z","last_seen":"2026-05-20T12:51:37.536768Z","times_seen":2,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/kanit/v17/nKKU-Go6G5tXcr5KPxWnVaE.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:51:00.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/kanit/v17/nKKU-Go6G5tXcr5KPxWnVaE.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://awtairdrop.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 19496\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 17 May 2026 11:11:39 GMT\r\nexpires: Mon, 17 May 2027 11:11:39 GMT\r\ncache-control: public, max-age=31536000\r\nage: 265161\r\nlast-modified: Wed, 10 Sep 2025 16:43:48 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19496,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19496, version 1.0","md5":"201d1d24b464e41d18e57dc58687f055","sha1":"d35fdb2a75da697dc080ced73400fc394f6cf4b8","sha256":"c3c4f89f25c7c8343a8b8ce0a120fe2c419809a1e92cc9313cbb5a36fb10a411","sha512":"8c695fb5dd450e0d4355f898d657d6d5c943c5c049284c9b32c017fc89d82296dd84b93abe8ed5ab8c44a2a480515d37e12b1dc3c8f2532406108d849533e93e","ssdeep":"384:IKA0aP4lPNAX1S8i6ePT1EEgJM3tgs4+fWjg+lva3AXnpj9gx:IRyWJeeJwgsLf0vg0XI","tlshash":"fd92d18fed917bc8f29d04ae94830ffd6877b10bd1a081790ad464419ca87766a6dc47","first_seen":"2025-04-24T11:01:06.88202Z","last_seen":"2026-05-20T19:53:46.808852Z","times_seen":2795,"resource_available":false,"data":null}},"time_used":442,"timings":{"blocked":192,"dns":1,"connect":28,"send":0,"wait":55,"receive":1,"ssl":159},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/favicon.ico","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:51:00.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:51:00 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 12 May 2026 12:24:10 GMT\r\netag: W/\"328-6519df0b7ef73\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-20T20:19:28.489093Z","times_seen":36973,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/onramp/currencies/eur.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/onramp/currencies/eur.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 806\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"326-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":806,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit colormap, non-interlaced","md5":"7e353d2e1b30ac7ed51a89822eadb176","sha1":"20b0cc3c21fd61518093580b4856657734d13251","sha256":"c872b64b03a63a0b36c4f93276515f1b99380e5fea6d156ae4d74ba5dfd9b742","sha512":"c18d973420f93d9b986bec3cbbfa85e0d990701c1d55ba434bc4dca06a2a1bc9ca7b383b470b03cd820d3a7a0f4c248eca006c91c0dddcf1eb9fbbb810f3c505","ssdeep":"","tlshash":"ee0175f5c457fc74d01b6eabf8318dc4de28125f896b801663449819ba68b83de23355","first_seen":"2023-05-17T08:55:45Z","last_seen":"2026-05-20T12:51:37.538964Z","times_seen":116,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/tronweb@5.3.2/dist/TronWeb.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/tronweb@5.3.2/dist/TronWeb.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 250648\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 5.3.2\r\nx-jsd-version-type: version\r\netag: W/\"10a5b4-lT+k7SLU5o7soi6j1EqFcCf59GA\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230171-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xz4OUhHnPWV7ENhIQNBPFYPUKz4NpfPWTriegYCR%2FYpatxqvL0d4R7oJGnCU%2BgRP4%2Fdd8uvpf6VHvPCTTtnH6kgw7ECNMB%2BZB0w9AkrMzI7Pi2AV%2BtqkX3eoxzR1xW811I4%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9feb7862badc49c5-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1090996,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65471)","md5":"61815c53518e149c598d8d4e8c540f1e","sha1":"056b4b1e8ac8e4b1bee20a121b5bb13eebf70dbe","sha256":"2750da4ca28f2302169db18f17c1dc671ec9d0d8eb3e93a8a9a4bb93778f6209","sha512":"1eb3371d59a1c018c0ebc9c9c10bf708720e85d5355ed42ed941459a43a81abba537767a20cf0782905da678e9be6961099f465b5aa4dba03766819b394f423c","ssdeep":"6144:y+WOYV+9x9JXV2vCRoIqbt15LAVbjsRyK2ZU13U+wZ/qpY9lgmpuLWiLyUvPDgeE:rYVi9eIqbtvLAVbjsUKyqGSWYC493KYS","tlshash":"4725098876c6f166439220e0053b640eb23dbb5cd45ca554f398e4e37df9ada872bb34","first_seen":"2026-02-01T05:32:39.423634Z","last_seen":"2026-05-20T12:51:37.539678Z","times_seen":9,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":2,"send":0,"wait":44,"receive":13,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/204-m.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/204-m.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4162\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-1042\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4162,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0eb019e586b2e86e72bad964b26e470b","sha1":"28343a04a9f252748c387456cf43b4696d27437b","sha256":"ccddae669fc194a0fc4815c5684460a452aa23a93d7499ad8c932c5415d80041","sha512":"80a6f45a173c6b98727d6e02032b7090a4c1f7df4842985a1aa58e2660b9b4af7574c1c7a9517b1f8b6e83f3bd1f765c361f2c95f016b6b872968d248044f7ff","ssdeep":"96:qBPY8I4XDCfiMPXPy12Ha3uPMJ6ZCqpb4yhLUtZj:STAUKZCixe","tlshash":"6e8125c57734b1b4a981f37e9312003ebad27de966236ed083991d1ae68a41cc994ce7","first_seen":"2025-09-11T16:31:23.672555Z","last_seen":"2026-05-20T12:51:37.54082Z","times_seen":3,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/tokens/usdc-base.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/tokens/usdc-base.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 20360\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-4f88\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":20360,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"fd99b0e538c003d7cf81654aa3e0e3f2","sha1":"08e2d8d27e0e03791ef3d24ba98d964ceb7d355b","sha256":"d2cc38acdd9b15d87c1eef790ef729cb8effcf97f6707464b4f0289c90029663","sha512":"66682facede40f9f20e593b0e99a60dcc5786a0140f6da81a21315b2781e17c85369d946a955f47549704e21edc252dfcefccba602986b5a8f7eb1aebaf2ec20","ssdeep":"384:M9YB2xmJjMf/mlI5EpVS8r+KPDOq6eX5BNe/NLd8Hx3h:XB2x3Cp5T3BQwth","tlshash":"d992d1df631f4caee015a75a19407ef9cbed8b63024990e5069fb95ec0c720c7526e88","first_seen":"2025-08-27T21:22:55.415127Z","last_seen":"2026-05-20T12:51:37.541896Z","times_seen":4,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/landing/partner/youtube.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/landing/partner/youtube.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 562\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"232-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":562,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"56c6c0771ac4156d05c940387e07c268","sha1":"e8f849579a5cdd2f63211102f0297cf96f719249","sha256":"fdd01e011c88141e958461d09d238acedb69eb0813f684a07842f974d0bc248c","sha512":"1ec7a394ad3ee209ff045646118cf898ad009a76ee81424cc0c1fc344caf3a25cd891937913037898de1f0079831e9b802d428a0e3108f0d3e9dfa89c32623de","ssdeep":"","tlshash":"12f04cdb9e787d0c89c04a2e9b561495231f70fa6540c57ebe5ceecb4119142b15a909","first_seen":"2026-05-20T12:51:37.543398Z","last_seen":"2026-05-20T12:51:37.543398Z","times_seen":1,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/landing/bunny.webm","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:51:00.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/landing/bunny.webm HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:51:00 GMT\r\ncontent-type: video/webm\r\ncontent-length: 1554679\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-17b8f7\"\r\nx-powered-by: PleskLin\r\ncontent-range: bytes 0-1554678/1554679\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1554679,"size_decoded":0,"mime_type":"video/webm","magic":"WebM","md5":"60204993357e4e2f01805f7a4aa6f40e","sha1":"310201058dde10c9ea12f3b73e5e0dde05494975","sha256":"49d83db286100bd37c17e784ec580964d9e8ee33c7c12bebdf82fc70bdcaf20c","sha512":"14f5e3de599667e69006de914dfe5c73999659b0ef162c8c98a7bb7962d45a173840e245166319e98c2d93ea7c215fd8dbaab5564f186f17520ae11053b8db72","ssdeep":"24576:hweeUCgo6if+VuNw7kG5f6AF/mUXCpZb6VP:KrXf+ZkG5f6AF/mmCpRI","tlshash":"802533447b7c4018cd5e29f8658f31c5a95910acaa6e8ea02c83ddcef7bd6c2721f563","first_seen":"2025-07-29T04:28:21.61211Z","last_seen":"2026-05-20T12:51:37.552589Z","times_seen":94,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":135,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/landing/partner/instagram.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/landing/partner/instagram.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2067\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-813\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":2067,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"66f33e12fe02e74489b937686e7fbf3a","sha1":"da257b41eaa03af3856d67c15dd44d3ccc13d52f","sha256":"93d38800b17b5f99c9312e40012ecf9ac0ab5eedcedfe2547b552b88910d75ab","sha512":"85482dc73a0f7713334f47a54a48c9c9b917628bd1cef5d733db472be43dae29133591c3ff08c3414ec48bc9b6b5f2c977714abf0bafa4ee27cb46c7529e4580","ssdeep":"","tlshash":"5b4187ce94f4fadccbcac768df509416070d28eba64845f4925d9f59e00e8d6d70a4f8","first_seen":"2026-05-20T12:51:37.553436Z","last_seen":"2026-05-20T12:51:37.553436Z","times_seen":1,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/kanit/v17/nKKU-Go6G5tXcr4yPRWnVaE.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:51:00.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/kanit/v17/nKKU-Go6G5tXcr4yPRWnVaE.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://awtairdrop.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 19400\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 15 May 2026 13:25:31 GMT\r\nexpires: Sat, 15 May 2027 13:25:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 429929\r\nlast-modified: Wed, 10 Sep 2025 16:42:16 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19400,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19400, version 1.0","md5":"4f78daef1a1d29da8783aed20256d678","sha1":"d7bd2d1c122216de856554de22d2dd517aea7f35","sha256":"69135716e3246d03252eedbc4b49092fd07b1691211dd5c8e6a099efaa2e1e59","sha512":"d81b2d4eebb9152ca6c20f8dbf8601272e7cfb699b02168d2a555810766233d3f5cbd88d284634babf5aaf63b9d5ecefe2ad5e896533f17203505cc6ecfa2d03","ssdeep":"384:pTYePRkgCPlNpEIQqPePakVBa/1huKRZxpvScPqtdn2c9zjFRcnuOQAJ:pTYepkgCPbyI1ePJra/1lpvScitBvBjG","tlshash":"5e92d090cf6be03aef256ca43b5bd946b51ecf3241609c17b44a6088a7e692145d2bd8","first_seen":"2025-04-27T14:23:01.08323Z","last_seen":"2026-05-20T12:51:37.554514Z","times_seen":552,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":181,"dns":1,"connect":16,"send":0,"wait":52,"receive":1,"ssl":158},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/56.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/56.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1146\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-47a\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1146,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8ab418b3fb8b14c7a705fa09bf318c39","sha1":"0efc86d33be47451ddbc96ed9d28c9f81aed8b8a","sha256":"2d9628208c8795a4d122e3d43cd2a61db31ba46aeb66d003cbfe321d9f8166d2","sha512":"4986001b4a14a1b1003d4af1b65b117680a755dd685df8b98e5cc28874d527b72e0505b5c0b1efc1410c29711b0536f956b083658fd9e89f7d730cf72da05561","ssdeep":"","tlshash":"8821cb227bc4f6e4a8429bf5444db0ae32a229f2a32dcc4497d960dc934155e29bd645","first_seen":"2025-04-15T18:32:02.823553Z","last_seen":"2026-05-20T12:51:37.555215Z","times_seen":94,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/204.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/204.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1144\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-478\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1144,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a0c6cdfee95eb190716460c4f8aaabcc","sha1":"9ca4e94af190e2d6a96386e6b7a4cb9d25f8290a","sha256":"8e6aeeea869df06db61e1ef74a46b1604c8a7efc06f61222e2876fb7cde53d74","sha512":"e53c2c9a137b48a6fdd929323fbe2047613891be138d9e35033f7d93bdf16168638665dc395824cf56f26c5aad482656a7fcf37bb4ce4d8999fc8ea511b980b6","ssdeep":"","tlshash":"1821ee317bc4f6e4a841dbf4444db0be32a229f2a33dcc4496d960dc974155f29fd645","first_seen":"2025-04-15T18:32:02.792924Z","last_seen":"2026-05-20T12:51:37.555965Z","times_seen":94,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/143.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/143.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 445\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"1bd-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":445,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f624855f9a34d014f88c7fa81070d7b3","sha1":"525851abe26a994c9ce907be093e28488579edf2","sha256":"e03f5ed3754d4520a9419251c4624ee38b8d3a7e809c88cd1f3afe82cc94303a","sha512":"67d2ddeb87d54f38f2d93e56c506d0e0b5c52709f63f7ea81a556c796c0bb4ef85ea8d520287e9380f8365c21eb97d39215625a313e101841e6de47658f07ef6","ssdeep":"","tlshash":"e3f05cd0634488985bd24b38e37869d0a46e39fe8e7c820cb290894e628748bb80c79d","first_seen":"2026-02-18T12:25:10.549027Z","last_seen":"2026-05-20T12:51:37.557012Z","times_seen":22,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/onramp/currencies/usd.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/onramp/currencies/usd.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 839\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"347-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":839,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit colormap, non-interlaced","md5":"ed7f2f4056039d4e6ea4a3a5769609b6","sha1":"3c5163d78a563c4c48cf07f7b220e8f7a529141b","sha256":"a5946c2edf7f999f9c19b0ccad83ad50e8506868d904f7e7e5bc8f4e8e50cf03","sha512":"849f7caffd06ec528e142e2e1c3a6132d7d710ef6ebb5cb1390a74056b5376612b4030b8dffe6a2a02d5f5be34952536be18a75015bbce3838c6591e534197c7","ssdeep":"","tlshash":"0c018ad5ee370470da0f512b407f554fd573b876839045865d1025dc19acfd86353757","first_seen":"2025-04-15T18:32:02.785214Z","last_seen":"2026-05-20T12:51:37.558124Z","times_seen":108,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/landing/partner/telegram.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/landing/partner/telegram.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 483\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"1e3-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":483,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"37da8d50d11132104824b4b6a8f9af1e","sha1":"c41cf028481dba21b0cf0818154845de1e2620d4","sha256":"29ad192298e537f8dd1f08942553659309430a82020e561cf8baaf12f032cf09","sha512":"07189def4712999209a7c5a0b3de128b05079b63e282b6097f9e2df424a03b24302cad85146ec4f8fc0b98f16700d4f19ea93b5de1b9c8b00873c8dcb2896d2f","ssdeep":"","tlshash":"47f05cf7ac98b20d8412c52a4bf48011035f60fab57b1659fb9c5ac2414a8c6d6db60e","first_seen":"2026-05-20T12:51:37.559191Z","last_seen":"2026-05-20T12:51:37.559191Z","times_seen":1,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/square/56.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:51:00.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/square/56.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:51:00 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1327\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-52f\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1327,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5f768112e93c8babc344759d1705b2cc","sha1":"64485cd8be0de51fc535a27afcaa4875b986927b","sha256":"1c04f8e2b94748f2615b5e88f59c7a0eea270309c5e430aea86285fdfe16ad81","sha512":"128306b733ca2f678727743f98869ec231a0f938b5ed190c9d8129d9a47417244f341f13491a4b3128bda83e3ce01159bd36262e98c0f45ffe3910c590273e77","ssdeep":"","tlshash":"d521d3e4b7c8c69f11090bf86d0029a8709a30fbbd7ccdc546e125f195ea75d0a6cd81","first_seen":"2025-06-28T18:40:35.30454Z","last_seen":"2026-05-20T12:51:37.573523Z","times_seen":158,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/api/get-config.php","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:51:00.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /api/get-config.php HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://awtairdrop.click/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:51:00 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\nx-powered-by: PHP/8.4.21, PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.4.21","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":112,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"dd80322d40dcb65d8c6e7f497cabee00","sha1":"20fee32796c2c4681b9d01c8650d413c35004861","sha256":"16a119ef70724822248f21522c4c0f944e08b897d7972ea811d282f9f1631a1b","sha512":"0e6209f026f7d959b6e872b4bbae74cb1440ea60779390747465f4b0d312067fe36155fe4d9863b049f79a51ee6cb77c7162cf259578e73ac9133f27d479326d","ssdeep":"","tlshash":"22b09b506c4df679111451d4605558365045472d63399f5424874c8915090066a5a755","first_seen":"2026-05-20T12:51:37.574285Z","last_seen":"2026-05-20T12:51:37.574285Z","times_seen":1,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/143-m.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/143-m.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 3085\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-c0d\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":3085,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d3e44c44aed05021c2e28f26530bd2ae","sha1":"00ec40506aec1aad995ccdaff0b553c6bc465c1f","sha256":"005e42ea024de71f54623b4b5e47671f4ed5a6dac14788dd21f80fb2b1380bcc","sha512":"51a2de5363de6ef435f8765c980af76cdda7ea48e9de3088af3868c659f2fe43b0b619e72fd47df44e8a4d30ed6ba7a7a57c864a7c2a2afd33b4572d439d42cf","ssdeep":"","tlshash":"6c51c7c731b0c395c9c9d84ea771a464911e60ddc8baee868def872c4c4b0d9fa1c6d0","first_seen":"2026-05-20T12:51:37.575528Z","last_seen":"2026-05-20T12:51:37.575528Z","times_seen":1,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/square/8453.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:51:00.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/square/8453.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:51:00 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1062\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-426\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1062,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"17fa4accf7faa6d3245d83879445fb89","sha1":"cc43047228c9e5e283b5001b11989243087a0793","sha256":"8ab7845c2ad268a34e1071369c87b6efd5de248af48a5716855a7e2ac84a7923","sha512":"b0ca0a5912b85c7e9dc39873cbd84249f46ec8a48ba0483a13de0d2a1f58f7a2cedc55a8c230a38c3d3b1f6476c967564ee83aa5d4f683f38bbe5f8192013a69","ssdeep":"","tlshash":"98110ef0229cd0bc0202ef81e37a50bcf0c6ad2c6b954118f3e48a4e903d45389de78d","first_seen":"2026-02-18T12:25:10.614608Z","last_seen":"2026-05-20T12:51:37.576631Z","times_seen":26,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/css/runtime.css","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/css/runtime.css HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 12:31:26 GMT\r\netag: W/\"6a07121e-3127\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":12583,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12537)","md5":"4f49e2b7ee8c82afca3d810e416f4982","sha1":"bac005ccc84c23768956a785f79c03e937bb152f","sha256":"0ea85e859ef233b2c12d91a3d33dc954233b9b5772eadfa89b309bc5474721e4","sha512":"ab78a936053d2013426677b62e8d1cf98989f38767592257cd38dd203dab9416f3ce51af36de2c2e6256001d396d4d43011762b545f51d418a33294fd94f5381","ssdeep":"192:UEOJ4wiGtk5aL9AFIdtQpEAUihTruhxksc64JyhOq7vmic:ROiwiq9y7EAUihcxksc64Jysq7vQ","tlshash":"fb423340b81c12786d3fe645eec9572ce124b842ae624466a10d048fe9d3ff539f5faa","first_seen":"2026-05-20T12:51:37.577877Z","last_seen":"2026-05-20T12:51:37.577877Z","times_seen":1,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/56-m.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/56-m.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 5340\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-14dc\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5340,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cd91bf9205cba2877a103be6d03135f9","sha1":"52b176b7af717e243a33e8af3ee6106c66e87087","sha256":"7cc685c9264677bda53a32c464977a75c0fd1379ee939da3c49998d8fb6bf593","sha512":"8596e8db694706ac40918cb7ce090de6e0c1bd73edcaf008a25c3573c19416268f34613cd223e65cd80503a06fc63073f0a64b83520895dc3b168f241ddf8760","ssdeep":"96:qDtwo53WQZqrJPus2X126d4kj2kzXsEyNGsjsPJPt/Q:At53ZoJ2X1hrdVyNGP5t/Q","tlshash":"7cb175c977a4977890c4e7be6256803e3b236ce9261259d4cbfd1d39e6c780c8d64cd2","first_seen":"2025-09-11T16:31:23.755973Z","last_seen":"2026-05-20T12:51:37.578843Z","times_seen":3,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/tokens/eth-bsc.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/tokens/eth-bsc.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 2984\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-ba8\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":2984,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit colormap, non-interlaced","md5":"2214386a20472bc5fba9309f1a90645f","sha1":"f94e58b4bc1a36eabd8e3ed962677d467e2d25bc","sha256":"c253d7c5d4203783e31bde1d33e143f6a9ce1defac24ab5e06948847696b80a1","sha512":"aaacd623488dabe41c1d5fe0424fdc1d7a482c45ef7c3568ae2aedea576a9f668529eb02ef3fdae31d3298cd2e895d19e951d31a08042714c9ba0b6f28b5f7e3","ssdeep":"","tlshash":"05513a665172494ed6f27c3bebb89b26ddcc5c7810992ea24153b076bb347c0e483435","first_seen":"2023-05-01T22:39:41Z","last_seen":"2026-05-20T12:51:37.579887Z","times_seen":571,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/landing/partner/x.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/landing/partner/x.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 408\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"198-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":408,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"530afc29191e1a049da838e18cfb3bc8","sha1":"d3e24d9fb3e6b41f23503e199d9061e9dca793b3","sha256":"16738f7bab4ee0b71bba74b4dfcd85d160ee9ca71f184df837ed0f4fb0a25e0a","sha512":"9e720e5355ddc5f37888a97ac6822ca36b5713d9aa6762dfff360b719188df8866c47afca15e578a01c4da7c004c30b572caa1ee37b3cf1a1c56fcc035c89516","ssdeep":"","tlshash":"28e0abea9119651c80454f6247445c1813ed74ee6fca0a69f62465ca011cb892ceca4e","first_seen":"2026-05-20T12:51:37.580658Z","last_seen":"2026-05-20T12:51:37.580658Z","times_seen":1,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/1.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/1.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 703\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"2bf-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":703,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5f5619dc014f690a01573e9e740ab1ab","sha1":"faec2a38b249681984333d3a8d347bb9f4fd4203","sha256":"48470074c77e74887771aae3fd8de21e09e0b7e85598620426abf1c169314b6e","sha512":"da0914ddbf9597af4b75e5ca041d14c387cb62a5b6b37699d91223fc8f8cefe07338e9eccf5345b6d42e47500fa2ff8d441a29b1acb679c92cef1970b38e3d6a","ssdeep":"","tlshash":"2001f79c711cd014576ca74e2f2ea47909a3a1e1d59cc1d0a3c12d8ffc5999f3c66ec4","first_seen":"2025-04-15T18:32:02.81058Z","last_seen":"2026-05-20T12:51:37.581565Z","times_seen":94,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":144,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/324-m.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/324-m.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4772\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-12a4\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":4772,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"234dd14942fb47fa311a0047d50e4425","sha1":"9531281b9aea7e79ceb1ac23cd07b90402c94521","sha256":"3e15eb6fd61053434411806bce9694e943737c085b8268b7605d131cbd64d4b5","sha512":"4b5e149d927bae54cc9d1f4ddd1e33d1f324c4da81169fd2c220abd61a02eee1855a77239132c2a5f483c50cee21f1f1588b9eaff20fc4f0f1ca973e4c87a5c9","ssdeep":"96:dh7l3apwpV205yaMXSoqH1HMoP8Kf0TPSq/K7:X7hLa05ytXSoqzPVr","tlshash":"4da10f60273c937c7998857f2312e8317a42ace156928144e7e85e3ba8ca8148fb0cdb","first_seen":"2025-09-11T16:31:23.735611Z","last_seen":"2026-05-20T12:51:37.582294Z","times_seen":3,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/42161-m.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/42161-m.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 7331\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-1ca3\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7331,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"096e77c5c2d2997adfaeb1035eba888d","sha1":"d0422e57880c8d9cf76024c15f76d6fcec4e45ab","sha256":"8a7009677e1f1a63d7f3a49b068eea9d9e25c60f409eb19dda06dabf2bb4ca6f","sha512":"eecb0ab0c151ab9e47c85050226ce40f12c5977da11f94bdf8ba8026c59b4a3168b7eb40a4e602b1b2c3df89c5bd8cdbe76afb155e162b508e54fc2c9e2c63aa","ssdeep":"192:lBHOeeJES/WJMFnE3o0p2NiZtVtBCvEi9U47hJq1Oi:lBnUuWFnE3NcHHFjq1H","tlshash":"6de177c1737a62bcf14581ff3211d4757e512cc61f628850c3e42d26ea9b86c8da4ce7","first_seen":"2025-09-11T16:31:23.682257Z","last_seen":"2026-05-20T12:51:37.583211Z","times_seen":3,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/solana.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/solana.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1308\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-51c\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1308,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a1bd3aa6eecdd6604dbe1a17df54ceaf","sha1":"92baeb9928a66c5687a2fa8ecbc05f5707dd01c9","sha256":"bcfd1ab081f43cf87304cc1ec8d61c344c0ab954f1f368aac60a78557e9bf6a1","sha512":"16e2120d5d86224decbe38a71ecf20723bccb6b3f47eeb254987ed8b435f1f90a20fc46acb6d08b609b53a0875401be100b92ed95a4a0e6140f4e5eff388c517","ssdeep":"","tlshash":"c721be25d51da41fc056d76cdaa048e4434d60abfc815375a3fcab7f243e98b86ce6b0","first_seen":"2026-02-18T12:25:10.540671Z","last_seen":"2026-05-20T12:51:37.584129Z","times_seen":22,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/tokens/bnb.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/tokens/bnb.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 2600\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-a28\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":2600,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit colormap, non-interlaced","md5":"169d592d3323f7f3fa81a79455e543bf","sha1":"ae5e46c0ac5efeb814ddb01d9e431da47d05fdc7","sha256":"480d420dbe99398212b895edb3624bd8c72322936592779bedbc1a14d031da3e","sha512":"7a71d7f16e13490aadb4450612c4e56f723ddfe74d401e0445ddf8f32c317672d94f1d9f21c2a00cfc18aaa348f142110e99395e7c08fff4f37b2adcad6c7a20","ssdeep":"","tlshash":"945139fb9212bc91ce9e9434c1ad5e89f2808ed908fa4b4b321a59ea49062e31210473","first_seen":"2023-05-04T02:59:55Z","last_seen":"2026-05-20T12:51:37.584635Z","times_seen":143,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/onramp/currencies/gbp.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/onramp/currencies/gbp.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 762\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"2fa-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":762,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit colormap, non-interlaced","md5":"8344997c2cc39e2661d2eadd18a0e813","sha1":"927b5e6162c8fda050c6c3416f8f85232cef3b50","sha256":"f47de25221e59d10969aa49c3c4f88566b6970597832011a662b583bfffeabcf","sha512":"a70ae00a38e8f84c44e076a475d9adfce15db6f3434dc6c40af1f89af4dc6cadb0625f5ed8cb6a68ad4ac03b08fe25c1e6f31174deedc8a9e588d74cc902829c","ssdeep":"","tlshash":"9e01b5f1e30bce89c0828596d7d92047d89029e2fef3902585309409ccf911fd293b59","first_seen":"2025-04-15T18:32:02.832978Z","last_seen":"2026-05-20T12:51:37.585173Z","times_seen":94,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/tokens/cake-bsc.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/tokens/cake-bsc.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 23324\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-5b1c\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23324,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit colormap, non-interlaced","md5":"94f80b18a20da9904d944265179b0b24","sha1":"3fcf522b49b6e1dbc1c5fa946de2b690b6177ade","sha256":"30e4f3dc4d5851110ea26bc300ea74b93f82a53bee5f26a84b75c680afe7ba8c","sha512":"0804ea256c88cc58c9de488f6a363692280b9730ba0393c51bd6ab3db78246f3721d2681e871d4ad7d3427969c77471db4013f8312ba4709439a63be62673f08","ssdeep":"384:3KBbtZ0GpB8GaUHKE6QsbB4XwwB7nepW+GfkiX0QTu+Lvgh6Y39j/rE1UCkrhGab:aXq2BxaUHKfQVFepWXfOyu9hZ3q1EVGI","tlshash":"b3a2e15e1f2d81d59853826d2e744cc2ff71124ddb8e271c60961f2d3a12adb6ed7388","first_seen":"2025-04-15T18:32:02.824877Z","last_seen":"2026-05-20T12:51:37.586833Z","times_seen":12,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Kanit:wght@400;600;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:41 GMT","end":"Mon, 13 Jul 2026 08:36:40 GMT"},"fingerprint":{"sha1":"02:32:5A:C8:A9:9E:51:3B:E6:B9:C2:90:57:59:03:86:2E:5E:AF:0C","sha256":"B4:3F:61:34:DD:CF:DC:F3:4F:B9:A3:80:2B:A9:7F:C1:65:62:81:5A:B1:86:17:32:64:43:A8:E7:64:F6:2D:D9"}}},"request":{"raw":"GET /css2?family=Kanit:wght@400;600;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 20 May 2026 12:50:59 GMT\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4523,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d95348e016f9ed4da56ca9183925e8f7","sha1":"6e9131b6f937aab486a2faf25efc7a2566977507","sha256":"00fb6436c1562dfec5d02180a3e8adaac2e84734eede6b44ed830ea2922cb212","sha512":"fa955f6879e9dc52a1b0f563946f0953e1c982f1eb61b6d6dd737646b485d3a25a96b477e3ea3a546f2cd158d04971f14164e80a8a77722c710f194a02479b8c","ssdeep":"96:COEarNoOEamOEa9HJc+u0OEaINTOxMaMNoOxMaZOxMauJc+u0OxMa0NTOwhaVNom:VxnxRIHs5M+y5HjZ90Mz/","tlshash":"1491ef945417d540eb972cc223ce7e369e5e61217851eaba6ffe08ccacabd321315b0d","first_seen":"2025-09-13T03:42:04.492339Z","last_seen":"2026-05-20T12:51:37.589087Z","times_seen":355,"resource_available":false,"data":null}},"time_used":669,"timings":{"blocked":289,"dns":1,"connect":28,"send":0,"wait":46,"receive":0,"ssl":301},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/css/theme.css","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/css/theme.css HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: text/css\r\ncontent-length: 119\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:31:26 GMT\r\netag: \"7a-651da64324380-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":122,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e86c059020f1db0f9d08956d4550b4f7","sha1":"e454c4432857aa05f3da954aa8c9fc2bd71437d7","sha256":"4e43379d92847bed60b04af6d6cccdeb8d695d2088826ed06c5b96e977172903","sha512":"eae28e9a10556cdcc68a30b261f8ed9a20bc7037aa21c5ee00bb2d95199424a6a3dc5127f487933d7976659ebc00a71c7a38b97c6c62df73d0a0a5bf3b8a85da","ssdeep":"","tlshash":"f9b09219b65e26a9090b888f7a48d409271eb301faf11dedf41ab229482202d71b9766","first_seen":"2026-05-20T12:51:37.590662Z","last_seen":"2026-05-20T12:51:37.590662Z","times_seen":1,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/css/fixes.css","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/css/fixes.css HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 12:31:26 GMT\r\netag: W/\"6a07121e-1a0f\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":6671,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"9288d2d7ba81fcb6dfeab1f8f0fbbf6a","sha1":"9ba1de0a4ddbc54dd60f9810cd4e684e7b506e2a","sha256":"d911544d6f2aaa93d911901c467c8ca8a3c94e5a7cc163d87f5a6d54eca2d60d","sha512":"a24df0830dbaefdc716e884edff4883199a91035eeaa73ba078e21376a27c9357058959ae55dc4fb28c8d935198e220fb1595c0e9890eb8953d437be0be6039f","ssdeep":"96:SCBNahqB270unSwt44Br/hSKOhUWA3B31D8C8BWh4sk:xBNahqB270uf44BrYKkmx31DT8Qzk","tlshash":"34d17657fee250d5702695a966a737fcbebd80029309cc767a9037788f433e705a1a4c","first_seen":"2026-05-20T12:51:37.591629Z","last_seen":"2026-05-20T12:51:37.591629Z","times_seen":1,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/324.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/324.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 357\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"165-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":357,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8a875e653e4903a6a249afcd92907794","sha1":"36e1ce3c3117b3402c87d8a2c293539a57241b81","sha256":"babb98a3129cdd09ae4d219c24b92c39d8e2f0c578fdcbd196d604abe7df3be7","sha512":"71dad55d871d9616e38925ffd883930bf62a8e81e911e3b84f1a23c4f729054c8343b94059754e8718c0493490a43e69779ea81936cab7453d5b2ef0272386bc","ssdeep":"","tlshash":"75e020b7626cc50cc52097166739619972e2a4c9c95cb584ab40350ebd4c8df1c685d8","first_seen":"2025-04-15T18:32:02.787722Z","last_seen":"2026-05-20T12:51:37.592875Z","times_seen":94,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/kanit/v17/nKKZ-Go6G5tXcraVGwA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:51:00.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/kanit/v17/nKKZ-Go6G5tXcraVGwA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://awtairdrop.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 19300\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 17 May 2026 10:24:44 GMT\r\nexpires: Mon, 17 May 2027 10:24:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 267976\r\nlast-modified: Wed, 10 Sep 2025 16:43:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19300,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19300, version 1.0","md5":"b149de90fec0235ecc74597251628035","sha1":"a59ae1d58d86daa8759832a3475be3c1c26960e1","sha256":"1e856b3a04f93a23ec758ad37750f4dcfbde02334fd30358d02d5d4db3052bf2","sha512":"108c4270a63d0b99409a1102272e0c3a79200cf79663d9a6bfa999d9a978ee7233c06e89adcb5937c869e81ee70bc4e71106e8c644c9fd9303081dbe052a7dee","ssdeep":"384:5wjcwLP1szEliwu0gcAHKnawvrKNDggVRrw5x0jsE93nT9um:5wj7SKu0KK/v+FNrwDcTJnTr","tlshash":"a982dfac152fdd52fb37423dc5cd4ea4df8286f5e564e49008ab637f298201a3ba2173","first_seen":"2025-04-24T11:01:06.876956Z","last_seen":"2026-05-20T20:14:53.185661Z","times_seen":4707,"resource_available":false,"data":null}},"time_used":365,"timings":{"blocked":172,"dns":3,"connect":15,"send":0,"wait":20,"receive":1,"ssl":151},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bundle.run/buffer@6.0.3","fqdn":"bundle.run","domain":"bundle.run","tld":"run"},"ip":{"addr":"172.67.158.51","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bundle.run","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 11:03:58 GMT","end":"Wed, 05 Aug 2026 12:03:56 GMT"},"fingerprint":{"sha1":"2E:F5:B2:A9:58:38:88:9C:61:94:86:22:0A:38:9B:42:31:EE:8B:CC","sha256":"31:35:58:86:53:1A:E7:7E:41:F2:D2:3E:C6:69:CB:D4:CF:EB:E5:08:34:67:8F:37:AA:31:1E:71:6F:55:8A:27"}}},"request":{"raw":"GET /buffer@6.0.3 HTTP/1.1\r\nHost: bundle.run\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 9feb7862bfd6723c-OSL\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\nage: 545537\r\ncache-control: public, max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kvOovzgiZdg3kM8Mjn6LMddmrFo0CNiHRJV94Uj4UbYBRMz1HGJQyJXoWTd%2BjPskvaE8TzRXsErjT3BncxR8BIxO4MpQyA1JiJNllg%2FO1SVgFsdAxoEgUWifAefQ\"}]}\r\nserver: cloudflare\r\nstrict-transport-security: max-age=15552000; preload\r\nvary: Accept-Encoding\r\naccess-control-request-method: GET\r\ncf-request-id: 069622af4e00000d3e611eb000000001\r\nexpect-ct: max-age=604800, report-uri=\"https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct\"\r\nx-content-type-options: nosniff\r\nx-powered-by: github.com/rich-harris/packd\r\nx-status: 200\r\nx-via: packd/cache\r\netag: W/\"c668-naiUT8ciFmhQElvei6IydCLV02Q\"\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":50792,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50792), with no line terminators","md5":"4fff045b5dcb9991b68523eca940454c","sha1":"9da8944fc722166850125bde8ba2327422d5d364","sha256":"989fc3d36b4371b766b753dde670c8e845839af168e4b3985803fb006c42136d","sha512":"0bb9794242b92a4fcc9f477ef01d1b8d72b3de6ee1e69ad5f23d2d2e2e50d27df0e812f4a79516cb489423216cbe1d50dcc43e1301c3fe6ffa39100befb022cf","ssdeep":"768:XPymN5oPW0hEfVd+esmqrnVlVIT9H8D7OExxWAlnPQBfwBuWAzMkfc2YekFfHy3K:/yU+W04bLqrnKGXnadzfT93rCb7d","tlshash":"28339294b691b02a07937191046b544bf1b8ed68b48c18a8f360e4f728f99ded4bff74","first_seen":"2023-03-13T00:24:33Z","last_seen":"2026-05-20T12:51:37.594317Z","times_seen":92,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":8,"connect":2,"send":0,"wait":18,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/1-m.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/1-m.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4706\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-1262\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":4706,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f9b0962a7fa2c8164852fbea1da77148","sha1":"ee394fc21ea28daebba7d644c1c4e0a998fd628b","sha256":"e53334f151adb5d77b3cec2a0b84d03f0064a7fefc670b281458bce5f97aa922","sha512":"fc617d24a20216932ef0d6b72f65a6fb09abe3c0ece4650699c833ca4ccfea9f46c87f0b06071927cfc9d7d88514aef6379ee0517bae95df6ee8367d55b77434","ssdeep":"96:bHnB1nW2iAiNzT/cA0IQSOwtfHzDvQlog9Mf8iiVuSSK:bTYzT/cjrSOSzTQlogSf8iiVZSK","tlshash":"1ba120d57b3dc2a46b58f5bf6611b078ba429dd8924285e443a03d1ed9cec08cee8cd7","first_seen":"2025-09-11T16:31:23.647625Z","last_seen":"2026-05-20T12:51:37.594856Z","times_seen":3,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/tokens/xrp.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/tokens/xrp.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 7004\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-1b5c\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7004,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"9d1111b25ea6f4c7f7a8d67720134550","sha1":"d0f9e7430a8e9030be6fe45d0b903359cd347d06","sha256":"11110d0ef1946d0c2eb9c140631daabbda798a09c9bb9d70875d5773a987848f","sha512":"7aeee0ef24b408045729bbefb99ffc12ff2d83c74ea4a11cf4a4aedcaf10d53c7e16a5da5c93b1c52b07e02216e732384a2c13ad1280a13ee9150cc1de5aed23","ssdeep":"192:U3VvZbGPtG/7UUVUhZj5eXPFJq9BquAI9BXK2EAd:GGP3UVEEYqVqB62D","tlshash":"a0e1ade8820fdc3f77eb0bb0c75d6b1c614263b43bafa64d2bb5262a959b4180b044d1","first_seen":"2023-05-04T02:59:55Z","last_seen":"2026-05-20T12:51:37.596311Z","times_seen":264,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/tokens/usdt-bsc.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/tokens/usdt-bsc.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 21909\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-5595\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":21909,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced","md5":"88d6fe2e9f01143ea7e308af24c16a34","sha1":"8c350b8219206aab258d026b822da994b0c1a752","sha256":"1c2ecfc8c08a821a4839f2ae0df1d8796a8df233939b537b4e26514fa4f91196","sha512":"a44a19c6bc1974304723b8ac921b711c6c49ef42f95f75db0c1c6c0b8bf22fe066eefbf7dab05625525a53e439f39f1463a85baa22d32dc0f6f237fabd87de55","ssdeep":"384:klNl53tEgE8yQ+4qH4arOcw7KvD8+5M+VVAFDAmY48TPdLFYG/olwubBL:oNlEf8R+tYf7KvD8+5Msa9uDsvbx","tlshash":"d1a2e109616fb913b04fd01b8f6c449a7c253900872df01674a7747aa82fc17fd32728","first_seen":"2023-05-02T10:51:38Z","last_seen":"2026-05-20T12:51:37.597537Z","times_seen":652,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/landing/partner/discord.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/landing/partner/discord.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1294\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-50e\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1294,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"31efb6e49eae87d7805f37a76a739436","sha1":"7fe7e80b0a118c6161a4bb3884310bb570a46223","sha256":"eeadbc0ddf332a4bed1edc8441f51b28ef1e1cd29cff006db078e28c5aca4244","sha512":"bc48612211225ee740179b876a96c6cd18f2d94f8ad7f93ec703fc1edcd6f7840e1586ea55c6fc0ff02151006bef223846944d1db2a1796c6c3c7c49a2982900","ssdeep":"","tlshash":"6a218bd7159c408c18aab70c5f2fd94d331f74bb70559ac5fe4e67957543a51e90f800","first_seen":"2026-05-20T12:51:37.598049Z","last_seen":"2026-05-20T12:51:37.598049Z","times_seen":1,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/landing/partner/blog.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/landing/partner/blog.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 247\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"f7-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":247,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ea4a042dd7bb1d4cdb9193d5f87f5779","sha1":"8b93e6ef06ad4867d8bd91285a7e66461a88f24a","sha256":"79ff97b1a241f5a3da46708935337493c213fdca04f87ff0868b8bb3bbcfb479","sha512":"4e64fdca96a397990802e1eca1a8414fa37d2746b2afbe5f359882452cde8996e63dc7d36b9fa46a63d9a57a901de96b3e7dc27b21b401b265743f9be200526c","ssdeep":"","tlshash":"73d0a5d6d2544408d491d71147941454517f718f594b1459f7d019c7523c9873ded51d","first_seen":"2026-05-20T12:51:37.598843Z","last_seen":"2026-05-20T12:51:37.598843Z","times_seen":1,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/css/inline-opt.css","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/css/inline-opt.css HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: text/css\r\ncontent-length: 302\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:31:26 GMT\r\netag: \"211-651da64324380-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":529,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"04a683f0c651793baae30236541c7427","sha1":"0d0af0016b123128cb9a89edae15d0fff1169763","sha256":"4b7b47c402039f68e050e0191dcf53ce44e5ba6157c4dfd5662ba21454b5e9e2","sha512":"934d01d03144c9b22f3902c7546641a7203d7cae468df2d654d1d5331c3b20a901b03a9b5e972f9b2c63e100c41a54756e48f341f8475b0d9056f8c16794fccb","ssdeep":"","tlshash":"86f05011d6496540f82bb5e376b197d65230c20b1a228ddad3e02425e7477ad1a5076d","first_seen":"2026-05-20T12:51:37.59974Z","last_seen":"2026-05-20T12:51:37.59974Z","times_seen":1,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/42161.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/42161.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2218\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-8aa\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":2218,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b5393a1c9982e9aeee37fecab444ac6c","sha1":"e988373deffbbd0d0ffe99cf16979d92229b3faf","sha256":"314e4ba8eb5d84f3887dbf509ea5f9e2a65aeb3c20464124ea70ec19d873bd44","sha512":"acd7ecca7f15b368358257a5c6526b34767f91e193c6ac2a9d13abcb5ee46717482c0cb3a71ee760d433a5b023f345bdaa7dabbfceb93cbbb35c41c1f5f45411","ssdeep":"","tlshash":"5041435df3b492d9e40d9768d22640213dc76cb82a45e75d5fd12a2bec5680d08eaccf","first_seen":"2025-04-15T18:32:02.795922Z","last_seen":"2026-05-20T12:51:37.600481Z","times_seen":94,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/aptos-m.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/aptos-m.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 5380\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-1504\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5380,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a63a69904a18065283d1f97ed9d9e971","sha1":"313fc02932c62e48cb8910b7149b5fcf618e8abc","sha256":"f5dabd1cf075fdd09e916251d657ccdc8c4bf042fdb3d14a181a226d7997c913","sha512":"9e2aa88ec914d74253609dabc396cde7295f311c4050a8f6baddaee87f89a6a25b4213e68eabf3ce585d033cfbb7e84f0517b75939a9110c9f437323f8d73101","ssdeep":"96:HKzmpzLe+aXeBGtaYjW5PUYv6JH2xhyimVe7bCHE3oBIlVS5VLkcEG:emlewGQYi8YvIH2Hyi0e7OHE4BMVelkg","tlshash":"18b16256b77ce1b0fa04d3be535728b43a96bd92571388a043d58c6ce84d81cc9d48e7","first_seen":"2025-09-11T16:31:23.757227Z","last_seen":"2026-05-20T12:51:37.601022Z","times_seen":3,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":233,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/solana-m.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/solana-m.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4357\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-1105\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":4357,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b0596153d3a1f32d4be8d0424ff3e101","sha1":"070cdd0d86e634d72805a726d042e0f3a76fc194","sha256":"71b873c33d80e32c8b85d2ef93285dce56c3b2b4b34f3bc26fc3e2f656234fd7","sha512":"af7e740ed1611600715f85be45b025d652571f13ccbf30e5574f2db0826f99911939bc30b8c551fd4b269b67a1b5e0b9565a23361646a2d02d782f9e6102407a","ssdeep":"96:NagOAfEx1yWlJLWjI7DdzrAquonSnSu9ELQu:XfEx177DpMDonSSE2","tlshash":"069187c39210d3aecdd8d81deb619890414f60eeec76da919aaf973c181f992f61c5d0","first_seen":"2026-05-20T12:51:37.602058Z","last_seen":"2026-05-20T12:51:37.602058Z","times_seen":1,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/css/main.css","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/css/main.css HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 15 May 2026 12:31:26 GMT\r\netag: W/\"6a07121e-6270c\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":403212,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14213)","md5":"247d9441f7ba9b37bd0a810eed7adba7","sha1":"67f8d58ac27858f3f2829ee4006d43dfec0afc55","sha256":"440455556f8d076953d8d2295f4b7fdb818c76b20cb5d6d4f26ad7d8668f1547","sha512":"cd0faf079d72a768613d81e44f7b5e55370d1b30ebb1c1ee8ec94643c6ff97344d8d466aee9c62462a45c63259c707d28590bd8af0fdffbed640b369642dc890","ssdeep":"3072:/Cgy8y3XeBxXt154BbcZMhqmk7JeJSyWdkfcvHXiQ:/CgtmXeBxX54BbcSq11iSyWdkfcv3iQ","tlshash":"2b845b22a520bcba7d33f3785e5885986f657e80bd401bfaba7465d1c3842ff149ac4c","first_seen":"2026-05-20T12:51:37.603322Z","last_seen":"2026-05-20T12:51:37.603322Z","times_seen":1,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/59144.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/59144.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 482\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"1e2-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":482,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8fb614015345ca4d88e22b02e03dc7f6","sha1":"7f6b0fa0c89d724cf49a29b6e389cf01b4e2e530","sha256":"69181158a3375c2dac2073f5ccc5f0675106904eb27ed4fff6d4e0eceebe4283","sha512":"4a1ad758b071ee2838d10f5b7c1014675babf1a90260b1e7db1cab8e54aa34f1f2a258fca4652c217a18a172a6b535fbc00cceb5f4ace97a504b700da78dade3","ssdeep":"","tlshash":"99f02ed7935f5d00e418e39482f560ee70f359c1b5544b70efc07907645655f2813aee","first_seen":"2025-04-15T18:32:02.808521Z","last_seen":"2026-05-20T12:51:37.604412Z","times_seen":94,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/59144-m.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/59144-m.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2786\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-ae2\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":2786,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fa2eeccd2fc3b15f0607c3efe07cbfc3","sha1":"fd107c805f9d7a5d0703d1c7aa1841847ead8247","sha256":"ee0932885f682f12c2624fc38d564b9fb84c1f8a8af3658c498ebb342d2707a0","sha512":"ab60f84075a9628f2dced720a79d6265aedcfdb51fe3fc437a6ae9e9cea78188277eb600393042b3e8ebaa8d44365fa54a6827c43bd5f1eb0f5d16461aeeabb0","ssdeep":"","tlshash":"1d5120716362c218b9846dff2227b8797d91aed19503849112d89c37f9d9888cff48eb","first_seen":"2025-09-11T16:31:23.797979Z","last_seen":"2026-05-20T12:51:37.605296Z","times_seen":3,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/8453.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/8453.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1062\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-426\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1062,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"17fa4accf7faa6d3245d83879445fb89","sha1":"cc43047228c9e5e283b5001b11989243087a0793","sha256":"8ab7845c2ad268a34e1071369c87b6efd5de248af48a5716855a7e2ac84a7923","sha512":"b0ca0a5912b85c7e9dc39873cbd84249f46ec8a48ba0483a13de0d2a1f58f7a2cedc55a8c230a38c3d3b1f6476c967564ee83aa5d4f683f38bbe5f8192013a69","ssdeep":"","tlshash":"98110ef0229cd0bc0202ef81e37a50bcf0c6ad2c6b954118f3e48a4e903d45389de78d","first_seen":"2026-02-18T12:25:10.614608Z","last_seen":"2026-05-20T12:51:37.576631Z","times_seen":26,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/chains/svg/aptos.svg","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/chains/svg/aptos.svg HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2130\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-852\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2130,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"aa4707ea2b5ebcca848b3ac26e5dc31d","sha1":"d8c248230905a99be5e28380187e277066b8f3b3","sha256":"418b644e47d7a312c82b6fc0c6bc58e7f61cf17172764eefe7781bf0d438424d","sha512":"5051bfdc0c9fad2d7779147eff8d2225a64d158563c9424044f1ca28692b57fdf4199945485fe751a98c5204230b8887d46b1841cbb4dfa8ecc716eef24a1d2d","ssdeep":"","tlshash":"694162a5e3faa2d8e405f3b44365a87420631dfb2507ca188bfe0992ea0604d5598ce3","first_seen":"2025-04-15T18:32:02.804784Z","last_seen":"2026-05-20T12:51:37.606339Z","times_seen":94,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/tokens/btcb.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/tokens/btcb.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 10052\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"6a07129c-2744\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10052,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced","md5":"928e7f5fe18005c089c6cb2d916965f6","sha1":"86b878970a0250b69e9448d589c228cafdca6de2","sha256":"399db0d1a345a93ac30570029397cc59d7bfa7d0afc62651d881b35708394bdf","sha512":"65d3c1020757e25e0db30ce8db58f7e736406b796099d9f0ecc201a1a694c9c3bac2178d4d268f68a9dfe092834df992f21b893561838385e3f319bdf260a91d","ssdeep":"192:DfLSbHdkxcrsAj72SAdVnyl7M0kallwZtjseKOEPaH8tXchQdwsXdcHmx1NZ:DTSDOxcrsAj7xMVnQBkallwZt3oPZc3K","tlshash":"c722c098fddbd2e84013fa6796e25321da11ea8b01bd28fdd10a4de659f3cd2422706c","first_seen":"2025-04-15T18:32:02.8166Z","last_seen":"2026-05-20T12:51:37.606884Z","times_seen":98,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/pcs/web/onramp/currencies/hkd.png","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/pcs/web/onramp/currencies/hkd.png HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 804\r\nx-accel-version: 0.01\r\nlast-modified: Fri, 15 May 2026 12:33:32 GMT\r\netag: \"324-651da6bb4df00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":804,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit colormap, non-interlaced","md5":"34c42dda70c501e7f3d16a2540a0cddd","sha1":"82d1bd99fa9801ac9bdad2e6aadb378bce12a560","sha256":"3342bd9ba2e6c9afaa1f1e410aa69bf66d917581a716af28beb5ae5cba394964","sha512":"9ed30745097876c92a1889530598836efa4d549e9a543a7f334fefa3375380a89464395a090361d19128e877135899a65aa275677af9b176c014a8e6984b83dc","ssdeep":"","tlshash":"3d0186858946656b84694a6bc45b45e07d326af234a5b612d9828c263c2f008c842e53","first_seen":"2025-04-15T18:32:02.805538Z","last_seen":"2026-05-20T12:51:37.607459Z","times_seen":94,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"awtairdrop.click/assets/js/wallet.bundle.js?v=1779281459","fqdn":"awtairdrop.click","domain":"awtairdrop.click","tld":"click"},"ip":{"addr":"68.183.211.249","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://awtairdrop.click/","date":"2026-05-20T12:50:59.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"awtairdrop.click","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:39:34 GMT","end":"Mon, 10 Aug 2026 11:39:33 GMT"},"fingerprint":{"sha1":"EC:CC:09:BC:FF:42:AE:B0:1B:2B:CE:F2:EE:BD:28:D7:55:EA:2B:7C","sha256":"43:A1:56:43:B6:93:25:37:4C:AB:C6:21:54:AA:E5:4A:2F:01:1D:AC:42:26:8C:0B:12:13:E4:09:08:9D:7C:33"}}},"request":{"raw":"GET /assets/js/wallet.bundle.js?v=1779281459 HTTP/1.1\r\nHost: awtairdrop.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://awtairdrop.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 20 May 2026 12:50:59 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Fri, 15 May 2026 12:31:26 GMT\r\netag: W/\"6a07121e-a207f\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":663679,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (24388)","md5":"efdd50b9f4a969377f4bec16d1db5568","sha1":"72b69354f136492e2a931d8ce4be86cac2266567","sha256":"d4c0716c3e22744e863cd02619e646de6ab4d7367f57f3e10138f54fab841ad5","sha512":"059981590fabc6ba5d534403c5e2236c8b584a65e4a7d95e34c61bb4e6b4c421ee778c0b55838fd096ea5c73ccf3b9e780e5f955c60021b3aafdb1a3a8d35245","ssdeep":"12288:kO4wr9CwhFW9vW8Hd1RycJMVIT90yvRkaHgM:kO4woW8HTwcu9yvRkaHx","tlshash":"14e45c9473b5b076439f91a9943b0102f339ec64601d402cfba8edef799498896bbf74","first_seen":"2026-05-20T12:51:37.607978Z","last_seen":"2026-05-20T12:51:37.607978Z","times_seen":1,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-20","alert":"Phishing Block","trigger":"awtairdrop.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-20","alert":"Sinkholed","trigger":"awtairdrop.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}