{"report_id":"a0621cca-0170-4f7a-8f7d-f7408ce9e913","version":6,"status":"done","tags":[],"date":"2026-02-14T02:02:16Z","url":{"schema":"https","addr":"event-ore.com/","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"event-ore.com/","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"title":"$ORE Airdrop","dom":{"size":95690,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (352)","md5":"e6861b8ef54b1f6135687b5c49fd91ff","sha1":"7a2fa2bbfd687c7be6c504df5c85bf0ac166533c","sha256":"4a4e74d6be8517afac06a948c501fdd7161df2f0148baf23d257547f0aae6bef","sha512":"4c1a89237945e810ef2cfd39464bb0fa4c06f80ff03223b393b9cfb60c7ae023310e0c0af9f97c4f771efa9018236f29b3f44a4ff872a0191f3ae8708e320164","ssdeep":"1536:Ls4AsFMThwcO2W6l9rZfE7jQHLyyi2m6gKE4M8tcpfdxlZS3TyY6pK2sGfv1d/lo:g6ZS3O7pK2tFVlMPLl2xaRj7dWx0t/93","tlshash":"e6933019a6b395b66c23727e17efa10d7338d047d80ddda87e9c12008fca2f89d91b59","dom_hash":"domhash55a16e1503d2b521c25c1c640e607b29","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"event-ore.com/","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-21T02:02:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"event-ore.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"event-ore.com","ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-07","domain_rank":0,"first_seen":"2026-02-12T19:52:29.659605Z","last_seen":"2026-02-12T19:52:29.659605Z","alert_count":10,"request_count":10,"received_data":1203435,"sent_data":4588,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"event-ore.com/engine.io.umd.js","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ab1dbfde379dc49671a79b3b943b8db","sha1":"c952c1e77cd987bfbaa8d592c827e6bc60113d45","sha256":"8fb119a4b53fe1f32f3b749c05808fdcd70d63cda7451e9e69ead03ad602658b","sha512":"452d1c93d43b51374fb90b97f42a75b96cc59de0899ed4070004ee7255c6cb9897c70a2a1c822d648d6028a1ca423e8fbef6bd6973de40f3926ad069062d1239","ssdeep":"1536:ObLBrJ1/vQ0kBDf8Y0Cn6lIqTMGB4wvBAr2Vec9Q:CtJp7kDn6lfgWIn","tlshash":"be4395d5790b3c7ec3d49b891f292906b9921103af4d93069f4477bc758c9a2e1fa8f2","size":58711,"data":"","first_seen":"2026-02-12T19:52:34.465131Z","last_seen":"2026-02-24T21:18:48.993129Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-ore.com/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fco.extended.cjs.js\u0026t=29517241","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","size":656642,"data":"","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-06-07T04:15:26.458958Z","times_seen":2555,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"event-ore.com/css2.css","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://event-ore.com/","date":"2026-02-14T02:01:55.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-ore.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 14:56:58 GMT","end":"Tue, 07 Apr 2026 15:54:33 GMT"},"fingerprint":{"sha1":"6A:E8:C0:A6:5A:8B:9A:73:BB:DC:CD:98:09:39:06:44:14:A7:5C:48","sha256":"F3:52:07:5F:D0:AF:12:A3:CD:49:E8:31:03:FC:C6:53:67:88:E5:A4:91:2E:02:5E:95:98:1F:37:40:BE:74:66"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: event-ore.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-ore.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:01:55 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Wed, 07 Jan 2026 15:53:29 GMT\r\netag: W/\"695e8179-840\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RAJGT76rdsoqdC6lK9w86LQxMhQEUZkut9FgG026XVtqHnH5vQerwyM5UwAYs2G076SjFAPCZ92gncJJLiulFOdfafgmuiLaCHA4Y80%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cd8fafa0b06723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2112,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"94008a89c8d6024db3d861cb7ba4a4f4","sha1":"51705aa43b6b5fe174beb82b06c56178246906ec","sha256":"0a0b13c690f1a1ed9e59cf520667bb9f3d3cee7e8ea89318a03f40ba9b9cf05b","sha512":"e54628d0a2daf050618534f61b4283e15f80ba17123dab3289050740e501a76d9dff62026199c6e2c7df929a7e2d7e3c56b0e22d47a4877dfcd71176264467e0","ssdeep":"","tlshash":"41418b80087ba504d7931cc122ce7e32ee2db19064459d346ffe1498fc5bd59a3b2b4d","first_seen":"2025-01-25T17:56:03.203401Z","last_seen":"2026-06-02T08:32:25.483394Z","times_seen":883,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"event-ore.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"event-ore.com/engine.io.umd.js","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://event-ore.com/","date":"2026-02-14T02:01:55.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-ore.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 14:56:58 GMT","end":"Tue, 07 Apr 2026 15:54:33 GMT"},"fingerprint":{"sha1":"6A:E8:C0:A6:5A:8B:9A:73:BB:DC:CD:98:09:39:06:44:14:A7:5C:48","sha256":"F3:52:07:5F:D0:AF:12:A3:CD:49:E8:31:03:FC:C6:53:67:88:E5:A4:91:2E:02:5E:95:98:1F:37:40:BE:74:66"}}},"request":{"raw":"GET /engine.io.umd.js HTTP/1.1\r\nHost: event-ore.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-ore.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:01:55 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Wed, 07 Jan 2026 15:53:29 GMT\r\netag: W/\"695e8179-e557\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ktQZlFSmPLrJ8bJ5ECH%2BTXAw%2FR3mHES2RWNSGaCuQ9eZaLZuH74b8sowpLWVfcUSS7Ene%2FufZzpdOo%2F8hacVV46OwpyMP%2F6tI7qoiyI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cd8fafa0b07723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58711,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (58461)","md5":"2ab1dbfde379dc49671a79b3b943b8db","sha1":"c952c1e77cd987bfbaa8d592c827e6bc60113d45","sha256":"8fb119a4b53fe1f32f3b749c05808fdcd70d63cda7451e9e69ead03ad602658b","sha512":"452d1c93d43b51374fb90b97f42a75b96cc59de0899ed4070004ee7255c6cb9897c70a2a1c822d648d6028a1ca423e8fbef6bd6973de40f3926ad069062d1239","ssdeep":"1536:ObLBrJ1/vQ0kBDf8Y0Cn6lIqTMGB4wvBAr2Vec9Q:CtJp7kDn6lfgWIn","tlshash":"be4395d5790b3c7ec3d49b891f292906b9921103af4d93069f4477bc758c9a2e1fa8f2","first_seen":"2026-02-12T19:52:34.465131Z","last_seen":"2026-02-24T21:18:48.993129Z","times_seen":3,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"event-ore.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"event-ore.com/Pilat-Demi.otf","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://event-ore.com/","date":"2026-02-14T02:01:55.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-ore.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 14:56:58 GMT","end":"Tue, 07 Apr 2026 15:54:33 GMT"},"fingerprint":{"sha1":"6A:E8:C0:A6:5A:8B:9A:73:BB:DC:CD:98:09:39:06:44:14:A7:5C:48","sha256":"F3:52:07:5F:D0:AF:12:A3:CD:49:E8:31:03:FC:C6:53:67:88:E5:A4:91:2E:02:5E:95:98:1F:37:40:BE:74:66"}}},"request":{"raw":"GET /Pilat-Demi.otf HTTP/1.1\r\nHost: event-ore.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-ore.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:01:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 122752\r\ncast-mode: default\r\nlast-modified: Wed, 07 Jan 2026 15:53:29 GMT\r\netag: \"695e8179-1df80\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9VHP1%2BNqKPEe4Br6Id%2BM6knfdf2ctpq4LH5KGr30Rdb%2FPlNdYaAYY72n2HF9TAJ99FK2NYPTmZRypXx1JmBYYJqbAV0k1iQglUFzfNs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd8fafc0b48723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":122752,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"3d81c05835321c0b6155f746bf479bf0","sha1":"e81886314d9d7fd5943e395e315be10a820049a3","sha256":"02a380105660ef6c3f36220c2914c8b04b6f3140c9508d8f9f334f0deb3673ed","sha512":"5cf4954fdb0e60f69b6b6e93bc55300cd122d4a2f48b2ef1e99a149ae62fdf2ce38c2a7d217978c6eb1560feb0e2866c24e5e1b6c8a273af5857d3646c746360","ssdeep":"3072:0N5lv79vZp3MeJJ77QbXxwAf93Ad2e0mlxyhxiqN8gfB++++++++++Acj63D:0r0xJf9MnzlxyhxiEJ++++++++++pC","tlshash":"f0c3396a33613f02cdd1ef3ba829d7125239b1596d066f17f81ae6c91af11fb192070e","first_seen":"2026-02-12T19:52:34.456014Z","last_seen":"2026-06-02T08:32:25.484605Z","times_seen":4,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":236,"receive":114,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"event-ore.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"event-ore.com/","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-14T02:01:55.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-ore.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 14:56:58 GMT","end":"Tue, 07 Apr 2026 15:54:33 GMT"},"fingerprint":{"sha1":"6A:E8:C0:A6:5A:8B:9A:73:BB:DC:CD:98:09:39:06:44:14:A7:5C:48","sha256":"F3:52:07:5F:D0:AF:12:A3:CD:49:E8:31:03:FC:C6:53:67:88:E5:A4:91:2E:02:5E:95:98:1F:37:40:BE:74:66"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: event-ore.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Feb 2026 02:01:55 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 07 Jan 2026 15:53:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hNy1RqGDZC39QVY5qAKNRqGMb%2FpAmIwVHFKG2R8j5QdXG3DOVQyh%2Fpv7T16gv5SdixQnzbJ8ji4DnD86jG6X9W6hn%2BCM%2B%2B7UyInsNLs%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9cd8faf719df5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":96087,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (352)","md5":"debbc8a0d6037b1cc71bcda28397f91d","sha1":"e705cadec3925043b631c8f0de68c9f7b9e4bbb5","sha256":"8d180c831ef019ea9f1d3f9291077b287e730cc953c2e1b0cb65136673b82aaa","sha512":"ac9e6e2fe1244083033a673f52bc20d8c10615bf501d5f38181b5bbeb99710d59eb5350eac259f33356af4e943360188ebe9bea41b8db3d5479cd8e17bfc3807","ssdeep":"1536:Ss4AsFMThwcO2W6l9rZfE7jQHLyyi2m6gKE4M8tcpfdxlZS3TyY6pK2sGfv1d/lM:N6ZS3O7pK2tFVlMPLl2xaRj7dWx0t/9F","tlshash":"74933119a6b395b66c23727e17efa10d7338d047d80ddda87e9c12008fca2f89d91b59","first_seen":"2026-02-12T19:52:34.450511Z","last_seen":"2026-02-24T21:18:48.988021Z","times_seen":3,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":25,"dns":8,"connect":1,"send":0,"wait":249,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"event-ore.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"event-ore.com/secureproxy?e=ping_proxy","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://event-ore.com/","date":"2026-02-14T02:01:55.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-ore.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 14:56:58 GMT","end":"Tue, 07 Apr 2026 15:54:33 GMT"},"fingerprint":{"sha1":"6A:E8:C0:A6:5A:8B:9A:73:BB:DC:CD:98:09:39:06:44:14:A7:5C:48","sha256":"F3:52:07:5F:D0:AF:12:A3:CD:49:E8:31:03:FC:C6:53:67:88:E5:A4:91:2E:02:5E:95:98:1F:37:40:BE:74:66"}}},"request":{"raw":"GET /secureproxy?e=ping_proxy HTTP/1.1\r\nHost: event-ore.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://event-ore.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:01:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hvy9D%2BajgHc7xJ9tP25s%2FaudOzP3JVUJqwsR5ghGHWfdA5RYcHXqw0TPw2b9pqqxGxO%2BveDyG8rAVeM5UyTRfDcpRqrgNkrfOIqXBac%3D\"}]}\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd8fafbdb45723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"6fdb087aa3fbfbcb8287a593a0919e61","sha1":"0e514a0662bcb69dc863953d1ce26e3d40e81a87","sha256":"9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2","sha512":"be5457d14c930b51b47ab152850c1ceaafe6ef88c8671b48164abbc83410b0c07a1e178540f6cdeac5f2672cadb1d1cbbb3434b3e39bc2c50c4646a2bae57437","ssdeep":"","tlshash":"fe300000300000000000000c0000000000000000000000000000000000300000000000","first_seen":"2023-04-12T09:14:15Z","last_seen":"2026-06-07T04:15:26.458373Z","times_seen":8777,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"event-ore.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"event-ore.com/Pilat-Book.otf","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://event-ore.com/","date":"2026-02-14T02:01:55.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-ore.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 14:56:58 GMT","end":"Tue, 07 Apr 2026 15:54:33 GMT"},"fingerprint":{"sha1":"6A:E8:C0:A6:5A:8B:9A:73:BB:DC:CD:98:09:39:06:44:14:A7:5C:48","sha256":"F3:52:07:5F:D0:AF:12:A3:CD:49:E8:31:03:FC:C6:53:67:88:E5:A4:91:2E:02:5E:95:98:1F:37:40:BE:74:66"}}},"request":{"raw":"GET /Pilat-Book.otf HTTP/1.1\r\nHost: event-ore.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-ore.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:01:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 121032\r\ncast-mode: default\r\nlast-modified: Wed, 07 Jan 2026 15:53:29 GMT\r\netag: \"695e8179-1d8c8\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZZ1fOZfPXdBEIf3Nx0i7WOsgjByACigYsamVgFILpJrd9jnxochJX6OH142mSmfamKN1AqMPLpJzVlp61AD1QfA6uCiG%2BKlZYlqDvOA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd8fafc0b49723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":121032,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"ec3e36545cc2cf93ed4754b9798cd718","sha1":"80191fa9dca961c7baa7e157661fbb72b3fbf0e6","sha256":"cb3a8ea8d6bc08ea391c59ce53101c0f8bfdc0f1a72bbcf627d4cab68e623471","sha512":"7d4ddb62e07c08d6fc38cf39faa91385860c4746048fc59d466910610f8a46533681ce9f6b9003c2913fa62bdbaaa6675f2a04e311bf43d03e576167512cb351","ssdeep":"3072:2j5lv79vZp3MeJJ77QbexdQDZIF1GlCAA7TmVLNMh+0D6q23aSF:2lHDQcoNMmt","tlshash":"4dc3595a73813f02cb56cf7ba965eb11a235b5992a022f13f612f2d52ef18e32d1050f","first_seen":"2026-02-12T19:52:34.474571Z","last_seen":"2026-06-02T08:32:25.481239Z","times_seen":4,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":213,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"event-ore.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"event-ore.com/Pilat-Regular.otf","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://event-ore.com/","date":"2026-02-14T02:01:55.850Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-ore.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 14:56:58 GMT","end":"Tue, 07 Apr 2026 15:54:33 GMT"},"fingerprint":{"sha1":"6A:E8:C0:A6:5A:8B:9A:73:BB:DC:CD:98:09:39:06:44:14:A7:5C:48","sha256":"F3:52:07:5F:D0:AF:12:A3:CD:49:E8:31:03:FC:C6:53:67:88:E5:A4:91:2E:02:5E:95:98:1F:37:40:BE:74:66"}}},"request":{"raw":"GET /Pilat-Regular.otf HTTP/1.1\r\nHost: event-ore.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-ore.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:01:56 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 120992\r\ncast-mode: default\r\nlast-modified: Wed, 07 Jan 2026 15:53:29 GMT\r\netag: \"695e8179-1d8a0\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xx1lfZP%2BZiMLM%2BMuSTn4%2ByM4D%2BqVvdQj8ck0cuZAi0x9d4GsOQHTn%2FGKJxsT0lQIP3d%2Fo2bvSK9p5w5zU4Rosi7UmQMDN6GFm5g8ANg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9cd8fafc1b4d723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":120992,"size_decoded":0,"mime_type":"application/octet-stream","magic":"OpenType font data","md5":"52fc2363980bf91165290a88846dd32a","sha1":"806e7c78d766113aaeafb58c44e909ea4c92aa81","sha256":"b341e89211f87f6c62225902c146bb83081524f17a83b044b2212219249d35cf","sha512":"0b724ae2f6f1b3a0f88f1df874b43f1c4f92d78aa2cf9dceed37599923dbd1bd4a39ed788c75f45b8e12dac8c7f0c9aa34a273b7a79760b99681aa8fd4cf7162","ssdeep":"3072:255lv79vZp3MeJJ77QbB0G2USSMLIMxQsLW4fXneny+j89YoyHk38f6M:2XazkLIYQAYl89NN8t","tlshash":"21c37b9637917f22d981cf3b5968d3301239b6646e02af1bf805fbd558f29e30e2065e","first_seen":"2026-02-12T19:52:34.461152Z","last_seen":"2026-06-02T08:32:25.479782Z","times_seen":4,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":287,"receive":144,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"event-ore.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"event-ore.com/secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fco.extended.cjs.js\u0026t=29517241","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://event-ore.com/","date":"2026-02-14T02:01:55.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-ore.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 14:56:58 GMT","end":"Tue, 07 Apr 2026 15:54:33 GMT"},"fingerprint":{"sha1":"6A:E8:C0:A6:5A:8B:9A:73:BB:DC:CD:98:09:39:06:44:14:A7:5C:48","sha256":"F3:52:07:5F:D0:AF:12:A3:CD:49:E8:31:03:FC:C6:53:67:88:E5:A4:91:2E:02:5E:95:98:1F:37:40:BE:74:66"}}},"request":{"raw":"GET /secureproxy?s=%2F%40v1%2Fcdn%2Fjs%2Fco.extended.cjs.js\u0026t=29517241 HTTP/1.1\r\nHost: event-ore.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-ore.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:01:56 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\nvary: Accept-Encoding\r\ncache-control: no-store, must-revalidate, no-cache\r\netag: W/\"a0502-14+i6Bt7XM8ofHk8WpmFyqoPYWI\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=co.extended.cjs.js\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 02/14/2026 02:01:56\r\ncdn-edgestorageid: 883\r\ncdn-requestid: 7ffbed53e19b6d45f73a6ae990cf2ecd\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=djlRvmD6QgCOdCsZx8glc39c1U31tUyYHN1cP8AoW8tO2wKyqlKgIMDH5FMFnlZYD95dv5DFazytEIz%2FTXVCP0WjCaInsXamU8zZK7A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9cd8fafc5b56723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":656642,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"96c2ff1601099c21c598c24e6f43c7c4","sha1":"d78fa2e81b7b5ccf287c793c5a9985caaa0f6162","sha256":"7fd19c564761e2c8c9b583cf30db810e313417c7d3572f637f8cedf4d2cc1e91","sha512":"d7df68372670f0173ac5dc3c54ee38f13b29703dde9f71ec74827b535735e99b2b253e07960d66d8c3230f13cf29f20aa0f083db014cee0710379ffab68932be","ssdeep":"6144:0ujB8gltIeTM5/S8g6zRh5gDVLU2GIt/KJAsJRrydM147u/lhDlEqH96lm:vhltVM/g61sNUWsSdG7R","tlshash":"1ed438c2821814f684eb0ab6d133a21fdb4cce9dc69f2d20bfe55c9553c87a292f655c","first_seen":"2026-01-02T13:08:19.247086Z","last_seen":"2026-06-07T04:15:26.458958Z","times_seen":2555,"resource_available":true,"data":null}},"time_used":350,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":221,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"event-ore.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"event-ore.com/icon-dxh6e14917f457a073.png","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://event-ore.com/","date":"2026-02-14T02:01:56.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-ore.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 14:56:58 GMT","end":"Tue, 07 Apr 2026 15:54:33 GMT"},"fingerprint":{"sha1":"6A:E8:C0:A6:5A:8B:9A:73:BB:DC:CD:98:09:39:06:44:14:A7:5C:48","sha256":"F3:52:07:5F:D0:AF:12:A3:CD:49:E8:31:03:FC:C6:53:67:88:E5:A4:91:2E:02:5E:95:98:1F:37:40:BE:74:66"}}},"request":{"raw":"GET /icon-dxh6e14917f457a073.png HTTP/1.1\r\nHost: event-ore.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-ore.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:01:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 14496\r\ncast-mode: default\r\nlast-modified: Wed, 07 Jan 2026 15:53:29 GMT\r\netag: \"695e8179-38a0\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=71i1%2BJcDaGsLaHok%2BD2ALl6SfYvKXaLGSGVu18WKQ5wHTAGvoy6bE1lIPzfrDwvmrsDoutQg7qM%2BYhcVA9jGkDdAG50n92gYUVXYPYU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9cd8fafecb91723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14496,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced","md5":"d0fd2e2d9a61bd3076404cb373bf807f","sha1":"b77e8c2b3061f5b4ea47b847259977dd2c3f1492","sha256":"0a27e6db938105384723598956ee3ddbe7e7f6dfba709805a7a8fdf6fa96be25","sha512":"fe5ee1bc75b0266f39215b3a106fa55e737beaf79a70c9c35ad9e9765d380d4c2891e1f27b136e6cbd66c8c40b4aef61806449d8e9e3f81541bf17acfe6f4964","ssdeep":"384:4p46ib/fwGaKOkuDYyHWhya0bnWHtDykm:NXwGaKOkwHKeWND8","tlshash":"6a52aff97ebe4db827fb88433c937e42a33a8e495c9c09652769f1e24d960eb6041611","first_seen":"2025-11-26T12:55:45.3761Z","last_seen":"2026-06-02T08:32:25.485585Z","times_seen":8,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":257,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"event-ore.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"event-ore.com//secureproxy?s=%2Fjmpd%2F","fqdn":"event-ore.com","domain":"event-ore.com","tld":"com"},"ip":{"addr":"172.67.153.65","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://event-ore.com/","date":"2026-02-14T02:01:56.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-ore.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 14:56:58 GMT","end":"Tue, 07 Apr 2026 15:54:33 GMT"},"fingerprint":{"sha1":"6A:E8:C0:A6:5A:8B:9A:73:BB:DC:CD:98:09:39:06:44:14:A7:5C:48","sha256":"F3:52:07:5F:D0:AF:12:A3:CD:49:E8:31:03:FC:C6:53:67:88:E5:A4:91:2E:02:5E:95:98:1F:37:40:BE:74:66"}}},"request":{"raw":"POST //secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: event-ore.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://event-ore.com/\r\ncontent-type: application/json\r\nContent-Length: 1732\r\nOrigin: https://event-ore.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1732,"data":"{\"route\":\"8XUwkBv9vhPYfVpD1fxb7EC65sUXJdqr\",\"payload\":\"2CUeamYArFdPVfMa5qejSkqoRAUPF7aaQMBdFp9kVge6LNjtkcAfGH75w1Br7yLz8chR2M6nf2Vr566GHXFESpEgfaiewQdNYF2h9xEaFiN9BYEuKwzQUSvCiVZGrZ7kUVFMnPNknAeUdv1dYFjkwD11QXdRszm6VrTc1DUjPAwGbs3Mtg2oMWsGaB4r8NfEmVCgNQWpjgXjUcED73Y3oABXTcpntUKxDrybry34k8UduEGw6424L9cGDiJ2X7KVkg17sVgJfsdgjSo8huCh7JwsXnvNc247UQkG2ygGEPqpARNxf8ssHLxX5cLK1b95Nc2DsVFaMoxFLzuvTAc4atTnwHAoLQpBeckAZSH1HKzj9P8sgKpCYi24A7CCTNPgkM4pW3tRAjcjixuNdmE9SpJtGEz9D2ZWQyugq1oMX7QL4DSwWPQ8s1i65fdxHFSpSXKQ61Lq2GwznCWuQqTbN47ncYxecS6ywmTkZf58QTRq7zHS9jXDcYgU1pMfXKDPrxFVWaGAxAmCf6D7ivoob3FxdbZYAvv76x4jmhAQCnAhLJsE5YbswUFi44KVy4vV9MGJwZ9PwPLaMX43Zw4joxPRNurBfQT8tGzR7ZoRB3RnrcTgfabHxtQwjqxfHydDLuwdAppgxUvz1zbvvqT6ywzwokmzCVenGMUMpuPkmdG5Lyu4PNJxS1ETYGgx4qHhiuHv8cxTWY9w3CfhoXDaSRAkX65euofqu7aZepZ5cxQamaZByAKTiMGdnMahoHSJ6GbrL11wvx1JrDirKZBgr8FF8mY33vsSuqiWRBgTXTkuwYse7rbFuT6TzgqG3pjx3xf1d3hc2uBhP9V7VsF9JADMZhN3kaEiJ5VZcdBGT6yd7qamDetaDwTtNXuWLpGtkTH6qFn4v435EZAGemKD5AwfyHP7qKegdBTeHGUCJEr6AqSh3AywzDFWTU8Pb7vwvUZQFsfPD1YxHMrQuPBtH5MwN7mfsa4FPrXeufebgnMaTiKG96zfcUW9ut2nxV37dv51JeXfb2NBfn65A2ZyVSoW2Wjn4kdjhpjtPk445wnfkFX3tZA4HHPGjuimr1GbsA5DCp1Qdnv1J3bfxeVDUyq8BvUbLoSU6GbfneZy5TKCfnMoaNeev2rGrLE4aVmFyZzRwfajuKro1tebqhn31VSgNoYX2bnd5JftqKmLAi1F5Rzq81zPcbDVJNt3GFMdzhejDMYiddwpJuoy1wz5FBdPnJRJoNjiYJddpVn44sRKc8E7k7fyAPW8uPk6XhTbgECMt6JGFuRtyARPL3B5HpRRbGVUwcwjx5X12wCPoJwBtysTtMFm6ATUn8aNr6JrCKgyqngoqWGiH2GqdYxw62ktmZVwG6j8J9SsbfZPujnmPGbumhcoxWS5ghQBo86Zh89aUP8QxfhmQpR4tMFVMesBuzo9AxL7ev5MBgV4mVxu4avvgCauGrt8NGt7GRevkxQLmNjfA39uHjSB897fWzUKKSE5pTpQ36qA4CTyTyKr4RLyz4iUzvyU3G8TQMLzp9UMNFdqjR2ZLbMVvHbaYSCCJJJTW54vcUNJBFUAVBPoHKzs2DaBLE2vWMDCURYuZJcFBfUW65txooftrMVdsuRAKiEmDebAGaVk8BFyR3BBATdtKHC3Ton6UqdCkoEQt4qVSVPbFd4\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 14 Feb 2026 02:01:56 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"d5-+OMKV0ALOmf9vApnJG2+e8VZIZs\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9999\r\nx-ratelimit-reset: 1771034576410\r\ncdn-proxyver: 1.43\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 02/14/2026 02:01:56\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: f721eb05f5e3bf51043af014bf5aa722\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kQIXlYu3oLhkHbQ%2FybuzgNGiKTLnelW4sdIjKDJ%2FY%2FWGL%2F4JiVxarN9rjRfi0uTEc%2B1Yt89%2FysBer7%2BveCzLS3WS%2B7USheVk8OPn16k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9cd8faff4ba7723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":213,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"ebf0674008425e33c16f59bce63bcae8","sha1":"f8e30a57400b3a67fdbc0a67246dbe7bc559219b","sha256":"d9a6526715caa0eeb6ae6b8754f37e50042a760f3ddc72f7090b5076991ad8ea","sha512":"feec4c6f9250fcd827680b2aee5718a63264da43007bcee60076bb6f936cbb551e04bd964896ebeae5cd669a3321a4c49d308267eabb06724f844a77678f2802","ssdeep":"","tlshash":"12d0230083a803c2727171f540f5c2d10b239de08050088c1224c8cd50100400a8c530","first_seen":"2026-02-14T02:02:18.281796Z","last_seen":"2026-02-14T02:02:18.281796Z","times_seen":1,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-14","alert":"Sinkholed","trigger":"event-ore.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}