{"report_id":"5de3b441-3b65-468f-beca-1deff2aba2f2","version":6,"status":"done","tags":[],"date":"2026-02-14T02:03:48Z","url":{"schema":"https","addr":"events-gentlemen.fun/","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"104.21.87.254","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"events-gentlemen.fun/","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"title":"This Is Gentlemen | Airdrop","dom":{"size":27672,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (25722)","md5":"dc3e46d56d256e9cbd1a603b9e2a5750","sha1":"810044ba0eeb3b54bd15bf81062f2f58204dc13f","sha256":"bca1cddc1f3ae78d889a464a7b49f36b7fc6a6ef6a16388ba72b2c380b77c52d","sha512":"f1ea0fa48b197ac4734ad9c60e518f63cd670697ca85ce000ef3e976d0e5aa4d0406bfc2db27961f92e1701ce6fd64454d8a48350c32036963a9b0d310247032","ssdeep":"768:sezQH2L0r82It4uSRhKut5NFgl+FU+xHyvfSDIJPJWf3b8fzwZPROHXL0hDgmwcx:LzqyrY1VZ9p+Z3KZ0U","tlshash":"65c24251f940493f3a0b62ff4ac5de5d725230169863bb4d72f880c2e786eb39eb5818","dom_hash":"domhash0d7296c25004807326d93a4aa37677bc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"events-gentlemen.fun/","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"104.21.87.254","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T02:03:48Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"events-gentlemen.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"machinist-dawn.g-app-d.cc","ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-28","domain_rank":0,"first_seen":"2026-02-12T22:18:59.465538Z","last_seen":"2026-02-12T22:18:59.465538Z","alert_count":28,"request_count":14,"received_data":705737,"sent_data":6918,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-08T22:14:51.234086Z","alert_count":0,"request_count":8,"received_data":164016,"sent_data":4328,"comment":"","tags":null,"fingerprints":null},{"fqdn":"events-gentlemen.fun","ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-02-09","domain_rank":0,"first_seen":"2026-02-14T02:03:48.951501Z","last_seen":"2026-02-14T02:03:48.951501Z","alert_count":8,"request_count":8,"received_data":484343,"sent_data":3713,"comment":"","tags":null,"fingerprints":[{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-08T22:17:48.645662Z","alert_count":0,"request_count":2,"received_data":22180,"sent_data":964,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"lite-api.jup.ag","ip":{"addr":"52.84.50.2","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-09-15","domain_rank":1536175,"first_seen":"2025-06-01T22:48:15.859785Z","last_seen":"2026-02-09T01:16:16.651241Z","alert_count":0,"request_count":1,"received_data":921,"sent_data":500,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"events-gentlemen.fun/script-gx9ds.js","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0fc53809656e7d5fcfede2ba954fc66","sha1":"2f1361e7355bba69a174bac8786639ae5d538a1a","sha256":"f6f5384db5c1f7a4fd0d2f84b7815a1156e2768c4fd65e95c0da094010994c6d","sha512":"9f1ba8a37374ed71ce82073ba8eaf019dd4d071222f0df3364a358fd6779e013d7ad5c998fe84df998c47c7fb31c6f8e78fcb6e86bcd534aa585895ddc39e49c","ssdeep":"","tlshash":"390161794420fd31c5fe14d792b8e35669a90095f2104152a32d4cc1384386b597dfef","size":767,"data":"","first_seen":"2026-02-12T22:19:03.877517Z","last_seen":"2026-02-14T02:03:52.0038Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"events-gentlemen.fun/","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6640544344a9de726559073350674c83","sha1":"1d1c80f8d7e044fd244f1d939b1cab1bbf452635","sha256":"fcffc9f72f3139326a2c7f41fda2387f2cca9f80cd59bf29160db5ed8bb86eb2","sha512":"ae9266f13ffba80267bb4b395ebfa3d98212575b7df36d4083532bb717f3e7a1634fac8d0f74fbba65d5ae05add92648198b0d6cac53aca9dcd245b5beabc627","ssdeep":"","tlshash":"f3c012217335aa19a62060112a6b368535f79236166440507b775920776b617c6a0fec","size":189,"data":"","first_seen":"2026-02-12T22:19:03.899549Z","last_seen":"2026-02-14T02:03:52.017341Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/_nuxt/assets/index.js","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d65f079c659be801c54dfb4ecce9f67d","sha1":"47997b456459da82181b2cb36556cc7307ed50ff","sha256":"7ecfd2fe3e6fed768a70829f1b542add05986e8d6cc043af85d247446112c925","sha512":"03f844a1c5b1b8f81c65b45c3fc736a4e37c7fd899068bbd060dea6118fdf590332fdbe242ad488619de2fa2896124145dd06b21182abc692da9553bfb45492b","ssdeep":"6144:UAVUjV4h/H16/t4o/L7iA/mYXXcd06RI4EWOVQ8QpwPmyGM8fgTWQr9mA17bYS4E:YiLpwPB7xjlQJlrfbhCVYpwkCT85mt","tlshash":"45e4d8d3f201d9fa2191ab812af22fb158cb1494fc7f0eabe456cc4d672143693b6794","size":694104,"data":"","first_seen":"2026-02-12T02:09:19.054009Z","last_seen":"2026-02-14T02:04:42.826876Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"events-gentlemen.fun/","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"eb51c442dada3741735366f8d5ac5d69","sha1":"c28fabe41a99234e49ca58ca7a4b19a4da73fbd5","sha256":"d43ff33742bfcbef018c294403476b0e71fe2b875db642b65037a166d45958c3","sha512":"b9d509032e48406393af887b22b6edcc2c313d212df0c0ffbc6c24b252231592772af8d32103010c4687094a5f5978b4f5cf30582089b72f6c0ab9077f788ea0","ssdeep":"6144:sEhV+jf4h/x16/B4o/RLTQAREB7E2yWyxQcj0mVhyGGUhLNivfPd0RqM8fgTGQrY:J0FlGm9a7PP9/PD","tlshash":"01e4e8e1f2419dbb119683953ef227f658161494fcff0eabe4a8880e6b6043791f7394","size":666301,"data":"","first_seen":"2026-02-12T02:09:19.056667Z","last_seen":"2026-02-14T02:04:42.827554Z","times_seen":75,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/_nuxt/assets/index.js","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /_nuxt/assets/index.js HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-gentlemen.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 02:03:25 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 12 Feb 2026 00:12:41 GMT\r\netag: W/\"698d1af9-a9cb4\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=300, must-revalidate\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dTZZpNvOZ44WB%2F5E4LOkoDBhr0wLRhkuF1nbpJVgfgrwbQM7v4i7UWfSoeXB6%2BnHsV%2BthhiVRV5gjATe1ppRu4C%2FknNsV2tRKR0MDaU7VcT0gyBRnx2uB58%3D\"}]}\r\ncf-ray: 9cd8fd2cf96a120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":695476,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (55648), with no line terminators","md5":"d65f079c659be801c54dfb4ecce9f67d","sha1":"47997b456459da82181b2cb36556cc7307ed50ff","sha256":"7ecfd2fe3e6fed768a70829f1b542add05986e8d6cc043af85d247446112c925","sha512":"03f844a1c5b1b8f81c65b45c3fc736a4e37c7fd899068bbd060dea6118fdf590332fdbe242ad488619de2fa2896124145dd06b21182abc692da9553bfb45492b","ssdeep":"6144:UAVUjV4h/H16/t4o/L7iA/mYXXcd06RI4EWOVQ8QpwPmyGM8fgTWQr9mA17bYS4E:YiLpwPB7xjlQJlrfbhCVYpwkCT85mt","tlshash":"45e4d8d3f201d9fa2191ab812af22fb158cb1494fc7f0eabe456cc4d672143693b6794","first_seen":"2026-02-12T02:09:19.054009Z","last_seen":"2026-02-14T02:04:42.826876Z","times_seen":75,"resource_available":true,"data":null}},"time_used":356,"timings":{"blocked":13,"dns":5,"connect":1,"send":0,"wait":313,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 13 Feb 2026 03:04:57 GMT\r\nexpires: Sat, 13 Feb 2027 03:04:57 GMT\r\ncache-control: public, max-age=31536000\r\nage: 82709\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14500,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-06-08T20:34:13.350634Z","times_seen":2768,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":149,"dns":1,"connect":17,"send":0,"wait":32,"receive":3,"ssl":141},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/config","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:26.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 500 Internal Server Error\r\ndate: Sat, 14 Feb 2026 02:03:26 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W7k5ne41j%2B8Ox84TjjqGRmrm6Gqx1bPfWPYOk30uZTZc0%2FiJzX6TmTIFPYmhTRwuPqi%2Ba7SzhtNG87FmgQTClgHv4A6KwMyoCOLxKMvaDmwdbwNobcXYDEc%3D\"}]}\r\ncf-ray: 9cd8fd323df1120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":261,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/config","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:26.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:27 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ch%2FgcX6jFoUxtHK%2F9rsJWd%2B48bZNZnLDL59j78Q61c5TPaxgwDCcBBUaibKbSpsJXetRh20f%2FnWTMi1RV7udydUyXXm2uKNxQa0Ys7tY7m5McZ%2FX%2BhztytE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fd358a874e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 13 Feb 2026 00:59:27 GMT\r\nexpires: Sat, 13 Feb 2027 00:59:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 90239\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-06-08T19:51:09.421867Z","times_seen":26983,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":78,"dns":8,"connect":23,"send":0,"wait":65,"receive":15,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 13 Feb 2026 03:04:57 GMT\r\nexpires: Sat, 13 Feb 2027 03:04:57 GMT\r\ncache-control: public, max-age=31536000\r\nage: 82709\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14500,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-06-08T20:34:13.350634Z","times_seen":2768,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":60,"dns":0,"connect":0,"send":0,"wait":67,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/config","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:28.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:28 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FdX44sAXbFBlmftcEwXKAVx5RdPTlXEnykL%2BjitcuG0eykUF%2BNiUh0cARRzFUE%2BYtK%2FWZAJOv1D8Xgg13ql2Bv9CJyVcu8fz1SfhEuwpDlTk0GHRl12drYk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fd3fdc1c4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events-gentlemen.fun/","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T02:03:25.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-gentlemen.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Feb 2026 07:54:28 GMT","end":"Sun, 10 May 2026 08:53:16 GMT"},"fingerprint":{"sha1":"2E:09:E5:76:3F:1C:50:87:F0:EE:EA:22:05:9D:FE:03:DC:15:9E:E8","sha256":"F5:B7:22:49:5C:0E:32:F2:E9:E7:24:82:B9:78:0F:89:E9:0E:81:5F:E1:3B:5A:EB:96:DF:E0:BD:A2:D6:F6:CC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: events-gentlemen.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 02:03:25 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Mon, 09 Feb 2026 08:51:21 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qMpM0YnufxQQt5ckPd7HA5uHOdtt2B7RMmivm5WUodVJTPhr9SLeAnM%2F1fU3koVao%2BZYFLXW%2BCagk%2BK%2BG4BZxbcK2J%2FvhV1z2I2xuWimAv9HYntG\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9cd8fd2a3c0b5ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11668,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9721)","md5":"8a14888b085ec3ee3dfe23c5a851fc79","sha1":"a96b807408efb83c8a0da5c7e2db043c30a212b0","sha256":"4e656421879971270fba96b318f49e898ee6d7cf3e5389faac0e0af3e5aaebda","sha512":"8df32449b0c2f683d60d10e514b23f16b5ac6fd0a15004d268c81d160ef7e0a45a53771c6b4a339cf2fe1987325316cbf2cc3d1d3c06593c3910455b3fe7bb51","ssdeep":"192:UfQp2ZYYZIe9E40RAAqRZ4pj+sFZQJL/vhyf40AAAqRZSAEJmlABNFuXH:CZYYZIy0ERZ4pjNQx/vh70pRZTlABNFs","tlshash":"4032b8b34240201e612b59cfaf26576f32eb20bfe5b70541b7ec87c5eb9ad52ee05904","first_seen":"2026-02-12T22:19:03.881204Z","last_seen":"2026-02-14T02:03:51.994743Z","times_seen":2,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":69,"dns":55,"connect":1,"send":0,"wait":218,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"events-gentlemen.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events-gentlemen.fun/bafkreid6l5c5ujhn7xyqhg45hzfumdi5sipk7xp7ztqjrewwjw7d4a57pe.png","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-gentlemen.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Feb 2026 07:54:28 GMT","end":"Sun, 10 May 2026 08:53:16 GMT"},"fingerprint":{"sha1":"2E:09:E5:76:3F:1C:50:87:F0:EE:EA:22:05:9D:FE:03:DC:15:9E:E8","sha256":"F5:B7:22:49:5C:0E:32:F2:E9:E7:24:82:B9:78:0F:89:E9:0E:81:5F:E1:3B:5A:EB:96:DF:E0:BD:A2:D6:F6:CC"}}},"request":{"raw":"GET /bafkreid6l5c5ujhn7xyqhg45hzfumdi5sipk7xp7ztqjrewwjw7d4a57pe.png HTTP/1.1\r\nHost: events-gentlemen.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-gentlemen.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:25 GMT\r\ncontent-type: image/png\r\ncontent-length: 2668\r\ncast-mode: default\r\nlast-modified: Mon, 09 Feb 2026 08:51:21 GMT\r\netag: \"6989a009-a6c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4dhtmL88K%2Bz%2FWTOQtDt%2BEbQWXb75ZPDKZf98uLWZdyAGb9Guws6CnDfmVzoC%2BCeJYidfEKGu%2BrlFX6ukHlAoNgTl2idshH%2FN%2FAt1iFuvcmmicgvk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd8fd2cdc782efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2668,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 220x230, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d3764b4e0908d9ca7dac02fff221320b","sha1":"8399db20e1ef00ba276c16e3f96d2bcb9f02e7b1","sha256":"08114118cbe298122d27a4b3aa95b78d236cbe2c9fd7e95e1f6053f660494d4f","sha512":"d1d37761d1bfbdbe111db2b1785a66736275c3047b240960f9dbc74bddb7ac77afa3881691d66d095b4cda3279c1c732037109141bdb74e3f96025c64cd01d2e","ssdeep":"","tlshash":"e4512b3e041404d8c3eb85788d22958e8a52dd32d5a8556d39959af49ed78ce0f31c5b","first_seen":"2026-02-12T22:19:03.875642Z","last_seen":"2026-02-14T02:03:51.998311Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"events-gentlemen.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 13 Feb 2026 00:59:27 GMT\r\nexpires: Sat, 13 Feb 2027 00:59:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 90239\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-06-08T19:51:09.421867Z","times_seen":26983,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":101,"dns":0,"connect":29,"send":0,"wait":31,"receive":34,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/is-banned","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:26.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/is-banned HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 02:03:26 GMT\r\ncontent-type: text/plain;charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncache-control: private, max-age=300\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=28mif0a9Q%2B7kJuLCOXa8j5QV0V6%2FgGw9Pk2dlWPUJMn2WHlBnpn7tfZkJkdeNyPWdOEUd%2BlwwgDQ%2FXjQ5YP79ucTKfbEmj1s8sm14P47DoXRlnQwymZwyNc%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9cd8fd323ded120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"cfcd208495d565ef66e7dff9f98764da","sha1":"b6589fc6ab0dc82cf12099d1c2d40ab994e8410c","sha256":"5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9","sha512":"31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99","ssdeep":"","tlshash":"c700000000000000c00000300000000000000000000000000000000000000000000000","first_seen":"2023-03-07T01:37:31Z","last_seen":"2026-06-08T20:17:18.911532Z","times_seen":114435,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Manrope:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"CE:4C:7F:8F:8F:6A:C6:C8:7D:B4:2F:84:18:4E:0D:FB:63:4C:61:E5","sha256":"26:A1:50:21:90:A7:C5:05:61:2F:4B:99:EE:0C:BA:28:24:E5:BF:CB:00:37:F9:42:00:D8:72:4C:00:37:9B:B9"}}},"request":{"raw":"GET /css2?family=Manrope:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-gentlemen.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 14 Feb 2026 02:03:25 GMT\r\ndate: Sat, 14 Feb 2026 02:03:25 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10720,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"52e735aa88c047346bdbc94b641c48f8","sha1":"c184c1982e51c1c775b2889d2d17b886215a46bb","sha256":"8d5bd0aede64a4797f1e7310b7fbbef105f7b2520feeac156eb8dfbfd6686043","sha512":"77f52f31039e6e44c2f2b8c3663710839f85d3ece31e2bf7e4a7e70bccfe56f22970a4eaae5bdafb458e821a37628fced6ea2231089990b45e2b46ce7a520da7","ssdeep":"192:SJi5V3PP8wiJDEV3WW89RJ8rV3118+4JlOV3MM8b/JGNV3TT80s:UmkwU+ME02w","tlshash":"5a22a990002be804eb470cd677ce7e3aad4e61567451c5ba5bfe1cd8addbd222320b5e","first_seen":"2025-09-08T04:26:17.666874Z","last_seen":"2026-06-08T18:15:20.660345Z","times_seen":440,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":101,"dns":1,"connect":16,"send":0,"wait":36,"receive":0,"ssl":93},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"events-gentlemen.fun/script-gx9ds.js","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-gentlemen.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Feb 2026 07:54:28 GMT","end":"Sun, 10 May 2026 08:53:16 GMT"},"fingerprint":{"sha1":"2E:09:E5:76:3F:1C:50:87:F0:EE:EA:22:05:9D:FE:03:DC:15:9E:E8","sha256":"F5:B7:22:49:5C:0E:32:F2:E9:E7:24:82:B9:78:0F:89:E9:0E:81:5F:E1:3B:5A:EB:96:DF:E0:BD:A2:D6:F6:CC"}}},"request":{"raw":"GET /script-gx9ds.js HTTP/1.1\r\nHost: events-gentlemen.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-gentlemen.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:25 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Mon, 09 Feb 2026 08:51:21 GMT\r\netag: W/\"6989a009-2ff\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YsqFx6wnZMraz%2Bq1%2BE4jLAtNEnpZeGqffI%2FFUp6Oj44ZEjS8b0s5Od%2BQQbOTsC5K13vmws7FaBH3LFox%2BrGGSO3R37HlPxFzA3gGM1iZ1LEibpHb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cd8fd2cdc7a2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":767,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (767), with no line terminators","md5":"f0fc53809656e7d5fcfede2ba954fc66","sha1":"2f1361e7355bba69a174bac8786639ae5d538a1a","sha256":"f6f5384db5c1f7a4fd0d2f84b7815a1156e2768c4fd65e95c0da094010994c6d","sha512":"9f1ba8a37374ed71ce82073ba8eaf019dd4d071222f0df3364a358fd6779e013d7ad5c998fe84df998c47c7fb31c6f8e78fcb6e86bcd534aa585895ddc39e49c","ssdeep":"","tlshash":"390161794420fd31c5fe14d792b8e35669a90095f2104152a32d4cc1384386b597dfef","first_seen":"2026-02-12T22:19:03.877517Z","last_seen":"2026-02-14T02:03:52.0038Z","times_seen":2,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"events-gentlemen.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 13 Feb 2026 00:59:27 GMT\r\nexpires: Sat, 13 Feb 2027 00:59:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 90239\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-06-08T19:51:09.421867Z","times_seen":26983,"resource_available":false,"data":null}},"time_used":375,"timings":{"blocked":161,"dns":2,"connect":15,"send":0,"wait":34,"receive":7,"ssl":150},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 13 Feb 2026 03:04:57 GMT\r\nexpires: Sat, 13 Feb 2027 03:04:57 GMT\r\ncache-control: public, max-age=31536000\r\nage: 82709\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14500,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-06-08T20:34:13.350634Z","times_seen":2768,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":65,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"events-gentlemen.fun/bafkreid6l5c5ujhn7xyqhg45hzfumdi5sipk7xp7ztqjrewwjw7d4a57pe.png","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:26.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-gentlemen.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Feb 2026 07:54:28 GMT","end":"Sun, 10 May 2026 08:53:16 GMT"},"fingerprint":{"sha1":"2E:09:E5:76:3F:1C:50:87:F0:EE:EA:22:05:9D:FE:03:DC:15:9E:E8","sha256":"F5:B7:22:49:5C:0E:32:F2:E9:E7:24:82:B9:78:0F:89:E9:0E:81:5F:E1:3B:5A:EB:96:DF:E0:BD:A2:D6:F6:CC"}}},"request":{"raw":"GET /bafkreid6l5c5ujhn7xyqhg45hzfumdi5sipk7xp7ztqjrewwjw7d4a57pe.png HTTP/1.1\r\nHost: events-gentlemen.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-gentlemen.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 2668\r\ncast-mode: default\r\nlast-modified: Mon, 09 Feb 2026 08:51:21 GMT\r\netag: \"6989a009-a6c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kAVPI4erLoKQYDxSgO6zGkYc4kOVoEBCm5jIH9m1FfHNMd6KHOa2bXADnC0ixaUJD7l6rj5dZZxDcdt034X9g9E43NhFGExrn8IfALzSpgZaxNAk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9cd8fd34ad5a2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2668,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 220x230, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d3764b4e0908d9ca7dac02fff221320b","sha1":"8399db20e1ef00ba276c16e3f96d2bcb9f02e7b1","sha256":"08114118cbe298122d27a4b3aa95b78d236cbe2c9fd7e95e1f6053f660494d4f","sha512":"d1d37761d1bfbdbe111db2b1785a66736275c3047b240960f9dbc74bddb7ac77afa3881691d66d095b4cda3279c1c732037109141bdb74e3f96025c64cd01d2e","ssdeep":"","tlshash":"e4512b3e041404d8c3eb85788d22958e8a52dd32d5a8556d39959af49ed78ce0f31c5b","first_seen":"2026-02-12T22:19:03.875642Z","last_seen":"2026-02-14T02:03:51.998311Z","times_seen":2,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"events-gentlemen.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 13 Feb 2026 00:59:27 GMT\r\nexpires: Sat, 13 Feb 2027 00:59:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 90239\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-06-08T19:51:09.421867Z","times_seen":26983,"resource_available":false,"data":null}},"time_used":440,"timings":{"blocked":193,"dns":1,"connect":16,"send":0,"wait":29,"receive":6,"ssl":191},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lite-api.jup.ag/price/v3?ids=5TATk16oMrt4vsMR8WwQ9AtiPeosdJhXFkp2UhGJpump","fqdn":"lite-api.jup.ag","domain":"jup.ag","tld":"ag"},"ip":{"addr":"52.84.50.2","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:26.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lite-api.jup.ag","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Apr 2025 00:00:00 GMT","end":"Thu, 30 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6A:C1:1A:55:81:46:51:60:92:8E:23:71:EC:0D:F5:22:E2:77:CC:B6","sha256":"9B:2C:9B:3C:A9:B9:32:F1:2E:E7:12:53:C3:E5:39:A9:B1:D1:92:0F:BD:83:0D:8B:73:33:20:78:3D:B0:C8:E7"}}},"request":{"raw":"GET /price/v3?ids=5TATk16oMrt4vsMR8WwQ9AtiPeosdJhXFkp2UhGJpump HTTP/1.1\r\nHost: lite-api.jup.ag\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ndate: Sat, 14 Feb 2026 02:03:26 GMT\r\nserver: cloudflare\r\ncf-ray: 9cd8fd326f361a30-OSL\r\ncontent-encoding: br\r\naccess-control-allow-origin: https://events-gentlemen.fun\r\ncache-control: public, max-age=5\r\nvary: Origin, Accept-Encoding\r\naccess-control-allow-credentials: true\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 e21c7dce7b26c6a388cc82dd5423f574.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 3cxzTk0ZuhW1BtVW-l2cA9r-LQFOE-PAc8pPx2a_sIKcS5qt-b_WfA==\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":221,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"beb72461c11669fbd6d9121af2a9fe90","sha1":"5f8ec1334849ad35346ce5640cccb2a0e98b4574","sha256":"c4ba409c61eced18dcf72c948474aaf875cf72e92dc807f7be8514adf27b5a29","sha512":"7e22e91c4e3a11095f532997f29d4d4307986a2920b85058db8e38435594613abd2ce41df00e2cdda392418472fc0b095e2f0b4432484e4fe0253afb94c34e00","ssdeep":"","tlshash":"fad0a77265b21564c94e241384ea795458c8307949b581d5f9894e049429f56050d55d","first_seen":"2026-02-14T02:03:52.006099Z","last_seen":"2026-02-14T02:03:52.006099Z","times_seen":1,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":23,"dns":1,"connect":2,"send":0,"wait":59,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/config","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:29.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:30 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UuN8oRA5djMH1r4TqRxg3HmQCXCmQjHSbGGOjmy9ExGrFPxokj4v2CrcwxC8InSBIB4t%2FYGxfJIdBBfVvSDDHCYTlvLEpVP3sxnvmci3xNRf%2F6KI3%2FAmIso%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fd475d874e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":195,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":195,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/config","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:31.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:31 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4h%2B554FaI%2BCcTGfB6SAuyQOwBq8qZoNOvr2yXUJ%2F%2BB7F%2BmrPw0VJFukD1IbA6Rg%2F0QiHOVG%2B0vYSjqRUWXuecQGqshO9WJ%2FiEW85xuyV3372amjP1A6RypY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fd506efc4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":189,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/config","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:39.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:39 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z7kH%2FgmsJ2BQI6hPtQiTFbE%2Bk0UMXb2qJXFQATg7YsjwjARJSFXaq53YA4GXvbf485%2BzuxeTkgu7iulZoUQXVoF4mA3jmXpeWrzfxd%2F9zY2G%2FiD9Kz7LZm4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fd844cb04e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":192,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events-gentlemen.fun/style-w2ydy.css","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-gentlemen.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Feb 2026 07:54:28 GMT","end":"Sun, 10 May 2026 08:53:16 GMT"},"fingerprint":{"sha1":"2E:09:E5:76:3F:1C:50:87:F0:EE:EA:22:05:9D:FE:03:DC:15:9E:E8","sha256":"F5:B7:22:49:5C:0E:32:F2:E9:E7:24:82:B9:78:0F:89:E9:0E:81:5F:E1:3B:5A:EB:96:DF:E0:BD:A2:D6:F6:CC"}}},"request":{"raw":"GET /style-w2ydy.css HTTP/1.1\r\nHost: events-gentlemen.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-gentlemen.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:25 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Mon, 09 Feb 2026 08:51:21 GMT\r\netag: W/\"6989a009-3960\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cQ5YsLAgznk29inc9PBaNeKnI%2BiCHvQAiDrXFChVZGi%2Bpbfx6CxpwU%2B1gE1eLa0JmB%2BVsATCJ4fm2v%2F7f1YiZ5hp5nPnd1riLxgvKKLu1hd37pFH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cd8fd2cdc752efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14688,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"ac139ed4a83193fcfa13814e53075ff4","sha1":"9a229ef459818d3983b84ff6e67ef05222c7a0c1","sha256":"ceec6cf1567945b7c81e3d54a426399f3bd7c2f8308c74d9b942c042a583b418","sha512":"a72430a9eeab6376997c27b5fc6699da5f96d6e4300726291031807de5529d73a70d4fc26bab784a7aa8f36fb79bf22c2091503902407ea60e95ffb01ddd7494","ssdeep":"96:MmKoAbaaDOn1UR6O+AbxG16Pr65naPW10Jc0nbSC1E+YcSWn1Jf:XObaaR6065naPlS+YcSWn1Jf","tlshash":"6c622217db409446b31fa0946fe4478ba72ea4239e8e4dffa047646c52ca1d512f2fce","first_seen":"2026-02-12T22:19:03.884473Z","last_seen":"2026-02-14T02:03:52.008478Z","times_seen":2,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"events-gentlemen.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events-gentlemen.fun/images/wallet.webp","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-gentlemen.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Feb 2026 07:54:28 GMT","end":"Sun, 10 May 2026 08:53:16 GMT"},"fingerprint":{"sha1":"2E:09:E5:76:3F:1C:50:87:F0:EE:EA:22:05:9D:FE:03:DC:15:9E:E8","sha256":"F5:B7:22:49:5C:0E:32:F2:E9:E7:24:82:B9:78:0F:89:E9:0E:81:5F:E1:3B:5A:EB:96:DF:E0:BD:A2:D6:F6:CC"}}},"request":{"raw":"GET /images/wallet.webp HTTP/1.1\r\nHost: events-gentlemen.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-gentlemen.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:25 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Mon, 09 Feb 2026 08:51:21 GMT\r\netag: W/\"6989a009-45456\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yn3hHTBrQ8vxGrkbLRRREGsoeqUMwXImNRHErquDQRvLZRGMTmP%2BfbjbZppYqnrelT1hzT55t5bpGzvSOXDFaqCCveepTgqM%2FAlxPP0sPkpuNnM8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cd8fd2cdc772efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":283734,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4b95d1ae81f4b87bbc385620b27cd37c","sha1":"6d19c2621cadf4b11a8678bf32f29c6c00823e4d","sha256":"cfa9fe72f36536bfcbb7183cfa7a8251436a9f83fbd56d7e380f06d21704a063","sha512":"0fdefaf90e5ab1d3fd54afdebe558aa042c084cdedc04292ca0206da966ecba09510e259cca791909022095aa23fb512cca00222f00155fb8b8c74e757685acc","ssdeep":"6144:CNEs8ajEmO8i141Q999LauU6MSktBN6xjdh2w/lngLe6U:gEb8i14wLauNMRbvw/lgLe","tlshash":"57542331c2831d3a61fce801c28fde6ec1954e142eb5ea57e7a8f919562ced0fd1851d","first_seen":"2026-02-12T22:19:03.893239Z","last_seen":"2026-02-14T02:03:52.011046Z","times_seen":2,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"events-gentlemen.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events-gentlemen.fun/images/bg.webp","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-gentlemen.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Feb 2026 07:54:28 GMT","end":"Sun, 10 May 2026 08:53:16 GMT"},"fingerprint":{"sha1":"2E:09:E5:76:3F:1C:50:87:F0:EE:EA:22:05:9D:FE:03:DC:15:9E:E8","sha256":"F5:B7:22:49:5C:0E:32:F2:E9:E7:24:82:B9:78:0F:89:E9:0E:81:5F:E1:3B:5A:EB:96:DF:E0:BD:A2:D6:F6:CC"}}},"request":{"raw":"GET /images/bg.webp HTTP/1.1\r\nHost: events-gentlemen.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-gentlemen.fun/style-w2ydy.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:26 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Mon, 09 Feb 2026 08:51:21 GMT\r\netag: W/\"6989a009-274cc\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lDDKPHHfSxw%2BH9qd04D1BTg2fzdIJKbU8axDK4vnK9Wy0AyB3JmTGSXy%2BleYw43vfGyy6f6YexEucLKl7r003OdSHV%2FXC1AM%2FjT1ifqlBGQKWJcf\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cd8fd2eccac2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":160972,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1922x1079, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6065b927889a9fca45807a9969c061e1","sha1":"3e07ff7b817c13bfea49e8b26ea4d95a5ea4f58b","sha256":"e8f6b9aaf808b34d0d6c1e98edb2d1f30747f0ec5767be575eb64d214909fdc4","sha512":"07c72e8e00e693bd3f72708af2e84ee1a38ce1453586eed2f5e947e0ff541d08ba4b1920993788b461143f4122974bc61de7ad3673ded0d0f95f9d051dfa6c97","ssdeep":"3072:PKpWu0kFlbXMaS4Ts4QOAa2rN4TH1L64d75beOVfS0nAlmHNkOJQv5I6R5saeUgt:PuWu0ElDM5F4n+mTH1L64XeYfS0Aw28j","tlshash":"72f31295cf8707874ee423b4499bba5bb076a145a8d0ee4eff1b543641f887a23310de","first_seen":"2026-02-12T22:19:03.894622Z","last_seen":"2026-02-14T02:03:52.013401Z","times_seen":2,"resource_available":false,"data":null}},"time_used":446,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":271,"receive":175,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"events-gentlemen.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/visit?origin=events-gentlemen.fun","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:26.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"POST /api/visit?origin=events-gentlemen.fun HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:26 GMT\r\ncontent-type: text/plain;charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I7HzMB47KPegqTHU09jV%2B%2Fs8KPrrsFOE1NEw7FiPBjxIs%2BFzrlMXKeleoomvrDSWbODPHyOdJVGncremhCfIU%2BBPogIAt0JIKAAu8LOggRClEa15f0oj5Ck%3D\"}]}\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fd331a1b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-06-08T20:36:47.087975Z","times_seen":423596,"resource_available":true,"data":null}},"time_used":282,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"events-gentlemen.fun/_nuxt/assets/index.js","fqdn":"events-gentlemen.fun","domain":"events-gentlemen.fun","tld":"fun"},"ip":{"addr":"172.67.149.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"events-gentlemen.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Feb 2026 07:54:28 GMT","end":"Sun, 10 May 2026 08:53:16 GMT"},"fingerprint":{"sha1":"2E:09:E5:76:3F:1C:50:87:F0:EE:EA:22:05:9D:FE:03:DC:15:9E:E8","sha256":"F5:B7:22:49:5C:0E:32:F2:E9:E7:24:82:B9:78:0F:89:E9:0E:81:5F:E1:3B:5A:EB:96:DF:E0:BD:A2:D6:F6:CC"}}},"request":{"raw":"GET /_nuxt/assets/index.js HTTP/1.1\r\nHost: events-gentlemen.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-gentlemen.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:25 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Mon, 09 Feb 2026 08:51:21 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nvf%2FsgNGhUUd947udBEMlQ3h4iaWOJDz7lTax4u5nbO52qDluN50J13%2FqX98GFvt6Ynq0Yw8hrzoDSYX2ufVkRomc90aBf5FblaSkwKYpTrBan7I\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 9cd8fd2cdc792efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"events-gentlemen.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:25.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"16:62:FB:B8:FF:3A:46:6C:9B:6D:CD:92:D9:4D:14:3B:59:48:25:B1","sha256":"85:9A:F5:D7:C3:BC:CC:6D:01:3A:9C:71:F9:24:07:98:12:7B:61:7E:2F:43:CD:26:EE:39:8E:AB:76:AE:FE:B8"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 13 Feb 2026 03:04:57 GMT\r\nexpires: Sat, 13 Feb 2027 03:04:57 GMT\r\ncache-control: public, max-age=31536000\r\nage: 82709\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14500,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-06-08T20:34:13.350634Z","times_seen":2768,"resource_available":false,"data":null}},"time_used":421,"timings":{"blocked":190,"dns":5,"connect":15,"send":0,"wait":34,"receive":1,"ssl":169},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/config","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:27.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:27 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kH5FSX2q0luyJL9m22Liq6Bjv4wSGx8XcjFQjb3wPQ%2BGs%2FBLyAq0cbRyb4ZKqTDA%2FK0j2mu8ocxC%2F2XHRfR5tX0baLW7nmAmGohAa2CdukCr5K0Qx0zpbCg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fd39eb244e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/config","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:32.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:33 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y8XV61LobPCZ5zc0dlwb%2Badk0oJ5%2BPEMEc4y8VEGgUJtRjCIKceY0Z%2FpWGiUXpGCO7iuZDqJBersyIppIBA7gCpmq6CpQkT67Em3ovhQ6jQQRrva7%2FhRqFc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fd5b184f4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":189,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/config","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:34.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:35 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k9CP4NG8LMGEwiGaSDlZ%2BF8W54QPNem1IpdVqXd%2B53jNHE2q53StBqWuP%2F%2BG1vOWme9G4d0e5R4J2YOvWev46PMnF%2BRZU6IwPVHinQn8yXM%2F4thLZ1FPznU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fd6749a44e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/config","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:37.120Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:37 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kzZBiSUWJxQC9IZ%2BhwJyTMjUkHTQYnL9hoSyMeJwnDMxMVTcK8WAT7PWGnTF8%2Bb4aQXuoGl214Rd%2Fx33DuO4H%2BUdiw0YJZuo%2FtCE5h6%2F1hMKZDghD04%2FRpU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fd750ae04e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":184,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"machinist-dawn.g-app-d.cc/api/config","fqdn":"machinist-dawn.g-app-d.cc","domain":"g-app-d.cc","tld":"cc"},"ip":{"addr":"104.21.68.157","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:42.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"g-app-d.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 24 Jan 2026 14:44:36 GMT","end":"Fri, 24 Apr 2026 15:41:52 GMT"},"fingerprint":{"sha1":"F5:A5:7E:A0:DD:EF:11:02:83:FD:46:5D:1C:F4:04:73:F2:99:C4:B8","sha256":"2B:46:A4:5B:DA:A1:FA:66:A1:F5:C1:D2:6F:A8:30:EB:8A:E1:2C:53:99:E9:A0:34:88:0C:32:C8:56:76:76:31"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: machinist-dawn.g-app-d.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://events-gentlemen.fun/\r\ncontent-language: en-US,q=0.8;en\r\nOrigin: https://events-gentlemen.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 Internal Server Error\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:03:42 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vbki3ewFK90O%2FLz1retIbLgwxkyWnBJqbjKkeNJmg2WuQrbWGaxXnbxmePmEpUIBlH6R8eLR6XMnnMA9FfB1AMGQ%2FGAskABkq6MPbSiSdUJ55XQeC1iTCJU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fd952e454e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"Internal Server Error","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T20:34:26.488801Z","times_seen":16249334,"resource_available":true,"data":null}},"time_used":201,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"machinist-dawn.g-app-d.cc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://events-gentlemen.fun/","date":"2026-02-14T02:03:26.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:41:02 GMT","end":"Mon, 20 Apr 2026 08:41:01 GMT"},"fingerprint":{"sha1":"CE:4C:7F:8F:8F:6A:C6:C8:7D:B4:2F:84:18:4E:0D:FB:63:4C:61:E5","sha256":"26:A1:50:21:90:A7:C5:05:61:2F:4B:99:EE:0C:BA:28:24:E5:BF:CB:00:37:F9:42:00:D8:72:4C:00:37:9B:B9"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://events-gentlemen.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 14 Feb 2026 02:03:26 GMT\r\ndate: Sat, 14 Feb 2026 02:03:26 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-06-08T19:53:31.248723Z","times_seen":29637,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}