{"report_id":"8416d1f7-cba5-48c7-a7c9-0481c42bc015","version":6,"status":"done","tags":[],"date":"2026-04-17T21:29:09Z","url":{"schema":"http","addr":"waever.live","fqdn":"waever.live","domain":"waever.live","tld":"live"},"ip":{"addr":"104.21.72.203","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"waever.live/","fqdn":"waever.live","domain":"waever.live","tld":"live"},"title":"Solana Airdrop Campaign - Airdrop SOL","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"waever.live","fqdn":"waever.live","domain":"waever.live","tld":"live"},"ip":{"addr":"104.21.72.203","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-22T21:29:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-17","alert":"Sinkholed","trigger":"waever.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"waever.live","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":7,"request_count":7,"received_data":738602,"sent_data":3313,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"waever.live/","fqdn":"waever.live","domain":"waever.live","tld":"live"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9ac0198f978da5c650dc0b26c3c18648","sha1":"dc98539b0498310d1cac65740915a3645c930cad","sha256":"885828dc8a0d6e3d15e1df7df9375b4070933a3f47c28372633af59f60fa44f8","sha512":"d319dd67f173809f211da9980c2c617dbd625e8d2b06885f66067eed1d4129cca0f96c9303c9a41f601e5fe343f30c843bf54febc17921c3efbf2f7e1838640e","ssdeep":"","tlshash":"bac0129081b149b45a2818fa6379529624e06879a5c29596f2be8d8a5b8dfc04648524","size":194,"data":"","first_seen":"2026-03-25T15:46:53.521863Z","last_seen":"2026-04-17T21:31:10.153399Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waever.live/secureproxy?s=%2Fipfs%2F225Ekaqs4vMfrp3rGBByrA0ab274dd271881e9b19c63e2b0b1a339%3Ft%3D1776461329223","fqdn":"waever.live","domain":"waever.live","tld":"live"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"351f7c37b4338ecc61cfea00173c8de2","sha1":"357c7235aca2282f9e8eaf6dea3cab0c184020e2","sha256":"7d4a790298aa80bf5b1657f9600d62ec52e874e5e6596a84dca39bf5dd8ea665","sha512":"f11b9a11c326664b428cb35d3792cf9751d29c24034eb6c2720f4ab6fd10622db0567eeabd5e5aeb6e1191b5f24ac712420d2578392db98860fc3a7b9e6f35f6","ssdeep":"6144:Ih5gDDAOsstbFZFSXwRTMsS8chPcsdJs3wFYYH/3h8qcPOQA12Lcv0q:osDAnXwRTMP8chPc730WW","tlshash":"a4d4eac2ab08157340ca2eb5047b42afdf882d4d078ba85077f9afd9d74578231eee59","size":622853,"data":"","first_seen":"2026-04-17T21:29:14.390076Z","last_seen":"2026-04-17T21:29:14.390076Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"waever.live/_next/static/media/e4af272ccee01ff0-s.p.woff2","fqdn":"waever.live","domain":"waever.live","tld":"live"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://waever.live/","date":"2026-04-17T21:28:48.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waever.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 07:34:05 GMT","end":"Thu, 25 Jun 2026 07:34:04 GMT"},"fingerprint":{"sha1":"1E:DF:52:24:36:CF:4F:82:57:5B:B4:B0:32:89:B9:1E:D8:90:60:80","sha256":"AB:A6:B6:CB:82:A5:A0:41:D8:2B:95:43:41:EF:1F:15:74:D8:18:E6:8A:E8:4C:17:B6:D4:95:1E:EA:5B:7E:7D"}}},"request":{"raw":"GET /_next/static/media/e4af272ccee01ff0-s.p.woff2 HTTP/1.1\r\nHost: waever.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://waever.live/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 17 Apr 2026 21:28:49 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 48432\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 27 Mar 2026 08:38:03 GMT\r\netag: \"69c641eb-bd30\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o6mLJI0Umx6xiWkbpNgxKBX%2Fmt%2Bi79vymVblxu7tr4oTo7ajkJUsbwnHhnfCqbpOisonp9OEppHi0zIskIbFBUo5jT8AAxYw6WQfLARJzlrXb88wH2p0TY6gQpbE%2BQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ede8589d82f120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":48432,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 48432, version 1.0","md5":"65850a373e258f1c897a2b3d75eb74de","sha1":"1dc044f4824fd5af6bfed67fee48be70fa069f3f","sha256":"c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4","sha512":"df2683f3dd9724de589451a47bc608c9925d54b874ad97b733dd465ef41f9db75e9e31604762415c2fc1433d050e45fdefc6ecd7ecadf58d1243d9ca5f4bf74b","ssdeep":"768:3IkDHBYoX5Pi4JxTGz9CDR0s1ROSsA8mF77YNt7wFhVq9oN2WfpdqWjBA:tNYoX53xTl/R8W77YNtUFrWoUWvdA","tlshash":"56230251f5f8624a7fc3003fbc317bd862909fe5996ee5d91288f30225611dd29ee017","first_seen":"2025-05-30T12:57:00.85385Z","last_seen":"2026-04-18T03:17:34.298682Z","times_seen":39107,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-17","alert":"Sinkholed","trigger":"waever.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waever.live/secureproxy?s=%2Fipfs%2F225Ekaqs4vMfrp3rGBByrA0ab274dd271881e9b19c63e2b0b1a339%3Ft%3D1776461329223","fqdn":"waever.live","domain":"waever.live","tld":"live"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://waever.live/","date":"2026-04-17T21:28:49.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waever.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 07:34:05 GMT","end":"Thu, 25 Jun 2026 07:34:04 GMT"},"fingerprint":{"sha1":"1E:DF:52:24:36:CF:4F:82:57:5B:B4:B0:32:89:B9:1E:D8:90:60:80","sha256":"AB:A6:B6:CB:82:A5:A0:41:D8:2B:95:43:41:EF:1F:15:74:D8:18:E6:8A:E8:4C:17:B6:D4:95:1E:EA:5B:7E:7D"}}},"request":{"raw":"GET /secureproxy?s=%2Fipfs%2F225Ekaqs4vMfrp3rGBByrA0ab274dd271881e9b19c63e2b0b1a339%3Ft%3D1776461329223 HTTP/1.1\r\nHost: waever.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waever.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 17 Apr 2026 21:28:49 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: max-age=2592000\r\netag: W/\"98105-NXxyNayiKC+ejq9t6jyrDBhAIOI\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=f8e8JDk1oRzBLVqRB1SuNg.js\r\ncdn-proxyver: 1.50\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 04/17/2026 21:28:49\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: 92ddbda0aa932447f6e4fd5abdf864e3\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SrTMoY5hvhhMN0YhApP4VGA2tYJnAgLgll%2Bon92SabGRuWJjMVhg0H3XPE2fUa%2BEqUTE%2FXRZxYxuM5gBqD4OoMM7GLw7ZFuxSa0TN3iG4bVMZsj6aUxN%2FQuygplF%2Bw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ede858bad54120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":622853,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"351f7c37b4338ecc61cfea00173c8de2","sha1":"357c7235aca2282f9e8eaf6dea3cab0c184020e2","sha256":"7d4a790298aa80bf5b1657f9600d62ec52e874e5e6596a84dca39bf5dd8ea665","sha512":"f11b9a11c326664b428cb35d3792cf9751d29c24034eb6c2720f4ab6fd10622db0567eeabd5e5aeb6e1191b5f24ac712420d2578392db98860fc3a7b9e6f35f6","ssdeep":"6144:Ih5gDDAOsstbFZFSXwRTMsS8chPcsdJs3wFYYH/3h8qcPOQA12Lcv0q:osDAnXwRTMP8chPc730WW","tlshash":"a4d4eac2ab08157340ca2eb5047b42afdf882d4d078ba85077f9afd9d74578231eee59","first_seen":"2026-04-17T21:29:14.390076Z","last_seen":"2026-04-17T21:29:14.390076Z","times_seen":1,"resource_available":true,"data":null}},"time_used":810,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":703,"receive":106,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-17","alert":"Sinkholed","trigger":"waever.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waever.live/_next/static/media/solanaLogo.74d35f7a.svg","fqdn":"waever.live","domain":"waever.live","tld":"live"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://waever.live/","date":"2026-04-17T21:28:49.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waever.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 07:34:05 GMT","end":"Thu, 25 Jun 2026 07:34:04 GMT"},"fingerprint":{"sha1":"1E:DF:52:24:36:CF:4F:82:57:5B:B4:B0:32:89:B9:1E:D8:90:60:80","sha256":"AB:A6:B6:CB:82:A5:A0:41:D8:2B:95:43:41:EF:1F:15:74:D8:18:E6:8A:E8:4C:17:B6:D4:95:1E:EA:5B:7E:7D"}}},"request":{"raw":"GET /_next/static/media/solanaLogo.74d35f7a.svg HTTP/1.1\r\nHost: waever.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waever.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 17 Apr 2026 21:28:49 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 27 Mar 2026 08:38:03 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=makwXght53WLu0xh0zcWuAXVLDbS06%2FRVC2aUAtcO7Kchk9BaKAjjwuXue4xxqr09DmYTvSpIyM1caIiKKXN2aZHSHl7nl8l9b7lZtzmX66R%2FjXrKEaspsJN7lcz6A%3D%3D\"}]}\r\netag: W/\"69c641eb-183d\"\r\ncontent-encoding: br\r\ncf-ray: 9ede858bfded120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6205,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0ca2e4f85bd0d3ee4258ae35a60ba3c7","sha1":"7599514be75a8c29f0dc4177296c60fd518519c9","sha256":"ccdc416707911112da5933a6ed9f60ce1f819333e70447a5701bc012d6865f51","sha512":"18c75ee5b2caa5b2b7a59d1e8c54846026dce5fa711d52519f952227b99450742ebff0087f7d31d05c94f7dcf7872c8c9ce634040993b2caff54b3ad2da77397","ssdeep":"96:cWTQQ83QXj2UHYSzZBF4FSmCHGMnKJ+RYQQFYmVeqaYeegJPIIxxiIUghsdKQkfo:cWTZ8gz2SDFA6bvYRraYePPVx0fdYS","tlshash":"2ad1cadf239496f6e484e3e4dc0785757a2fb4fa6a68c318c39dae4e50490de5c08ec0","first_seen":"2025-09-08T13:15:31.335449Z","last_seen":"2026-04-17T21:31:10.149354Z","times_seen":15,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-17","alert":"Sinkholed","trigger":"waever.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waever.live/favicon.ico","fqdn":"waever.live","domain":"waever.live","tld":"live"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waever.live/","date":"2026-04-17T21:28:49.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waever.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 07:34:05 GMT","end":"Thu, 25 Jun 2026 07:34:04 GMT"},"fingerprint":{"sha1":"1E:DF:52:24:36:CF:4F:82:57:5B:B4:B0:32:89:B9:1E:D8:90:60:80","sha256":"AB:A6:B6:CB:82:A5:A0:41:D8:2B:95:43:41:EF:1F:15:74:D8:18:E6:8A:E8:4C:17:B6:D4:95:1E:EA:5B:7E:7D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: waever.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waever.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 17 Apr 2026 21:28:49 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Fri, 27 Mar 2026 08:38:03 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PWid1r6B5KwkUKy6UPPBivHc%2B5K67kxB1v%2FC3KQXP9PPzoA5e9rQlOrECgetTTVlO1dm%2Fu5wcsvnuAbhdm8iKWzpcpE86WAKFsKbKiwUQ5gRzl7XBy5infaczY%2BTBA%3D%3D\"}]}\r\netag: W/\"69c641eb-69a\"\r\ncontent-encoding: br\r\ncf-ray: 9ede858d299b120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1690,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"6e0652a2c4c070e17facc705e575510c","sha1":"38552ce8b54b2c4d21055ce4a63cd90f222ed7ec","sha256":"5e1cf230b213ffc7dc0cd1ffb4eca12b7435dc52158cbec997f1d8bfe528b3ea","sha512":"a77f81e6e60a8e4b3569b5bea27ab0e8ef61a8a64e0a40e97d9761f7874ed8b322211bab750af98b91248d482cceb71bae1e250c310c0be3f973f3314f17c88e","ssdeep":"","tlshash":"7631c82a26993c158b71dabd2b13022d88377f77d44b795f102ef92a00b1284ccc910f","first_seen":"2023-12-27T03:47:54Z","last_seen":"2026-04-17T21:31:10.150784Z","times_seen":15,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-17","alert":"Sinkholed","trigger":"waever.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waever.live/secureproxy?s=%2Fjmpd%2F","fqdn":"waever.live","domain":"waever.live","tld":"live"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://waever.live/","date":"2026-04-17T21:28:50.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waever.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 07:34:05 GMT","end":"Thu, 25 Jun 2026 07:34:04 GMT"},"fingerprint":{"sha1":"1E:DF:52:24:36:CF:4F:82:57:5B:B4:B0:32:89:B9:1E:D8:90:60:80","sha256":"AB:A6:B6:CB:82:A5:A0:41:D8:2B:95:43:41:EF:1F:15:74:D8:18:E6:8A:E8:4C:17:B6:D4:95:1E:EA:5B:7E:7D"}}},"request":{"raw":"POST /secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: waever.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://waever.live/\r\ncontent-type: application/json\r\nContent-Length: 1420\r\nOrigin: https://waever.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1420,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QBzgITAyMAFADlAicDFwCrAi4AAgABMQMAAO8nhn2XtsKCAUjMLPppXR36ICFiT2ICAACH_2JEm-IsGLhKlhYTqWwIA-Kmcz32QDaO9NY-jay4Sy3fmFI2g8Df0_RFOAfleTfaO_yzayaBCCFBB66OOe7RO1l0KVbX1ttVU0ujzr_r7Ef5nnFzFHJQaQZgxQVPR-jw4di-I9h4qem9p2KgdcSr5uX5wKQUoNXrIa44cWopUrH0VlHRSiuFmj57ZS0XrymW3AT9awF1VookqQkN5owjzJaqwAwX6XGBJFOx5l7kUQufBR9Jqq64gUctC9H00HLNN05OGKLAaDPHvtuVOT3YhMC7MHsHJ1gg4uVGzIQyTLmpoM11v1JdPbrl_V4fvAdV8UXJfp0NalE77WuGsZtB9c3HGO739ZtFvY3Cch0QxPiVOJut3w--eY3fiqa85EjbgJWenspY39Dlw_a88Vs7__n-i5J-wjTuAMN0wY8dwN51Ah7KoeQCQsxiKXY8EEQFuy9gBwEEEnhNMFpaDsHt1VNLgwaGB2G9CFvSYuVs1AJpK-53UqgHpzHYPtba3PEriHWCbqCnHPZLafV9YNC9N3muVCPZodaoxdFqa4a18KMoIwWv99dOd_qBSD1V2F2IetxbI0-ge41USQMDv4N93obXCb3a0uYRMrQrY3LGSksHGiylIB6YZEr5nDiFPxDCW1-t2-zIdarfRqIgRbp-hn8OnKfhzrO3PcUuNCvS1ZOF3FYPHDXYk3CC1umafSZ1WYKR5sXcOtT3dJFcRMIcFxrX4BYaEIymxdnCu51EKiRoiwTZ1iRdm7HjtiqwZALxLcqYuKTVziitSiToMIwwPGy6EIFgcMKkql3hnJbZDgiIimZhGiLal0FdFT1Jc9PJjmD0ZX96vqLEziAhvlN6ukBG-iWMLX9cpAeLBOtoftjTw7m7DP7xGhxH3g4EHrHCU6i6P74ofe4OQlD8YzRUOXDVKdsMrYp9I1bFU6XtCeG3GcBGy2Ex4DZDHOadzvvOfwn6Y9ekicxegzrRr6hNBXvsFAtav4rMeEGzXBMc6LTfKxLLBUfZ71iNxNzJLDnN8LwraoeF4MEKTVHpbYvdKLJ2vk9RC8pxtuCLyW09JJUDLffW-Co5b2WLUcCfCwW9tkvmQen1uiNu_uymqt1nbUIZPcxgfkUQ\",\"challenge\":\"eyJpZCI6IkIxVDZkM3Z4ajBzSm9VQ3cwZmlLOHciLCJub25jZSI6NCwiaGFzaCI6IjAwZTE4OTg3NGMxNzdjZDUwNzZkZWZjYjM4YTUyNTZmODg4Yjk4NmZjNWVmOTM2MWM3YzU5MzNhYWJmOTYzMDcifQ==\"}"}},"response":{"raw":"HTTP/3 400 Bad Request\r\ndate: Fri, 17 Apr 2026 21:28:51 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 11\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"b-EFiDB1U+dmqzx9Mo2UjcZ1SJPO8\"\r\nx-ratelimit-limit: 20\r\nx-ratelimit-remaining: 19\r\nx-ratelimit-reset: 1776461391042\r\ncdn-proxyver: 1.50\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 400\r\ncdn-cachedat: 04/17/2026 21:28:51\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: e1343388bbb2d4398b2aa236a0425fe9\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XUhkzENW7fbAXNMHHe9X8SkDzpF4EKzeZa6o2rqPGVtAW5l9mN7Tk%2BQgfFi74Xf%2BZiFBOCru6QZrEOSEX7YdG3o07YnkVr%2BhgcO9fXEp3ZIu%2BpezgstYldRw71Ktzg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ede8595bf42120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"825644f747baab2c00e420dbbc39e4b3","sha1":"10588307553e766ab3c7d328d948dc6754893cef","sha256":"7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa","sha512":"bfe6e8df36c78cbfd17ba9270c86860ee9b051b82594fb8f34a0adf6a14e1596d2a9dcdc7eb6857101e1502aff6ff515a36e8ba6c80da327bc11831624a5daea","ssdeep":"","tlshash":"6550003300c0300cc0000000cc00cf00003000003000003300000cc300000030000c00","first_seen":"2023-04-05T23:04:48Z","last_seen":"2026-04-17T21:31:10.152232Z","times_seen":9973,"resource_available":true,"data":null}},"time_used":811,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":811,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-17","alert":"Sinkholed","trigger":"waever.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waever.live/","fqdn":"waever.live","domain":"waever.live","tld":"live"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-17T21:28:48.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waever.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 07:34:05 GMT","end":"Thu, 25 Jun 2026 07:34:04 GMT"},"fingerprint":{"sha1":"1E:DF:52:24:36:CF:4F:82:57:5B:B4:B0:32:89:B9:1E:D8:90:60:80","sha256":"AB:A6:B6:CB:82:A5:A0:41:D8:2B:95:43:41:EF:1F:15:74:D8:18:E6:8A:E8:4C:17:B6:D4:95:1E:EA:5B:7E:7D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: waever.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 21:28:48 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 27 Mar 2026 08:38:03 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BJY5hvmeEzD94yUb%2FA4GrdGCCOB0nl%2FPspKHZvL8Qi%2Bk%2F8G%2FJn0tnFapwmkPudnh%2BzI6XCCwqjsNE4c5EfVjmEEHV3p%2B74oT0XRpZGncZpDQ1f99g2bP51%2BavQX4RA%3D%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9ede858669e80b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7499,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (491)","md5":"56c06b500f426cf5e7667ece2b635658","sha1":"0c1ec280f0519e7ae559c7e0873081779eaa7b70","sha256":"7513b5c47d0214673078925ef7d79168b447ad771b879f5a3ac3fc5dbdf19220","sha512":"56ee48d82cf5d797e8b4a078f0e1b18349728e189a6eef60ef7109137254b61f7630a7f6ebe8476ea77bc5aa9906cff09a09c80e9debdff0d166e891479941be","ssdeep":"96:6BBfBO5vNbeVtIXo4Bi+cmPCkcYBi3k3uRNkcYOazUq/RMXVhKH/FyJIZJ5aHkM:6BBpORNaQp0YBUYOVq/RDHZJ5aHkM","tlshash":"3df1c8a050f0a9fb44578375b474a213aa57a8bbd21a49ceb39c05e23fc6c72cc975d8","first_seen":"2026-03-25T15:46:53.519229Z","last_seen":"2026-04-17T21:31:10.142816Z","times_seen":3,"resource_available":true,"data":null}},"time_used":395,"timings":{"blocked":38,"dns":18,"connect":1,"send":0,"wait":319,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-17","alert":"Sinkholed","trigger":"waever.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waever.live/_next/static/css/e569db43f1d56efa.css","fqdn":"waever.live","domain":"waever.live","tld":"live"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://waever.live/","date":"2026-04-17T21:28:48.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waever.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 07:34:05 GMT","end":"Thu, 25 Jun 2026 07:34:04 GMT"},"fingerprint":{"sha1":"1E:DF:52:24:36:CF:4F:82:57:5B:B4:B0:32:89:B9:1E:D8:90:60:80","sha256":"AB:A6:B6:CB:82:A5:A0:41:D8:2B:95:43:41:EF:1F:15:74:D8:18:E6:8A:E8:4C:17:B6:D4:95:1E:EA:5B:7E:7D"}}},"request":{"raw":"GET /_next/static/css/e569db43f1d56efa.css HTTP/1.1\r\nHost: waever.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waever.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 17 Apr 2026 21:28:49 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Fri, 27 Mar 2026 08:38:03 GMT\r\netag: W/\"69c641eb-ad08\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N0T%2FvxzKQHylyGOV4OYaXo30AsamCqa9tzYxnoENvY7XZB08TYCsGmgyFTFbRpFMQrCbpbsq9FX6KW6cr4IB3NPSi2ELCLaQGHYvxLdCHrTCXUnPdv%2Fkv1%2BeYmMGyQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ede8589d831120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44296,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"db892bec0fe693a7e5978960fc4e8a1b","sha1":"9ae38c669ca45c14179429a6802d1bfcffa20733","sha256":"93b070219d9f30e0ba311ed9f3d3cf474f9425e0a8aed7a2b59190287632b7f8","sha512":"bfae0342d590a733d7d22cd86cdeae38d8b51840ea3691985be487726d36e1b8c0041d114ad6d8aad87bf3ad11021972fcc44ddc6014fd3a7539d6f9bfd891be","ssdeep":"384:jR4oJaRZDJemOrFT3hJBzV8Cn20ghUFUdLqe:jyoJa1EhJBz520gmFWLqe","tlshash":"7e13740064735c391c1b59ed13dea65ef22aa0c74c6eeeb97fce00154f873b48aa6b45","first_seen":"2026-03-25T15:46:53.501969Z","last_seen":"2026-04-17T21:31:10.145708Z","times_seen":3,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-17","alert":"Sinkholed","trigger":"waever.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}