{"report_id":"08fcd893-d6d6-4f7b-a3b9-184c48e5d579","version":6,"status":"done","tags":[],"date":"2026-04-10T22:59:29Z","url":{"schema":"http","addr":"events-elephant.fun","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"events-elephant.fun/","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"title":"The Ghost Elephant | Airdrop","dom":{"size":27708,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (25698)","md5":"2b416dfd94774f0fbb12c21b2a23cd91","sha1":"c6ff5cddcfba12565f232b5ae0619f7cb6e2967b","sha256":"5e4aca274dddbd89a63f34a606173570d39fabe75e0b54c1ce47843c9f3152f2","sha512":"7b698cf960c0902f46ea07391ea666460deb2f59e86a3241af1b4031d037374269b93ce6fc845d574cf18a54e30c1be757b2587a4caf062990ba4d74c0ee073e","ssdeep":"768:8EzQH2L0r82It4uSRhKut5NFgl+FU+xHyvfSDIJPJWf3b8fzwZPROHXL0hDgmwcn:9zqyrYLWZ7JsZ0U","tlshash":"7bc24251f950993f3a0ba2ff4ac5de5d725130168863bb4db2f480c2e68beb35db5818","dom_hash":"domhash0d7296c25004807326d93a4aa37677bc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"events-elephant.fun","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-15T22:59:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"events-elephant.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-05T22:16:34.770209Z","alert_count":0,"request_count":8,"received_data":164024,"sent_data":4320,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-05T22:20:18.514512Z","alert_count":0,"request_count":2,"received_data":22180,"sent_data":962,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"events-elephant.fun","ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":8,"request_count":8,"received_data":647853,"sent_data":3602,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]}]},{"fqdn":"balance-snort.fontmaxplugin.cc","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-11-02","domain_rank":0,"first_seen":"2026-02-14T17:20:49.722499Z","last_seen":"2026-02-14T17:20:49.722499Z","alert_count":56,"request_count":14,"received_data":947772,"sent_data":6959,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"lite-api.jup.ag","ip":{"addr":"52.84.50.12","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-09-15","domain_rank":1536175,"first_seen":"2025-06-01T22:48:15.859785Z","last_seen":"2026-04-08T12:11:30.750303Z","alert_count":0,"request_count":1,"received_data":883,"sent_data":498,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"events-elephant.fun/script-pjmzu.js","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"30f42ad1c5a09e6e3681c776eb8e0dde","sha1":"81bef8c25af302b8820f50322eeeac9d257786a6","sha256":"eb6f03dd44943280decfda66a6ab48dbcbc332763b1f95ddf86b13b28fc49f04","sha512":"8ad5892414bfc1c2d2c0452ec18ba3acd00f6f83cd48595f2f3b1b04022f0cb561660f1180c090af79b715ebb672b9f5f8a55da4882e1ca6b793bd841329fd2d","ssdeep":"","tlshash":"6f0161794420fd30c5be14d796b8e39669a94095f6104152a32d4cc1384386b597dfef","size":767,"data":"","first_seen":"2026-04-10T22:59:36.579268Z","last_seen":"2026-04-10T23:01:14.093934Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"events-elephant.fun/","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f7dd0896103360787b9cd554a8f6296b","sha1":"5e8fc7a5e1f128667e6e2964341bdd403a5ef52c","sha256":"3dd77ef233f08cea8ace4330e0da09967c8e41fc2b17569babeebb4bc6775765","sha512":"a1ca305b2711d102fcfd89935b2af7c056fb0ef7f544bd5ae5eaa72a2f117b05e0044bf410bae4351c57386ddd37564a9c8b5a43f053c43b515668bbc0a2f62c","ssdeep":"","tlshash":"ecc0803017758303771414b35b6735993523517b476401513737cd04777551782d4fcd","size":189,"data":"","first_seen":"2026-04-10T22:59:36.585872Z","last_seen":"2026-04-10T23:01:14.114313Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"events-elephant.fun/","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"d64f4a45cbab9edc6c232f134bdd5d09","sha1":"73eceb543529820390e1d82f794075d0d3111dff","sha256":"995de1cbdb64097bdff3f8a98178d8dc1317554807544567a27540577ac95386","sha512":"41a8caa7399d0ab0723408a4707bfe27e7e08ad3af06c50e414e04e024816e5e96dced3bd56871e01cbaeaeabe727d5e855680d8da4ee7eb6c960634bd1433fb","ssdeep":"12288:UKRgIFKLDtC7MC6Wsa71h7gvNKoz/PonlYDMiBJ:UcILDtC7MC6WsaL7g/MnlYDMiBJ","tlshash":"7515c46d3378f012668d40ec3f9288c864cd55e2dbce07fbab945445d5e0a9fb16aee0","size":904819,"data":"","first_seen":"2026-04-06T06:20:41.306246Z","last_seen":"2026-04-11T13:22:19.544716Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/_nuxt/assets/index.js","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bba55ee9e6c11d91b559560005b6022a","sha1":"3f3b0059602bbcb7246776e9a52c07c6849f22df","sha256":"a7541b9c95b6917fbf7fbcf87dfd868474d7b44fb283c9468e7d51a46ce06c95","sha512":"a977e42795a8a56360b4babd433e5b3c14e2bd8ca6e54942c773410e1528b33b0208103ce11aefead9f3314bbcb03679eeb0811efce9351ec2d88fb044bb023a","ssdeep":"12288:7qxo8hUvftg7EboGcu1JfHn1jgTRboQ+RClsIlr7gJji05//4j/YWY5hSxAXy6:7kOvftg7EsAOsIh7gL2j/YWAXb","tlshash":"1415c7af3378f052259868ec2fa19c7854ca65d2ebce03fb63469c44d0e05afb355e91","size":935675,"data":"","first_seen":"2026-04-06T06:20:41.293589Z","last_seen":"2026-04-11T13:22:19.527901Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 08:25:54 GMT\r\nexpires: Fri, 09 Apr 2027 08:25:54 GMT\r\ncache-control: public, max-age=31536000\r\nage: 138794\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-04-11T16:16:06.212246Z","times_seen":16870,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":207,"dns":0,"connect":20,"send":0,"wait":8,"receive":2,"ssl":160},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:52 GMT","end":"Mon, 15 Jun 2026 08:38:51 GMT"},"fingerprint":{"sha1":"10:68:A1:B6:6F:BE:E8:57:8D:53:84:02:27:8F:E5:B8:83:ED:F1:68","sha256":"19:3A:7C:96:C1:4A:DD:40:D8:24:D5:6C:D9:2F:3F:74:1E:19:64:E6:F9:D4:88:68:56:D5:DC:1D:17:B6:21:BC"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-elephant.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 10 Apr 2026 22:59:08 GMT\r\ndate: Fri, 10 Apr 2026 22:59:08 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-04-11T16:14:59.437776Z","times_seen":20561,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"events-elephant.fun/tmphi3ajvy9.png","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:09.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-elephant.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 21:51:02 GMT","end":"Thu, 09 Jul 2026 22:49:17 GMT"},"fingerprint":{"sha1":"FA:EB:61:64:09:9C:48:B6:3E:2D:A4:B7:CA:98:52:C9:B5:5F:F1:19","sha256":"3A:65:6D:0B:5E:E8:81:1E:94:63:EE:0F:BA:A5:4F:62:5F:B1:F8:45:26:DA:03:53:B8:B1:1A:A5:2F:D0:E7:52"}}},"request":{"raw":"GET /tmphi3ajvy9.png HTTP/1.1\r\nHost: events-elephant.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-elephant.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Apr 2026 22:59:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 81692\r\ncast-mode: default\r\nlast-modified: Tue, 10 Feb 2026 19:34:40 GMT\r\netag: \"698b8850-13f1c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gci10U68RRYsTkAfrhDar0hOqX4NLnQKLovldl9gRiQMPHfkd%2BQUSDiw3M4XaJeAJfkDGn2NFXCwulJXllEUBMMXo%2B6ikVa4Xf1D38YV9kI0hX0ec%2B0%2B64wzU2%2FPVtAxtF1a0CfL\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9ea55c403917b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":81692,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 721x719, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"961cb04c3577b49861109478acc83d9b","sha1":"94e7fd03ad6c3e312ce1a7ce09f67ced91a2efe7","sha256":"fd882d7ee44206bbd2b19ecbb35dcd16f67bddcc7b24d44ffeda345e8a62b61d","sha512":"0a8708075b3be6b1a8c1966334627dc05f1d629f576e54fe9eab75a407ed663b6a1d7903d5cda2b6359a428f88819a20517190ddf26acf90e4f4813663967f1b","ssdeep":"1536:z38pqpMQoCz+zqnilKHSaLL6xn2xsBVvlVC9TpYPJx2kFrYW2OmGvbQ0X1j55p8:z38pwVdDilQjCxn2xMz2AJxt/2OmIQ00","tlshash":"9b830290761e7b4fa24aa03c3f28599027f9b081d588177d2cc58e193cfdebb2e29745","first_seen":"2026-04-10T22:59:36.554584Z","last_seen":"2026-04-10T23:01:14.108574Z","times_seen":2,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"events-elephant.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/config","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:15.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\ndate: Fri, 10 Apr 2026 22:59:15 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IZP4g93mCNEVVJBIoi9DMNoyy2j7N%2FticKSCgPPhytzWBf3MwOLoe02rP00ekrgMPmMJ2cLZdhzxu7yLby6nP091OkYJU2vXhLlZ0xmMFlQnTKG0VB8PgOtF0T3Ow%2FmMrsjbWyM6nTlfqDPdVShs8AM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea55c64ea2fb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/config","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:19.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\ndate: Fri, 10 Apr 2026 22:59:19 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4jzMi4i9jL8sek%2Fl6PdBSgYdQ5nCi3iHeLfhKkiRgd7Po7%2F3rCGGAS8wC1IJZdwVVeEdaQHeuoZTvCfDq%2F64jsqFGdSPfNJVo8cBU7npQ69EqnZbels4uW5a%2B0XYMz8ddk%2B6BddU%2BKaJrvyEXoyPjBk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea55c7e7bc2b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/config","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:11.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\ndate: Fri, 10 Apr 2026 22:59:11 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EOAsFMK9kkaDe4CE4WtuEkRuQb6TsrMxDxWU0P%2FPzld%2Bs4XhXB2mHGMdPbtTFfkLS7TjRPQMoGclASCHZN6dzsj47sKUwrTEofOcAwimHTjJfipKPUtmFdJg7scjrkPHy9%2F70I1ksf8z0XW%2FhgdbGoI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea55c4a5ecab4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 08:25:54 GMT\r\nexpires: Fri, 09 Apr 2027 08:25:54 GMT\r\ncache-control: public, max-age=31536000\r\nage: 138794\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-04-11T16:16:06.212246Z","times_seen":16870,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":172,"dns":1,"connect":23,"send":0,"wait":8,"receive":1,"ssl":147},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"events-elephant.fun/style-yo0wf.css","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-elephant.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 21:51:02 GMT","end":"Thu, 09 Jul 2026 22:49:17 GMT"},"fingerprint":{"sha1":"FA:EB:61:64:09:9C:48:B6:3E:2D:A4:B7:CA:98:52:C9:B5:5F:F1:19","sha256":"3A:65:6D:0B:5E:E8:81:1E:94:63:EE:0F:BA:A5:4F:62:5F:B1:F8:45:26:DA:03:53:B8:B1:1A:A5:2F:D0:E7:52"}}},"request":{"raw":"GET /style-yo0wf.css HTTP/1.1\r\nHost: events-elephant.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-elephant.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Apr 2026 22:59:08 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Tue, 10 Feb 2026 19:34:40 GMT\r\netag: W/\"698b8850-3960\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nfOSFJllTPfpa8jhyjVDBdV9nVDShgaMKvuubzMXqbh6VSSeOdk9BoG0mpKrFR9t3wvIIt4FQGMXeBuHQ%2Fa%2Bk2hGM0EI1gGfjk12F18d5W6BLQijWKD%2FBWOOq3D549eXBMR%2BYO0u\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ea55c38b882b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14688,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"1bcf34f925b7dc0314ef41bcafdead3a","sha1":"072080224866106931b3028ab65f54859ccf5700","sha256":"6da2ac6b638b0b5a207d77543532b863ae4f354d25cb2072d2dc0ff1323cbc50","sha512":"e5caa8fac90bdc7bd114ff5b126b02cc1b0349b0eb06c287fdf559433516613bc4427b72d496086d81524a772d9e09d373a72173f0c85465f2ca21f69157df12","ssdeep":"96:MmKjAWeTDOW1hR6O+wbxj1CHrjGZ0okxCZNBJi0BbST1eZkJHaelYtVtU:X/WeTH6lqWoqCxj2JHaelYtVtU","tlshash":"916210079b805545b31fa4946fe4478ba72ea4239e8e4dffa047346c52ca1d522f2fce","first_seen":"2026-04-10T22:59:36.559096Z","last_seen":"2026-04-10T23:01:14.110165Z","times_seen":2,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"events-elephant.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events-elephant.fun/tmphi3ajvy9.png","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-elephant.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 21:51:02 GMT","end":"Thu, 09 Jul 2026 22:49:17 GMT"},"fingerprint":{"sha1":"FA:EB:61:64:09:9C:48:B6:3E:2D:A4:B7:CA:98:52:C9:B5:5F:F1:19","sha256":"3A:65:6D:0B:5E:E8:81:1E:94:63:EE:0F:BA:A5:4F:62:5F:B1:F8:45:26:DA:03:53:B8:B1:1A:A5:2F:D0:E7:52"}}},"request":{"raw":"GET /tmphi3ajvy9.png HTTP/1.1\r\nHost: events-elephant.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-elephant.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Apr 2026 22:59:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 81692\r\ncast-mode: default\r\nlast-modified: Tue, 10 Feb 2026 19:34:40 GMT\r\netag: \"698b8850-13f1c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y50FkxSNvcUoceDMzkKKFtlWC4ROwOnBk9tuPu5jpTxrlCF2yBQJLHohQ0iiInBRbwICAJaYWNiRFYR97QDWyvbGovfrhQp98HlRuqtdUjaDkAMhpyhRY%2BZYiYpNPlEfDKQPnwwC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9ea55c38b884b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":81692,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 721x719, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"961cb04c3577b49861109478acc83d9b","sha1":"94e7fd03ad6c3e312ce1a7ce09f67ced91a2efe7","sha256":"fd882d7ee44206bbd2b19ecbb35dcd16f67bddcc7b24d44ffeda345e8a62b61d","sha512":"0a8708075b3be6b1a8c1966334627dc05f1d629f576e54fe9eab75a407ed663b6a1d7903d5cda2b6359a428f88819a20517190ddf26acf90e4f4813663967f1b","ssdeep":"1536:z38pqpMQoCz+zqnilKHSaLL6xn2xsBVvlVC9TpYPJx2kFrYW2OmGvbQ0X1j55p8:z38pwVdDilQjCxn2xMz2AJxt/2OmIQ00","tlshash":"9b830290761e7b4fa24aa03c3f28599027f9b081d588177d2cc58e193cfdebb2e29745","first_seen":"2026-04-10T22:59:36.554584Z","last_seen":"2026-04-10T23:01:14.108574Z","times_seen":2,"resource_available":false,"data":null}},"time_used":365,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"events-elephant.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 08:25:54 GMT\r\nexpires: Fri, 09 Apr 2027 08:25:54 GMT\r\ncache-control: public, max-age=31536000\r\nage: 138794\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-04-11T16:16:06.212246Z","times_seen":16870,"resource_available":false,"data":null}},"time_used":456,"timings":{"blocked":225,"dns":23,"connect":22,"send":0,"wait":8,"receive":2,"ssl":173},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 02:09:20 GMT\r\nexpires: Sun, 04 Apr 2027 02:09:20 GMT\r\ncache-control: public, max-age=31536000\r\nage: 593388\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14500,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-04-11T02:11:07.872023Z","times_seen":2187,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":78,"dns":1,"connect":23,"send":0,"wait":16,"receive":2,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"events-elephant.fun/images/bg.webp","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-elephant.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 21:51:02 GMT","end":"Thu, 09 Jul 2026 22:49:17 GMT"},"fingerprint":{"sha1":"FA:EB:61:64:09:9C:48:B6:3E:2D:A4:B7:CA:98:52:C9:B5:5F:F1:19","sha256":"3A:65:6D:0B:5E:E8:81:1E:94:63:EE:0F:BA:A5:4F:62:5F:B1:F8:45:26:DA:03:53:B8:B1:1A:A5:2F:D0:E7:52"}}},"request":{"raw":"GET /images/bg.webp HTTP/1.1\r\nHost: events-elephant.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-elephant.fun/style-yo0wf.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Apr 2026 22:59:08 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 10 Feb 2026 19:34:40 GMT\r\netag: W/\"698b8850-28326\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qq8U20XQjGbQ3FehCHd2hSTkSQI7fi4uuWfTjAu0%2FalkhyXTG1rxP7JCZGIWj2Rya8D5W4eSyVpExCAgSu6nfFKE7ZLyWSXxvGDIcU2paWHU0U452UxEDXfuGlQjnKakKwrQy0Ia\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ea55c3a68a5b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":164646,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1921x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"46dd02910f49a7ecbba6f6168eb22d0d","sha1":"57f0fc4a35eb3a47d6fa13888168fb6460d602b4","sha256":"af74c9ae9c22242d8b07e2c2cf5c9e6a666193eab7121c155a400b0d968b942f","sha512":"219b34708685c2465ee9752cb3607000eb98d89eb95a8233346c758948d2c26501585045fda8931ed349edb3b0682f9b19cd3b02bbcababc3777070a400b568f","ssdeep":"3072:fcX94duQJktG/8kEmOmiT4U6ltPNG8W0gJh7vHt0g1qvp3v:flPkA/8sOX8ltPNGok1/Sg1qBf","tlshash":"41f312edc635353886a627ac4b473b0a22dd924b77cb99c43339d425abca11a0fc3757","first_seen":"2026-04-10T22:59:36.562755Z","last_seen":"2026-04-10T23:01:14.105524Z","times_seen":2,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":229,"receive":115,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"events-elephant.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 02:09:20 GMT\r\nexpires: Sun, 04 Apr 2027 02:09:20 GMT\r\ncache-control: public, max-age=31536000\r\nage: 593388\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14500,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-04-11T02:11:07.872023Z","times_seen":2187,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":73,"dns":0,"connect":0,"send":0,"wait":14,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lite-api.jup.ag/price/v3?ids=BAfCyAUQhSeYUebeD9kbDSixsSoBmNy78M3KaEaF6rwJ","fqdn":"lite-api.jup.ag","domain":"jup.ag","tld":"ag"},"ip":{"addr":"52.84.50.12","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:09.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lite-api.jup.ag","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Mon, 02 Mar 2026 00:00:00 GMT","end":"Tue, 15 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"0A:3A:FA:40:6C:C0:7E:88:0A:F3:A9:72:66:BF:C9:D6:99:1B:F6:A7","sha256":"2C:4B:20:7C:DA:39:7F:EC:E5:2A:8C:99:7C:69:6A:58:C0:62:51:B7:C7:1A:38:71:DA:BF:B8:3C:D1:B8:AB:DA"}}},"request":{"raw":"GET /price/v3?ids=BAfCyAUQhSeYUebeD9kbDSixsSoBmNy78M3KaEaF6rwJ HTTP/1.1\r\nHost: lite-api.jup.ag\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ndate: Fri, 10 Apr 2026 22:59:09 GMT\r\nserver: cloudflare\r\ncf-ray: 9ea55c411a987130-OSL\r\ncontent-encoding: br\r\naccess-control-allow-origin: https://events-elephant.fun\r\ncache-control: public, max-age=5\r\nvary: Origin, Accept-Encoding\r\naccess-control-allow-credentials: true\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: DxIfno8hzAEjXP-Ai6LgE7eU6VbgA27fGSGH-J-6fkCqebiiTKMUVw==\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":184,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"fb61705740af085b921f4bfbb914a437","sha1":"15d7b19053a8e1e98b220f25bbfca0fba052cf2e","sha256":"52b59aabc20a046e95398042034300f3d1a7481535f5a9d5efb16b66b6336ca0","sha512":"6c5b81e228c7143fad44edba4f69220c1176181d6b49ee6b16ac6785f7740cbbcef3f261cafc9f2b6431b80f10e68c553ac269a097a61bb6c1686c493a6dd4a6","ssdeep":"","tlshash":"81c0c0f11bf3410dc04d50630ce17800e94930fb01cc0dd3d2810f0c010a2c90f0c84e","first_seen":"2026-04-10T22:59:36.565294Z","last_seen":"2026-04-10T23:01:14.111586Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1253,"timings":{"blocked":585,"dns":59,"connect":1,"send":0,"wait":82,"receive":0,"ssl":524},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/config","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:09.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 500 Internal Server Error\r\ndate: Fri, 10 Apr 2026 22:59:09 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BMXQMM33Vrt8eISITwBgGN94S5lYgMYktJAjWRZ5rTBRKvPPrvkyrm267DYvlnP2QvYdryQgm1%2FYQnTFTeilaoEFLu%2Bbd9ZHkOPGAioLihC94jN9LI6qpxUCCoFAWnGG%2Bc0rY1IX88R8tTsTV2S5Oiw%3D\"}]}\r\ncf-ray: 9ea55c3d6b785684-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":219,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/visit?origin=events-elephant.fun","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:09.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"POST /api/visit?origin=events-elephant.fun HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Apr 2026 22:59:09 GMT\r\ncontent-type: text/plain;charset=utf-8\r\ncontent-length: 2\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rb3lvwVMV31aP7hYSDUp8shqQdSgzJby1YncLrqs3UT8UbdQ%2FlKTNmp%2B2srmvoD3txpZKOTXxVnoQpVDSXn8CEUKut8bYjdKIk1xgQPlzwutliJWhCQsqxWyzvROTS4tjbFLshdo5MnrEvVoBOQyZwU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea55c3e0d89b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-04-11T15:57:35.682274Z","times_seen":394170,"resource_available":true,"data":null}},"time_used":250,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/config","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:12.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\ndate: Fri, 10 Apr 2026 22:59:12 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hNh3%2FEK42vgiInxoUeNRdkrqjaS8ukyoPfVx9VNBGAOFjL0vIRlV9zn3c5D7HApbHEEeMylE1npqE2L%2BBpvx6xEtwE7SLMj8hC9sT%2BnVEuzUaL7UI1u%2B%2BQ10TrzN0%2F5eEv0vbJp%2BfKOmEUwMeWckboM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea55c51ab62b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/config","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:13.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\ndate: Fri, 10 Apr 2026 22:59:13 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hQHVxtxU7C%2Bd3jJWpmcptoQCXWC5yj6w1F9AQywBq9CQvsuq2P1zRPnWf8ZbEkVktq%2BvtSPl9PCpCx8sgpovJE9F9cJnSQv8hyFqalrLf5eFtOSBiytECUPpg6OLN8xIe6Z4%2BaA2knFCA0cOF11XjMs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea55c5a7955b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/_nuxt/assets/index.js","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /_nuxt/assets/index.js HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-elephant.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 22:59:08 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sun, 05 Apr 2026 15:00:24 GMT\r\netag: W/\"69d27908-e4c6b\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=300, must-revalidate\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e%2B2Ehhtw9Y9%2BuykS9q2f1II2lAD38aS6tALWyriTBkdqrto7RLgBxgcuAhzW4vDbMKjzGos7VplEzrfNmU6i8VptIrmyONc3JyZvSOxqJvBC7IRxu11w6YVL3ULhwxHbn%2B1b4Qz8LOZ4IBf0GL7%2B19w%3D\"}]}\r\ncf-ray: 9ea55c3908755684-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":937067,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (63334), with no line terminators","md5":"69ab39db418175f84e02a30496df41c6","sha1":"ba7c758467819daeba90d81278f1019b31fd888a","sha256":"ca36eaa146cce675000c88d644239b7acf10f5dfb75d5d310bf79ef1feac2ca1","sha512":"058cd088dbfe04a06cb65f2f22b6e931ed6825e417bee17f1c7c4ca75b68f57fb8f0fa642c377342a2a53eb6fb8e5cb6695b6f9bff421f53756ce257e180650a","ssdeep":"12288:7qxo8hUvftg7EcaP6ZVhgX0wTH4eN8JxRClsIlr7gJji05//4j/YWY5hSxAXy6:7kOvftg7EjgOsIh7gL2j/YWAXb","tlshash":"4515ea6f3378f252219868ec2fa19c7454ca65e2dbce07fb63469c48d0e056fb315ea1","first_seen":"2026-04-10T22:59:36.569803Z","last_seen":"2026-04-10T22:59:36.569803Z","times_seen":1,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":39,"dns":29,"connect":1,"send":0,"wait":249,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events-elephant.fun/images/wallet.webp","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-elephant.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 21:51:02 GMT","end":"Thu, 09 Jul 2026 22:49:17 GMT"},"fingerprint":{"sha1":"FA:EB:61:64:09:9C:48:B6:3E:2D:A4:B7:CA:98:52:C9:B5:5F:F1:19","sha256":"3A:65:6D:0B:5E:E8:81:1E:94:63:EE:0F:BA:A5:4F:62:5F:B1:F8:45:26:DA:03:53:B8:B1:1A:A5:2F:D0:E7:52"}}},"request":{"raw":"GET /images/wallet.webp HTTP/1.1\r\nHost: events-elephant.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-elephant.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Apr 2026 22:59:08 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Tue, 10 Feb 2026 19:34:40 GMT\r\netag: W/\"698b8850-45a32\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jESZ254aWkqsDPvaJRJ2ZFz%2BBZf71ZpCrSE85sKfQGIaG5ra46Zdt3pan%2Fq3i2qCMzrNAJcVljieiGnluSWfnximGTiRIOinsPW9C1bOG%2FQw%2FUrjBv%2BNkU07mMRg8mpiCJLB0I5q\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ea55c38b885b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":285234,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3ce1b38ffa55b423736c11b9f2c1d711","sha1":"9ccb7523d4e42645d62f3f2a440fa9e7e95a84b7","sha256":"daf1da6bb8b175881d3a2b2f1ccbfabf02820ec7f5a6ead3099aa6bed869d6f7","sha512":"b3daf8fc1d1e2e4ff936f30c8593b57adcbc5549b2c7321da7295c8b8bf84107488c08afc1c07ca473f537462ad2d905e66ef10f2d23ad61c980213fa408c8a9","ssdeep":"6144:PoEfpUoErtKYa8NevDpY3q8jhpda0V58IUrUw+4i2UjWluBz:rfK/rtKYaeeL+3RhpddV58IUg0bm","tlshash":"d4542382bac9bff4cf1ba586137540ec17b89848348104799c32cd9eebe96c794b5693","first_seen":"2026-04-10T22:59:36.573456Z","last_seen":"2026-04-10T23:01:14.096406Z","times_seen":2,"resource_available":false,"data":null}},"time_used":371,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":139,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"events-elephant.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 02:09:20 GMT\r\nexpires: Sun, 04 Apr 2027 02:09:20 GMT\r\ncache-control: public, max-age=31536000\r\nage: 593388\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14500,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-04-11T02:11:07.872023Z","times_seen":2187,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":72,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/config","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:21.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\ndate: Fri, 10 Apr 2026 22:59:22 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FoglHPsIVxrG7uSDeeV2ylLuM3pOWZ4IKR1ABadMTTpYssu%2BDgXWQh9UmJB8WSQxH0HOHCyN0ZAARBfYos0HgcyRp1zchk5gN5d%2BAoA%2Fx%2BqoLFneoo8hQuFJHK3ofw9D%2BVtcwpQL94iy5%2Fn9zgc%2BYyw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea55c8d9dfcb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/is-banned","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:09.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/is-banned HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 22:59:09 GMT\r\ncontent-type: text/plain;charset=utf-8\r\ncontent-length: 1\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncache-control: private, max-age=300\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ILa8q0WYmuAxx%2FzjKuA4S7fswEXGoDrMAAJ6%2FW%2Bkb4LCkNPO%2Bru72P5ApqhPC0Ws1qU9fC1iosaqyaMOXzZK4DhO6c7C93fcpgs3GP9xGE%2B34ZsBLgi6kzu%2FpD9n2s3h16cD%2FyzEAOkWf%2Fq85CI46fY%3D\"}]}\r\ncf-ray: 9ea55c3d6b765684-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"cfcd208495d565ef66e7dff9f98764da","sha1":"b6589fc6ab0dc82cf12099d1c2d40ab994e8410c","sha256":"5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9","sha512":"31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99","ssdeep":"","tlshash":"c700000000000000c00000300000000000000000000000000000000000000000000000","first_seen":"2023-03-07T01:37:31Z","last_seen":"2026-04-11T15:48:37.47426Z","times_seen":104467,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events-elephant.fun/","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-10T22:59:06.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-elephant.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 21:51:02 GMT","end":"Thu, 09 Jul 2026 22:49:17 GMT"},"fingerprint":{"sha1":"FA:EB:61:64:09:9C:48:B6:3E:2D:A4:B7:CA:98:52:C9:B5:5F:F1:19","sha256":"3A:65:6D:0B:5E:E8:81:1E:94:63:EE:0F:BA:A5:4F:62:5F:B1:F8:45:26:DA:03:53:B8:B1:1A:A5:2F:D0:E7:52"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: events-elephant.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 22:59:08 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Tue, 10 Feb 2026 19:34:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZdnA7%2B1U6yJlIY%2BmnIfaueGH6yNpSe6Jak89polcVQn6lH%2Bt4l3IbhfHQa%2F6yxG3nyK0zkLO4uBUC5SlSOEW1ab3E%2FaX4AjSlsT8e1zpgsCPPX6Y8SE6Lg11dcqgKJ0Srf6RaxDl\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9ea55c363f31568e-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11715,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9698)","md5":"b939fd52bd655032d332272d8b0982a7","sha1":"1452e07c445d6d0e225bf802bae13ba0cd0f3aed","sha256":"fb509b9a51f02c58e8c26705d8c990fe20901172fb5a8b6646e081054d0ee271","sha512":"a8e123758185d04a611ccff4e28ae31f74de654fd3f11b469681226c4aa8d43b1e3529b357733b7f082388f2f982823ec95ffb40dbbce3c23590adec9b20de8e","ssdeep":"192:AfonkVGb40AAAqRZGAIFX3l6b740gAAqRZ3CmirZ3kX:4V0pRZG1FF6A0JRZn6Z0X","tlshash":"2032b6e24654605f222b9acb9e256b2f35fb20bfd5b70500e7ec8784d79fc81ed06845","first_seen":"2026-04-10T22:59:36.57683Z","last_seen":"2026-04-10T23:01:14.09981Z","times_seen":2,"resource_available":true,"data":null}},"time_used":2478,"timings":{"blocked":1102,"dns":1052,"connect":1,"send":0,"wait":275,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"events-elephant.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:52 GMT","end":"Mon, 15 Jun 2026 08:38:51 GMT"},"fingerprint":{"sha1":"10:68:A1:B6:6F:BE:E8:57:8D:53:84:02:27:8F:E5:B8:83:ED:F1:68","sha256":"19:3A:7C:96:C1:4A:DD:40:D8:24:D5:6C:D9:2F:3F:74:1E:19:64:E6:F9:D4:88:68:56:D5:DC:1D:17:B6:21:BC"}}},"request":{"raw":"GET /css2?family=Manrope:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-elephant.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 10 Apr 2026 22:59:08 GMT\r\ndate: Fri, 10 Apr 2026 22:59:08 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10720,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"52e735aa88c047346bdbc94b641c48f8","sha1":"c184c1982e51c1c775b2889d2d17b886215a46bb","sha256":"8d5bd0aede64a4797f1e7310b7fbbef105f7b2520feeac156eb8dfbfd6686043","sha512":"77f52f31039e6e44c2f2b8c3663710839f85d3ece31e2bf7e4a7e70bccfe56f22970a4eaae5bdafb458e821a37628fced6ea2231089990b45e2b46ce7a520da7","ssdeep":"192:SJi5V3PP8wiJDEV3WW89RJ8rV3118+4JlOV3MM8b/JGNV3TT80s:UmkwU+ME02w","tlshash":"5a22a990002be804eb470cd677ce7e3aad4e61567451c5ba5bfe1cd8addbd222320b5e","first_seen":"2025-09-08T04:26:17.666874Z","last_seen":"2026-04-10T23:01:14.101975Z","times_seen":352,"resource_available":false,"data":null}},"time_used":412,"timings":{"blocked":186,"dns":1,"connect":14,"send":0,"wait":32,"receive":0,"ssl":176},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"events-elephant.fun/_nuxt/assets/index.js","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-elephant.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 21:51:02 GMT","end":"Thu, 09 Jul 2026 22:49:17 GMT"},"fingerprint":{"sha1":"FA:EB:61:64:09:9C:48:B6:3E:2D:A4:B7:CA:98:52:C9:B5:5F:F1:19","sha256":"3A:65:6D:0B:5E:E8:81:1E:94:63:EE:0F:BA:A5:4F:62:5F:B1:F8:45:26:DA:03:53:B8:B1:1A:A5:2F:D0:E7:52"}}},"request":{"raw":"GET /_nuxt/assets/index.js HTTP/1.1\r\nHost: events-elephant.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-elephant.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Apr 2026 22:59:08 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Tue, 10 Feb 2026 19:34:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1wCy%2FkIBrIw4VYZqdJeKx4NzV8kBHoA%2FVOnqBK3sJOdmQgiTxTqLzbwGIrtkBv1wrZZpza29ijpyTZE7euJHIjiIPxCx3%2FUMYel0WMG0mCWRDbCprP1yKF3THTHA5Zbx3VWMSwkh\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9ea55c38b883b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"events-elephant.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/config","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:24.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\ndate: Fri, 10 Apr 2026 22:59:24 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TUHCbOI6t6TpSyzZ%2B16wb7i3YfBXOLuTCAiRqTfzmZVpl0ItmoZ2ZYoL04ubjP79PLSpoCcFq5nwJzYYEJWcvNHv8zvVC4H5vVFtSsByzZLZU7Tx0KYAfuGl4o29tAiNME135y4Z6TX2JupV97%2BB3DQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea55c9e48ceb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 08:25:54 GMT\r\nexpires: Fri, 09 Apr 2027 08:25:54 GMT\r\ncache-control: public, max-age=31536000\r\nage: 138794\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-04-11T16:16:06.212246Z","times_seen":16870,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":109,"dns":23,"connect":8,"send":0,"wait":9,"receive":5,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:38:37 GMT","end":"Mon, 15 Jun 2026 08:38:36 GMT"},"fingerprint":{"sha1":"F8:24:5E:5A:B0:FB:57:E0:D6:E9:33:BD:54:27:DC:BF:50:74:4A:59","sha256":"A4:18:08:9F:87:3F:1D:A2:3B:7A:25:AA:E0:FF:C8:CB:B1:74:9C:8B:FF:A2:C5:D6:74:BB:B0:A7:97:7E:5B:02"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 02:09:20 GMT\r\nexpires: Sun, 04 Apr 2027 02:09:20 GMT\r\ncache-control: public, max-age=31536000\r\nage: 593388\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14500,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-04-11T02:11:07.872023Z","times_seen":2187,"resource_available":false,"data":null}},"time_used":420,"timings":{"blocked":204,"dns":0,"connect":23,"send":0,"wait":9,"receive":1,"ssl":178},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/config","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:17.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\ndate: Fri, 10 Apr 2026 22:59:17 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=39%2B7cTZJp0QXs31Kt8jhofPY%2Br8%2BUJWXDfKaB7WAMd0hsE6zUqeMbnG82YSRqFhX9I74VB3oBHJv5NftQr4YT%2BZ8%2Fjvw2Ke7M7hUSuNRKvAFA4%2B%2FLUkf2VmBdS1M4N%2FeNAPE83O0OiFY7UU0KkdnBnw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea55c70eadeb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/config","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:09.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\ndate: Fri, 10 Apr 2026 22:59:09 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tCE4wQhrI1YsV%2FfA0TRmjMIzoiUI4N9fCL9xdkl6ctUGZIgyC6HY5N1W0l3JYa0ATaw0TFZrNEIkBHo%2Bi28gv1EWS8dRAIvy7mp9a69yAdxvxnlbBO4beU3MSyclNzaCnga6ODNzusKRFPxtYzYVmV4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea55c406f76b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":165,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"balance-snort.fontmaxplugin.cc/api/config","fqdn":"balance-snort.fontmaxplugin.cc","domain":"fontmaxplugin.cc","tld":"cc"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:10.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontmaxplugin.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 28 Feb 2026 12:28:07 GMT","end":"Fri, 29 May 2026 13:25:31 GMT"},"fingerprint":{"sha1":"FF:C9:44:AB:1D:80:02:3E:4A:9D:9D:16:1E:F9:2D:B9:CE:66:09:5E","sha256":"D9:44:FF:7F:09:14:1A:62:5B:82:92:B7:7A:13:81:95:94:8D:9B:8A:52:C0:EC:FB:45:F7:AD:03:48:F0:A7:67"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: balance-snort.fontmaxplugin.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-elephant.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-elephant.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\ndate: Fri, 10 Apr 2026 22:59:10 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lbNZIMnqRa9BCgZuG94JkIHL2dDhL9SNh%2F%2BrVJl8etlqspBssekR72j6gbsg1kTZxtSM%2BlI53bqVMAN9lMzykv6bEb%2BT5xD%2Bd799Y45jADomd12sM1AcnXJPl8YgztXgEQeIqZjsEOfDzu81k9M%2FVyg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea55c449aa3b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T15:55:57.916718Z","times_seen":13626335,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"balance-snort.fontmaxplugin.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events-elephant.fun/script-pjmzu.js","fqdn":"events-elephant.fun","domain":"events-elephant.fun","tld":"fun"},"ip":{"addr":"172.67.166.158","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://events-elephant.fun/","date":"2026-04-10T22:59:08.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-elephant.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 21:51:02 GMT","end":"Thu, 09 Jul 2026 22:49:17 GMT"},"fingerprint":{"sha1":"FA:EB:61:64:09:9C:48:B6:3E:2D:A4:B7:CA:98:52:C9:B5:5F:F1:19","sha256":"3A:65:6D:0B:5E:E8:81:1E:94:63:EE:0F:BA:A5:4F:62:5F:B1:F8:45:26:DA:03:53:B8:B1:1A:A5:2F:D0:E7:52"}}},"request":{"raw":"GET /script-pjmzu.js HTTP/1.1\r\nHost: events-elephant.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-elephant.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Apr 2026 22:59:08 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Tue, 10 Feb 2026 19:34:40 GMT\r\netag: W/\"698b8850-2ff\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u7JHw4%2BdEiryB%2FRyrTyRxxwFSAQl1ydz%2FJaeTl947O%2FyQMYs4TcBm5t9TJ0BfHUp8938wkG%2FIH%2B70e%2BQYthO7unop0QYHeO9Ph6RJLhi9XocqxE5b39oF6lPq9f09FPYWKywC8JP\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ea55c38c886b4eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":767,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (767), with no line terminators","md5":"30f42ad1c5a09e6e3681c776eb8e0dde","sha1":"81bef8c25af302b8820f50322eeeac9d257786a6","sha256":"eb6f03dd44943280decfda66a6ab48dbcbc332763b1f95ddf86b13b28fc49f04","sha512":"8ad5892414bfc1c2d2c0452ec18ba3acd00f6f83cd48595f2f3b1b04022f0cb561660f1180c090af79b715ebb672b9f5f8a55da4882e1ca6b793bd841329fd2d","ssdeep":"","tlshash":"6f0161794420fd30c5be14d796b8e39669a94095f6104152a32d4cc1384386b597dfef","first_seen":"2026-04-10T22:59:36.579268Z","last_seen":"2026-04-10T23:01:14.093934Z","times_seen":2,"resource_available":true,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"events-elephant.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}