{"report_id":"a9297d68-8ed6-437c-8f9c-e66b8b31ebe4","version":6,"status":"done","tags":[],"date":"2026-03-15T04:46:30Z","url":{"schema":"https","addr":"claim-waronusd1.live/","fqdn":"claim-waronusd1.live","domain":"claim-waronusd1.live","tld":"live"},"ip":{"addr":"172.67.187.13","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"claim-waronusd1.live/","fqdn":"claim-waronusd1.live","domain":"claim-waronusd1.live","tld":"live"},"title":"$WAR - War on USD | Trade USD1 Pair | Join the Resistance","dom":{"size":33489,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (33463)","md5":"c6b480ed5ce0508e4883e0e66d3677c9","sha1":"e0244ca50f585be97d19a656bdc92bfc823842f1","sha256":"7941cb8f3ff713bc6f7716d85dba7ecc8f9a3683b26b2f507fed3fb867bd200a","sha512":"5e381fbb63e8e570c2fad218721fce626c320591f2e8505b23033f907a3622830533f3a69295aa058763b44eed0a6396d2fc41b7216e499bc03d285c865b6a20","ssdeep":"768:I5PummshKKLsM0Yrq8BM4PbdGcm2VOykVOybe6ZbrnXOWSZ+PEcDZ3GXyEC1bjt8:I5GJeYxPEcDZ3GXfUGtz","tlshash":"91e24cf24184083edb1f1e52a2d23f493faa730fcd1145819a243e78d1dbd92a91b69e","dom_hash":"domhash4d86def88dd0cd9ca8f120dc29999c0f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"claim-waronusd1.live/","fqdn":"claim-waronusd1.live","domain":"claim-waronusd1.live","tld":"live"},"ip":{"addr":"172.67.187.13","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-19T04:46:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"claim-waronusd1.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"claim-waronusd1.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"claim-waronusd1.live","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-15T04:46:31.430948Z","last_seen":"2026-03-15T04:46:31.430948Z","alert_count":6,"request_count":3,"received_data":10254917,"sent_data":1490,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"claim-waronusd1.live/secureproxy?s=%2Fipfs%2Fz_cXQ8zM6tY2p4IR2OCA4w4292517f3888abbebfc7d73519607354%3Ft%3D1773549966375","fqdn":"claim-waronusd1.live","domain":"claim-waronusd1.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e985e5a288c1a81bf8f78cb7b9c4bef8","sha1":"7dea26b670eec67b3832098ccbb220a6624901a4","sha256":"ab39b9c9551068fc6dece74800fdd33aded877f52c34a58292eff17b55f0b195","sha512":"2a71e3e7f7650060785566caae8767fb152f17865b7492395bf8b67fc00f19c61e2521c6cc4c605cdefc92bf9ca23541dc694e4efa7e451f5317ff85cdcf287c","ssdeep":"6144:qh5gD76Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qs7ZunzvlzSWP8p0Q+Bz","tlshash":"afd499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd098a5e379b8351e5998","size":634424,"data":"","first_seen":"2026-03-15T04:46:35.748155Z","last_seen":"2026-03-15T04:46:35.748155Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"claim-waronusd1.live/secureproxy?s=%2Fjmpd%2F","fqdn":"claim-waronusd1.live","domain":"claim-waronusd1.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://claim-waronusd1.live/","date":"2026-03-15T04:46:09.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim-waronusd1.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 12:32:04 GMT","end":"Tue, 09 Jun 2026 12:32:03 GMT"},"fingerprint":{"sha1":"3A:53:38:40:7B:67:D5:F8:2C:DB:F6:85:07:00:3C:95:70:E7:A2:C6","sha256":"36:C8:AE:0B:8D:55:67:25:0D:4B:94:67:FF:AD:0B:CB:4B:1D:96:1C:2B:B6:3D:F9:8B:F9:A3:08:4B:01:AF:1D"}}},"request":{"raw":"POST /secureproxy?s=%2Fjmpd%2F HTTP/1.1\r\nHost: claim-waronusd1.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1416\r\nOrigin: https://claim-waronusd1.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1416,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QBAQO0Ah0AFQDuAskCLQDRAhMAAgEALgMAAO8nhn2XtsKCAW1hsu7NsHlPt1WQX2sCAAB5iYMr1voSPn5Gyq1b2x1Xyjm2Z_uF_5y_dQ7-naCEBPTIdrp48XJMswGKVu8VNd6INE8SVPR_UySKtBpcSZL2N81Oifqb1aXkuFN4075dg2ykhLcsxjOSoMxsryzxNR2XEQ3OHgEty6w27ISAPgq4Y8cSH9ajkCMxIbiG_P42YxwQYDV7QKif1bbx4GFN0GY2zf-6wcg1TJ8bushv5_JhWTKCRTECxqc0mVDxCO7FWb99FkhM25-t2c1HP09U-RmUuHwLM1MqZUV7MwNYo72OwdS-da5t4giJ21DgrsQUspC1X2EcRrKehs8gfeGOUOqSGSd1vltruB6rHJsgi6mMV5Q-MdwrVJrS3qoP0L4oWmrStbAbgMpY3NxqYL7lHyiIujPeva97AYOHVX8rb77nuvSOIfobFmD2rlTL-Fpwa5h1s0JBh35aD0sXq4hBCIKVcCqfgN1Oz64kgRuqBjPbL1IjdlwyvAhE5jtinodsAbls70Vecim-0uPn4qdeLhsDWYTYx7rnMzikHdFwmmVzYHbhcl7D91XxzFXuvGpUkLiVbuyqnET-LX_01sih_XFUBfiGNkiR1FmhJuBL0vprVLtRPej7UCpWNkHUgrzTrhwVcKgeCjKVdhLK2TgRrdmhq0muGDWXCVZVwtQK58NVv0dhnOG-v5E753ejNmuMPgITxKYxtDVXvDqaVa9rhdql79X4RJtpgl-8Bp2fut38nCuA-ofpMM9oSvYvR-VVh0D-1hOWqPIauibUWHSwvsKIbieLrMSkicRbYSgtwjExAn4kcz4BFRepPkEl4gHS5Mg0kM0mqbHQfaGl0hfwUPw8WocRJgT-Y8VEoEu1_e8Mz3Zkf3N7EhgBS9Ig5PqQP1P4O7tf2RjFvQ26O01Iai5uzUXERKEDpVZJ2nIngCD2YDBByFpRbg0xaYWWSPoJohh_Ztg2y0lnx_01HeIcWHDOoeOA7Idotn7eTRzZb4gHbahZmbAdb7Igg93w0sRgdBUZkRbrOsPvHoQL_ni0JOWlnXjt-ckYRd7nZrus442-urGTFa9Wr4yGwn6sTNvb2F5DRhWi6vlmlUGgfRR_o6TmsACfzSUKcsaYnewRTW6Vqawges0Q\",\"challenge\":\"eyJpZCI6IkI0MGg4ZHpHNjlkWXhpaTcwZkwtNGciLCJub25jZSI6MjcsImhhc2giOiIwMDk4NzI4YzNjY2Y2MTI2OTJlZDcyMmUzZjQ4YjIyYjM4MmM1NmJlOTU5MDc2MTE3ZmM3NzUwNmFmYjZiNWU0In0=\"}"}},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 15 Mar 2026 04:46:09 GMT\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"a-bAsFyilMr4Ra1hIU5PyoyFRunpI\"\r\nx-ratelimit-limit: 10000\r\nx-ratelimit-remaining: 9999\r\nx-ratelimit-reset: 1773550029286\r\ncdn-proxyver: 1.47\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 204\r\ncdn-cachedat: 03/15/2026 04:46:09\r\ncdn-edgestorageid: 1056\r\ncdn-requestid: 7edf26144f65c7cd0beaff38ffbafccc\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S8VIF2cYAAIb3FFr9J0fH8eoR6H5RqaflK44q4gBuwTKsppJLOt4u44IFx7WC4gNxr67AVla5i%2B6%2FPfE02M%2F%2FmxDoQCCb%2B1QdmfvcJM7KMjR0IhQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9dc8df6b5de01a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":747,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":747,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"claim-waronusd1.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"claim-waronusd1.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claim-waronusd1.live/","fqdn":"claim-waronusd1.live","domain":"claim-waronusd1.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-15T04:46:05.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim-waronusd1.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 12:32:04 GMT","end":"Tue, 09 Jun 2026 12:32:03 GMT"},"fingerprint":{"sha1":"3A:53:38:40:7B:67:D5:F8:2C:DB:F6:85:07:00:3C:95:70:E7:A2:C6","sha256":"36:C8:AE:0B:8D:55:67:25:0D:4B:94:67:FF:AD:0B:CB:4B:1D:96:1C:2B:B6:3D:F9:8B:F9:A3:08:4B:01:AF:1D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: claim-waronusd1.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 15 Mar 2026 04:46:06 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Wed, 11 Mar 2026 13:17:44 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=idUTBqI3eipARRJ3KhvoOWhxzOrA%2BC0GcDdjdpqzpp7lLfxsgcuiPb6nZI3BMvlrkqj7NoxDFrGLtIUSVmfPzwF1PwI4pzmOr2ZuOuYHaZFFuKfw\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9dc8df56c8e1723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9616681,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (64999)","md5":"867bea7aa19eacf88f1adb805d723550","sha1":"3ea69a1cb550ddaf6c5a119d4d86df06d1cb2120","sha256":"97244f8dfbe1d9557b457e59b8b2eb795dbdc13d2cc7d32ff322df508b51362c","sha512":"478ecf151cd0a1a8cb3a40aed756760277f0071a88164e10cb337574d146f1d085c70c731d6be7f792510e6f31021b97e008aef77e72a29efa563ead9f4f6493","ssdeep":"24576:/sT9Jpk89QbG6dMSt/KKDdBkb3e7aqyco:/sBkuYpMoKKht78","tlshash":"8825233289677cfa5bac716252623e199c2845534dd9b88ffacc25f3368e350de1d82c","first_seen":"2026-03-15T04:46:35.742635Z","last_seen":"2026-03-15T04:46:35.742635Z","times_seen":1,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":54,"dns":45,"connect":1,"send":0,"wait":235,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"claim-waronusd1.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"claim-waronusd1.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"claim-waronusd1.live/secureproxy?s=%2Fipfs%2Fz_cXQ8zM6tY2p4IR2OCA4w4292517f3888abbebfc7d73519607354%3Ft%3D1773549966375","fqdn":"claim-waronusd1.live","domain":"claim-waronusd1.live","tld":"live"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://claim-waronusd1.live/","date":"2026-03-15T04:46:06.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"claim-waronusd1.live","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 11 Mar 2026 12:32:04 GMT","end":"Tue, 09 Jun 2026 12:32:03 GMT"},"fingerprint":{"sha1":"3A:53:38:40:7B:67:D5:F8:2C:DB:F6:85:07:00:3C:95:70:E7:A2:C6","sha256":"36:C8:AE:0B:8D:55:67:25:0D:4B:94:67:FF:AD:0B:CB:4B:1D:96:1C:2B:B6:3D:F9:8B:F9:A3:08:4B:01:AF:1D"}}},"request":{"raw":"GET /secureproxy?s=%2Fipfs%2Fz_cXQ8zM6tY2p4IR2OCA4w4292517f3888abbebfc7d73519607354%3Ft%3D1773549966375 HTTP/1.1\r\nHost: claim-waronusd1.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://claim-waronusd1.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 15 Mar 2026 04:46:07 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 4623665\r\ncdn-requestcountrycode: NL\r\ncache-control: max-age=2592000\r\netag: W/\"9ae38-feomtnDuxns4MgmMy7IgpmJJAaQ\"\r\nexpires: 0\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=ZtfOwK4kdrARrMPlopAOgA.js\r\ncdn-proxyver: 1.47\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 03/15/2026 04:46:07\r\ncdn-edgestorageid: 879\r\ncdn-requestid: 31949340e61de3a3fde02eb1f7349b11\r\ncdn-cache: MISS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NGUZJHeeHUSYxsX7%2Fh%2Bso%2Brto8nkWDckhiazOo%2BSFbN21AmvsjMcdy2EgH43i5Uh7u579YmSgmva2tc%2BPMiFUXmXEgTUCKPF%2BUGNYBtyM0M9llhF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9dc8df5a1f611a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":634424,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e985e5a288c1a81bf8f78cb7b9c4bef8","sha1":"7dea26b670eec67b3832098ccbb220a6624901a4","sha256":"ab39b9c9551068fc6dece74800fdd33aded877f52c34a58292eff17b55f0b195","sha512":"2a71e3e7f7650060785566caae8767fb152f17865b7492395bf8b67fc00f19c61e2521c6cc4c605cdefc92bf9ca23541dc694e4efa7e451f5317ff85cdcf287c","ssdeep":"6144:qh5gD76Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qs7ZunzvlzSWP8p0Q+Bz","tlshash":"afd499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd098a5e379b8351e5998","first_seen":"2026-03-15T04:46:35.748155Z","last_seen":"2026-03-15T04:46:35.748155Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1186,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"claim-waronusd1.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-15","alert":"Sinkholed","trigger":"claim-waronusd1.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}