{"report_id":"bc109168-c18d-4263-ab92-585d5f9cd2a7","version":6,"status":"done","tags":[],"date":"2026-03-26T01:11:20Z","url":{"schema":"https","addr":"waronusds1.com","fqdn":"waronusds1.com","domain":"waronusds1.com","tld":"com"},"ip":{"addr":"104.21.77.217","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"event-waronusd1.com/","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"title":"$WAR — Proposal #001 | Rewards Allocation Vote","dom":{"size":45715,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"5400e2f083909f587c654408a48744c9","sha1":"f1a6c83c901e17c749c8fed12aefb2a4321e664d","sha256":"bd89661691810eebae6c6a04e52f4231045b73d3eb841f637d37483ce8dd073f","sha512":"f67eb0e21caa7743016d706ecdc37d95225534f9fecdc5632a0f5e13bdd4fc0e39916976175440e61b6e9a6ab747543b2b334a1273ebd7600560096b7408e51c","ssdeep":"768:x2L9yX8xhQ0EmA0EyuroNHyzmZyQH1S4zBVzC+zGHzs5jTIi:U9Q701LuroNsmZyQH1S4zBVzC+zGHzsr","tlshash":"8123746652a31136a4139da57bb61f2e3674c107d60ac4143bad23c48ffafe4de63289","dom_hash":"domhash2e44d7b5e0c4cb02d4cdbf245ecc46b4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"waronusds1.com","fqdn":"waronusds1.com","domain":"waronusds1.com","tld":"com"},"ip":{"addr":"104.21.77.217","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-30T01:11:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-26","alert":"Sinkholed","trigger":"waronusds1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-22T22:16:16.728956Z","alert_count":0,"request_count":1,"received_data":33630,"sent_data":547,"comment":"","tags":null,"fingerprints":null},{"fqdn":"waronusds1.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":45958,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-22T22:20:05.651051Z","alert_count":0,"request_count":1,"received_data":7349,"sent_data":480,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"event-waronusd1.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-25","domain_rank":0,"first_seen":"2026-03-26T01:11:21.560681Z","last_seen":"2026-03-26T01:11:21.560681Z","alert_count":0,"request_count":13,"received_data":3180191,"sent_data":6315,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"event-waronusd1.com/","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2dded3e3839273f6230c1112c6b62042","sha1":"94662241a1e78e83e74c028e69468c678a76567f","sha256":"8c9652a76b073533556bb5889ef21b78e6053e866ace7a64c137f0cb458b1b4a","sha512":"2d587307f156052a57ab2de5112650c1bc506dbf7a8fc709df8d2f570fadf7090abbd31836929bc0be89bd08c531a3fea692078443f356a26a4dc33dd01a578c","ssdeep":"","tlshash":"a9c0220492a48cb4212800cb303852a07c6018ac202230ae8faf9a4ad01cfc80f44650","size":187,"data":"","first_seen":"2026-03-26T01:11:26.25108Z","last_seen":"2026-03-31T15:47:43.225993Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1f603e12d1905574ee91e7193f5ccff5","sha1":"2f8220e649f0b75428281ef7a3b5da12603171ca","sha256":"5da61210c10543667b83e941fa090f153f82e5d7525298876f77a6cc40fafbfe","sha512":"4b963202fcf0522f25add27590b4c3ab8b3f92068a01a7363670252888bb21353f99e344d1954196f8e027d1e1e69cf81252fbd3a8a30632dd2365a05379baad","ssdeep":"","tlshash":"2d31ec2bbb831075bb3f20b94baf63443431a203144bd550bd1cca442fc0b69a169ee4","size":1644,"data":"","first_seen":"2026-03-26T01:11:26.253256Z","last_seen":"2026-03-31T15:47:43.226676Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/7s-w1MaY.php?s=%2Fipfs%2FdJvOLKYXXgI1x6YIzqO4Vg443ab22855e35e589db744003c94801f%3Ft%3D1774487458205","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"00df2e9ecf9700a876abd9d840c4a820","sha1":"c9dc114e907f0cf02dadaa511a2e17b59ac0c06f","sha256":"a38d2d2dbcd4ceb7d7d27e830920821da24926e859f1221ecf9576c1b21c75a4","sha512":"ef26bb369dbbf576c3fdfbba656d5a103f07f57fdd349b91d15ff7b5e5a7a013afc219be53e6d1f5e8c25f3c62ca29d56b8e103dfc8faa3c16e24051a1816529","ssdeep":"6144:qh5gD76Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qs7ZunzvlzSWP8p0Q+Bz","tlshash":"a7d499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd09ca5e379b8351e5998","size":634389,"data":"","first_seen":"2026-03-26T01:11:26.229574Z","last_seen":"2026-03-26T01:11:26.229574Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"event-waronusd1.com/oil-footer.jpg","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:58.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET /oil-footer.jpg HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Mar 2026 01:10:58 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 25 Mar 2026 18:00:56 GMT\r\npriority: u=4,i=?0\r\netag: W/\"69c422d8-4b5f5\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oInHPY44QjB6MvtfdLNCPNchapBjYMBfRt3VNsxgImxS5OLcC2o9%2FpIpwDBAHYsC6E2z%2BHw%2BoRLW9Ba9kttb9Cks02GMDYHQDuHaXvkirHqoGrApTs97JiyK%2FVPhtFqCegAdcMnI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e2247565dbd3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":308725,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1512x512, components 3","md5":"90157bf9704477e9bc87b795e9a38146","sha1":"192ed391f86553d048809d70f1ac9939216b9bad","sha256":"6c0ab18ea20114695b6162540dd3366b8bc40108f59e6494635d28eca25fb4dc","sha512":"fd63a6f422b96351d8468a5ef306d83f91683f7d5cc95e197ee11118ce2250ae9f166523c314609d347bc3f9c85547bde4c4f598c160f2965550c368acecc68b","ssdeep":"6144:mnSkcSxEaM5qVLQMRg3xTaJXi17lExOXRz/KVRWI4+4wjwfm4Wm:mLcZUVsSmoi1BEkX5iVRWIJcTWm","tlshash":"c36412a0fbcbeb240757a47e10bd3fbb5b2226e8a6d0560b11572d648818fb141c3b7d","first_seen":"2026-02-21T20:23:18.586794Z","last_seen":"2026-03-31T15:47:43.218578Z","times_seen":37,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/robotomono/v31/L0x5DF4xlVMF-BfR8bXMIjhLq38.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:58.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"D5:23:F9:83:DE:D4:E8:AB:85:EF:63:D4:2C:6E:62:44:96:04:04:8E","sha256":"D3:04:E0:CB:3E:1B:51:D2:DD:21:AB:B5:3E:6D:E3:40:D7:D5:1E:07:D1:8A:BF:8C:CC:01:FC:AE:92:1F:69:2D"}}},"request":{"raw":"GET /s/robotomono/v31/L0x5DF4xlVMF-BfR8bXMIjhLq38.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://event-waronusd1.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32796\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Mar 2026 18:54:20 GMT\r\nexpires: Thu, 25 Mar 2027 18:54:20 GMT\r\ncache-control: public, max-age=31536000\r\nage: 22598\r\nlast-modified: Wed, 10 Sep 2025 16:42:52 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32796,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32796, version 1.0","md5":"877722deef76ad28ea1ae5cf5e265a94","sha1":"ede7afbe887a70f22993d3a7da10b09fd58ff33b","sha256":"b81cd55177300649be8f95b3b747d721ce607e8ed2856e25bd0c630cfd631faf","sha512":"57d45f99a461633961fa7b10b5779001aff30c52d1bd1140bd0ecfe3b1b69da4e5c0120bb6d6d5fb0f06c344d0805c30e2aa08fcb2542a028611a2a264366d00","ssdeep":"768:+kWXmeGFcvj07i6aR4m0oaUEWNvZcjhsHlX2G/dS+92Z5NuI/L:+L2Lzi6aum0NUEW9ijhqXl/dSlZ5jL","tlshash":"72e20258d8954f3cebc4b572c0879bfccad58023f89d5564a47f4ab0e089e1f1934967","first_seen":"2025-05-21T16:47:22.796758Z","last_seen":"2026-04-05T06:05:28.958167Z","times_seen":4472,"resource_available":false,"data":null}},"time_used":370,"timings":{"blocked":158,"dns":0,"connect":37,"send":0,"wait":25,"receive":26,"ssl":119},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/Liberator-Light.ttf","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:58.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET /Liberator-Light.ttf HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Mar 2026 01:10:58 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 14892\r\nserver: cloudflare\r\nlast-modified: Wed, 25 Mar 2026 18:00:56 GMT\r\npriority: u=4,i=?0\r\netag: \"69c422d8-3a2c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YA6R3av23vsv9xeCtMxRdpQsJbNkJvei3PXZTpMdnCSbU67%2BgzBrwRBepriva7eeBL2ikfDzsr%2B9AwzWj6kXBpmyRSLw2RHSke3bu6u2IWPtgpIP3Y%2F1HKIIXl0EAtAp%2FW1Kptxs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e2247566ddb3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14892,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 13 tables, 1st \"GPOS\", 35 names, Macintosh, Copyright (c) 2014 by Ryan Clark. All rights reserved.Liberator LightRegularRyanClark: Liberator","md5":"af3e322cea756465bd5a0999b04015ab","sha1":"e89b565e8ecb1b6c5ee99dd1ba800527aacdbd8a","sha256":"40afc1c8064bcf773625ea7f2e1d2b8cf8f2e466afb32bc6b1a4cd601c4c1c1a","sha512":"8fed33a9ac1b7dc6454b397740e2f1e0b541fad3a6e6936e28e1bb663c69b1c5965e99ecb9eabc830df07fc6ddc9b0b844ec93f1c0634ce7fac57b9a3c79d8eb","ssdeep":"192:EgAMGuDiuXplQ/e/qUYZ/8C+w2YzhWLsfhK/NNCxTaVYEews+9jHssI/m0YaRLir:tAMGt0cGqUY/wsJKFNkUR370YaTdNe","tlshash":"0f62e61fb7d47716d0e346b59db44e9263b0ff187062671b3856920cbc6b2d0ee24b1a","first_seen":"2026-02-21T20:23:18.58924Z","last_seen":"2026-03-31T15:47:43.224018Z","times_seen":37,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/Liberator-Heavy.ttf","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:58.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET /Liberator-Heavy.ttf HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Mar 2026 01:10:58 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 14724\r\nserver: cloudflare\r\nlast-modified: Wed, 25 Mar 2026 18:00:56 GMT\r\npriority: u=4,i=?0\r\netag: \"69c422d8-3984\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OshK%2BO%2FS8jQYrgKRnK9fV7bcjsSbdgiC7RQuaCEQFT6iCghBrrFrzYyki0D81uDEoGhYl6IXCWEKW0uyJllty%2B1qyQRRNaQ4y92J%2Bj9Z6Cg7fATAzmwV4fTN%2FHFwwlYCNVDHGMLF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e2247566dde3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14724,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 13 tables, 1st \"GPOS\", 35 names, Macintosh, Copyright (c) 2014 by Ryan Clark. All rights reserved.Liberator HeavyRegularRyanClark: Liberator","md5":"3616b9ebab2971aa599027526096cf8d","sha1":"a80756bbf7d227ba9655d5488469b04dcfe9e24d","sha256":"1a1753ca55378e317d4727123c3ab400580856391841551322d50b4604a6fcdc","sha512":"5d0edfb11a5ed5524e0185c4b85d3a5ee2a7cd4e55d68aac89344ec98e51e5581c61aabf2f3669c373cae1c49400555882afc06d758479fa59a4ad7f2411c5ec","ssdeep":"192:y0eJXnN4N/jiR/UGZTSmlMuMu0K6qWHncWbcIo/+ywZUmeZQD7plM6AIBL0xg1c2:onNiLSBygyHSI9DeGpYIZ08sO","tlshash":"6762091ab3d45327d0f30ab4cae48b9253b0ff4575a6a70b248b964cbca94e0dd14f1e","first_seen":"2026-02-07T00:47:20.601416Z","last_seen":"2026-03-31T15:47:43.223274Z","times_seen":40,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/7s-w1MaY.php?s=%2Fjmpd%2F","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:59.998Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"POST /7s-w1MaY.php?s=%2Fjmpd%2F HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://event-waronusd1.com/\r\ncontent-type: application/json\r\nContent-Length: 1416\r\nOrigin: https://event-waronusd1.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1416,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QBEwOzAi0AFADHAgUDGwDYAhEAAQIALgMAAO8nhn2XtsKCAa3oQupdBozXnbgRX2oCAAB2M1V8x31lLn6FIsLkx-zn7zxrB075zlWSFlcwWdh7IrTSrmm4mFIuBmdAIhe_7bFySX_28LQgD65f0C2AxbwrYE5FWX4AJjagFuKGASvBzYetGvcXUZbZ_6U9udJM11ewWuaKYq-Moq8JgRF7ZNoSzQIb1uPiuYRT8Ncb8VaLn1zSUk-I7qWRpvQD19n1VvjxU4o5o2WvMXF4-6hJ99M9HlYtUROkyT955OwAHlHWY7LqB7XtivjnHpANZgPydVkIP81rLMaEe0xTt3XOaAGRZR9rKb1Y50aA3ddcQxgG6K_yf5xst18lNdfY78QtJUUGNhYrx__7TLkYe4sLfMHZrFJrfpKXvf2s9cLDP2oZttrdWPlhFq88dsHPZ_SyvfSLUQNBglNsVTYuu3sxKecq1k3ThrficYvHZNWOZ3RRua1bTQQAXd1erLLUma0Agax2O03wUpe-I3__fg6VSEv3qoRu__M9wkR8UPhZazpL0k742PJmawkhvOZo1-CmDPoYjZMXgU7QY8CaFXIJIXpUpZlvjk3g8oheVod76x_QDp4nQPlKfbFxZxdzERr-5mbRy1xsthKgsXSGFnABSfylAYvGHgQtkdrCNJBb_EENWeHk81SaUsR1Df5mABNYjS5PiQmF3mlUBNU2fm2TZDmqBVjMlTxcTQNRk-TyjH65ST3a3NAKR9DlVDLguiyEOlPdVaF4Vn_9GRV0dCLvhH_8aVZlWrnUpSH66yN47TffL1JuUM8k1BLdtt33oHxp7VBKAnNp3K_HGBOwbQS7NDmoM3HOkbwznY58HMevqiz11G4j6sY1jJZPMdp5WLBQigSz-fckIJcKhp1ld3QNGtDgxFr-lj8yUcpAkKOTQuXBuRh5EYKJkLoIX9KS14GQ0RR_Cclr-JOPXqmou7JL5VpC_k-KtWVOpDXlUSq4WL2EHr5V7x3CGePwd-tUoNe66iZMh-YvqA5K92CfeE5ESE8Yn2zS5bM4KCwjbHnrk1lItsVbNmCySqh1xo8QvOqtPOuEua6T7JDRmdIm_frmbEV0WDRmQM4JwVV2hS2GonJWcA1jxBS0ijju4uO4btAEUnQvcAn-ksSF19VvtdZxd1gYuoD5CnAQ\",\"challenge\":\"eyJpZCI6IlZFRFVEVkFkWkRSRk9aTXU3RDhBOXciLCJub25jZSI6OTIsImhhc2giOiIwMDY4ZDllY2IxNTA5NzQ5NjczYjgxNGFlMWZhMDg1NWM0YjI3MmJjY2IxZjdjMDk4ZGQwMjU2MGJjMmY0YWFjIn0=\"}"}},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Thu, 26 Mar 2026 01:11:00 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uqzJkhPZOqcoK2bHSejiz1Av4EM9H7s3xnvdCt0NuX5Pgnmy0L5ZrsIjDWQHX9SBRaq7NoqAujCgYVaSudroCgw6N7%2Bi%2BhwuZ9X%2F4qVdp3LORg9n6zH0ZTpugZfpkYaLkqfYIm60\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9e224760fd323181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T05:47:04.311114Z","times_seen":13362114,"resource_available":true,"data":null}},"time_used":656,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":656,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waronusds1.com/","fqdn":"waronusds1.com","domain":"waronusds1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-26T01:10:57.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waronusds1.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Mar 2026 20:37:50 GMT","end":"Sat, 13 Jun 2026 20:37:49 GMT"},"fingerprint":{"sha1":"C5:85:44:4D:57:81:36:8B:D5:3C:8B:45:E7:9D:D8:B5:23:90:8D:B3","sha256":"A3:99:A5:BA:CF:D1:EF:52:3B:54:7C:37:74:21:BE:C2:DD:1C:3B:02:35:79:75:7B:B6:36:C9:A0:13:0B:23:CC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: waronusds1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Thu, 26 Mar 2026 01:10:57 GMT\r\ncontent-length: 0\r\nlocation: https://event-waronusd1.com/\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jpNef6PCbGEbNSB6h1pWMry2JiyVPxiU886JEJ1OZy1ApkmmQ%2BlhKVLA2H%2FmbcD1cYJeDrp6mkPIwQ2yUmjzUHL40Q2YZpg6m3Ky3MROywUZNHtJXLm34nouH8%2BTJagJpw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9e22475208548deb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45435,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T05:47:04.311114Z","times_seen":13362114,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":131,"dns":122,"connect":1,"send":0,"wait":3,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-26","alert":"Sinkholed","trigger":"waronusds1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-26T01:10:57.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Mar 2026 01:10:57 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 25 Mar 2026 18:30:30 GMT\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fWDoBbDolZWzlkw5Z0AjwtcZNDji57ZvApNsyX6oyNRrajoTa6knS3SPYrtzpDyF9hqgAbAxd0ZfbbCl9J1r12dpfEMr3gN9LIzi7Se1i%2BPrqeHnS5UfbCpgjb7Gn697TYfPP1%2FE\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e2247526e992efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45435,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"2f76e0ecec482d22c0f7812dc0509753","sha1":"ce79ac7a8de974c9f4ea174d400dbb26d7911977","sha256":"4d3164703dedf26ed491eb8d8f71774562ef2e05b5159bd0b4f50f52188df45d","sha512":"24511377e237a5e1a31c063abf40909898316a720d033c66b3503119e7df904abf7b5173a29ab16cf9beed3f4b9419b93773a8969c5f61dc2bad5b5d0673e219","ssdeep":"768:k2L9yX8xhQ0EmA0I9roNHyYmZyQH1S4zBVzC+zGHzs5jGIK:Z9Q701I9roNvmZyQH1S4zBVzC+zGHzsm","tlshash":"a413742652a31136a4139da57bb61f2e3674c103d60ac5143bad23c48ffefa4de6368d","first_seen":"2026-03-26T01:11:26.222549Z","last_seen":"2026-03-26T16:31:56.330503Z","times_seen":3,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":59,"dns":43,"connect":1,"send":0,"wait":66,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto+Mono:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:57.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:21:09 GMT","end":"Mon, 18 May 2026 18:21:08 GMT"},"fingerprint":{"sha1":"63:D1:AE:99:1E:49:D7:6C:71:F3:BA:F5:BA:47:74:1E:EB:90:E7:D6","sha256":"69:90:BB:9D:82:60:82:88:FF:CE:F6:B3:3D:DD:B5:B5:FB:F0:56:17:FD:FA:0D:BC:9C:5B:83:51:98:0D:2F:CF"}}},"request":{"raw":"GET /css2?family=Roboto+Mono:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 26 Mar 2026 01:10:58 GMT\r\ndate: Thu, 26 Mar 2026 01:10:58 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6663,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"218790796ec498bd425a82a6f37f3f6d","sha1":"29fe8e2e9a7547134ad5a100c92165a28f3bd614","sha256":"539ce9013ae07ef6779f175ec5db4d073e4305fd45dfeacee45f160afecdf4cc","sha512":"d18204c101082bd5edd56ee4b2899ed7b3ac533a5e6a4f3f66fb0264edec3c05437077e1213523fc8be9d47a2c4b99a1a9b47f9ee46012fc0eeca69bedf36edc","ssdeep":"192:TNV2jNVmNVW3GNVzNV6RNVUNV2cNVFNVW3lNVsNV6iNVeNV2mNVjNVW3DNV2NV6w:pV2ZVMVksVJVKVyV2qVrVkLVaV5V0V2s","tlshash":"81d19cd2442a9410eb831cd627cf7f25fd4e6106a186c27d9bfd28a8acebc32235171d","first_seen":"2025-09-12T03:56:48.225969Z","last_seen":"2026-03-31T15:47:43.217041Z","times_seen":49,"resource_available":false,"data":null}},"time_used":416,"timings":{"blocked":179,"dns":0,"connect":39,"send":0,"wait":55,"receive":0,"ssl":141},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/war-footer-logo.svg","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:57.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET /war-footer-logo.svg HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Mar 2026 01:10:57 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 25 Mar 2026 18:00:56 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nXz%2F6g1P7gqklLmUHYr9yXPn8ds4x6DVCJJnUO9eIO1M7435XXoXvH05X3qmlNq4c1Get9hgxsG2fVhE4z4%2B82G57ghr9HkBub%2BX7k%2B3WRIK5KfYcrsyATBQ52TRqLP54mmIfZEe\"}]}\r\netag: W/\"69c422d8-2db2\"\r\ncontent-encoding: br\r\ncf-ray: 9e22475408bd3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11698,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e26562b1a17c8646b0b58aa42b3179b9","sha1":"2bddad66ceb3aabc8e157a69c8dee2f082cbc1ff","sha256":"940e1deb343b4971541a632374e4e97b39daacda6bad2ade218cdf779c1131a1","sha512":"240a8edc82ff7829063a54c99def5a9d13a7ad9b775afd4f1ea032ad77ae4710563666255a237369230682b20e82ceb068ed57f5b3b40685f474546de021bb03","ssdeep":"96:7/qQ6QxGflnNVX4hpJSBsTk/5C3OTDREfVFnqIXeG4v9dvaTGwGnXJPWov40zQNG:PSlNFmNOP+7XpJIZPPKuA4P8pv3E","tlshash":"e6324fdc4a45c3e4f4a0d6feec067a1c765334fe7ba15361c2689e823be656819098cf","first_seen":"2026-02-07T00:47:20.611798Z","last_seen":"2026-03-31T15:47:43.224647Z","times_seen":42,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/x-icon.png","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:57.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET /x-icon.png HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Mar 2026 01:10:57 GMT\r\ncontent-type: image/png\r\ncontent-length: 549\r\nserver: cloudflare\r\nlast-modified: Wed, 25 Mar 2026 18:00:56 GMT\r\npriority: u=4,i=?0\r\netag: \"69c422d8-225\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ekir%2BOMQw%2F9jTZ%2B0In4BlGUB3RsTXimu2Saw83PccapPuAHxqB5emHmtR2nvFn2m%2FObGY6zV7etUrswhhN401EiqPSvZr6LCrHNzDvCeazXnsm%2B0aMQJKA5zNYUvmPLSwe8N8JcB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e22475408c43181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":549,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b84d3f0e3156f61f37786c7955212378","sha1":"b114079602069721999e00f06776b54dfcaf6fac","sha256":"ba68a4f4199c9c54c34f2fb6b97be6277ba1e43f24610fe963f4b4ececcdd295","sha512":"d6f53d609b898eb49a12308f49b77147a5b3b55290f981ceaaca93f2138d9e21d7ed32bc28e33e3acb0df69405bad77435e3ed3a29410ad48cd1c070aca598ab","ssdeep":"","tlshash":"b0f020dc538aae2ac01d0afb1ce2729cb4e31c2c1322390fa824a15b7a865a4b385175","first_seen":"2026-02-21T20:23:18.584212Z","last_seen":"2026-03-31T15:47:43.22197Z","times_seen":37,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/7s-w1MaY.php?s=%2Fipfs%2FdJvOLKYXXgI1x6YIzqO4Vg443ab22855e35e589db744003c94801f%3Ft%3D1774487458205","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:58.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET /7s-w1MaY.php?s=%2Fipfs%2FdJvOLKYXXgI1x6YIzqO4Vg443ab22855e35e589db744003c94801f%3Ft%3D1774487458205 HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Mar 2026 01:10:59 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\naccess-control-max-age: 3600\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=53X2RkGcfOv5xZdjG66m1zvh2q0JZeKggJYvR7hswb0k0xHExPcN6Qy5eGqFbGgunV5dQXiN%2BcROqPsQHWcvL1esMVp7foCIt2bfUIA0rEf2IihaFxJo2MYmLxNP5lorYsDiHRC2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e224755ece53181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":634389,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"00df2e9ecf9700a876abd9d840c4a820","sha1":"c9dc114e907f0cf02dadaa511a2e17b59ac0c06f","sha256":"a38d2d2dbcd4ceb7d7d27e830920821da24926e859f1221ecf9576c1b21c75a4","sha512":"ef26bb369dbbf576c3fdfbba656d5a103f07f57fdd349b91d15ff7b5e5a7a013afc219be53e6d1f5e8c25f3c62ca29d56b8e103dfc8faa3c16e24051a1816529","ssdeep":"6144:qh5gD76Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qs7ZunzvlzSWP8p0Q+Bz","tlshash":"a7d499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd09ca5e379b8351e5998","first_seen":"2026-03-26T01:11:26.229574Z","last_seen":"2026-03-26T01:11:26.229574Z","times_seen":1,"resource_available":true,"data":null}},"time_used":852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":795,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/9b0ee291995e1321584b655bf173b4d93bfbd54e.svg","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:58.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET /9b0ee291995e1321584b655bf173b4d93bfbd54e.svg HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Mar 2026 01:10:58 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 25 Mar 2026 18:00:54 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uYWDNUvRABQ%2BshIy5MBe1TXiyix%2BpyNDPYQ5cun%2BOr2kP%2BFk5aM5SgAnBC67CMuuUEnL0rAgLndlfEfXz1dtlucbGMADroW4zQFOi6dnZPR%2F2%2BbxyzQ7i9PDfBpv%2FVuKvPM5AU7j\"}]}\r\netag: W/\"69c422d6-fe\"\r\ncontent-encoding: br\r\ncf-ray: 9e2247564db53181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":254,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2058ceaebba6d58ff458d570c8c9e556","sha1":"9b0ee291995e1321584b655bf173b4d93bfbd54e","sha256":"0706e3bc303455531051eeda99b3ce734d21f2b5f9a558cae8ef63feac3e9b58","sha512":"e50e2097579efbcaf9df82c2749b595d8e62ff042aaf29afeb2e6f34df28eafd4e183e1d50d92703c1dab9f1079215b3cb4de5095dcaf0c711206f49b105ddbe","ssdeep":"","tlshash":"43d02ee6c0e54e4ee3080526f4dcaa0cb46fe08013a908c9a0f923d494a70a0ee012ba","first_seen":"2026-02-07T00:47:20.60523Z","last_seen":"2026-03-31T15:47:43.217971Z","times_seen":12,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/u1476882918_httpss.mj.runjH2hpAAhtWk_b2_bomber_hovering_in_th_e1dad761-cc0d-43e3-a8f3-5a11abcf6f23_3.mp4","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:58.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET /u1476882918_httpss.mj.runjH2hpAAhtWk_b2_bomber_hovering_in_th_e1dad761-cc0d-43e3-a8f3-5a11abcf6f23_3.mp4 HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\ndate: Thu, 26 Mar 2026 01:10:58 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 1127342\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Wed, 25 Mar 2026 18:00:54 GMT\r\netag: \"1133ae-64ddd0c8de180\"\r\ncontent-range: bytes 0-1127341/1127342\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2TjhUOOE9goJ%2FIHIQ%2F5EXLlkgqfFIGeYa0wMl7KRbtP5NHpJMc8zUezJ8yXL7of86EpkLBdsLPcuvc%2FqUv8FUbQhllMz2TXid1rpsnjjm2kKs8LGTLdpH1rvWX6Qc%2FJX2xaaCsIt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e224756cec93181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43190,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"413ffbe535cf97906517fa96230d67eb","sha1":"f75392933f4f7a2b1700518918022cb4295c5165","sha256":"5a6ce9f0d6de41060235e2e2bbc5baa16cdaef5bb2e9a55af3ca6edd94062f09","sha512":"528fac8aa219b5928e49c453c148fbf11df99b29a4eff69626afce1eda951262845883d5f95247453c424583ed982f1fda20b3f9864ae11a513ac34be97ea4a5","ssdeep":"768:xogbhFsBGj3VuRg272YErf6/mKZJ6RDIir5LA0y2Ba4HwSjVgF8+4pYkMf0:GgbhGgj3H2pEL6uKieL0yp4djVg7CJMM","tlshash":"e413f1009b61ee93c204943370a853d97354eaaaf8cf930772c85e3dfc96a921f3b019","first_seen":"2026-03-11T00:52:20.858746Z","last_seen":"2026-03-26T01:11:26.232288Z","times_seen":4,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/war-favicon.png","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:58.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET /war-favicon.png HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Mar 2026 01:10:58 GMT\r\ncontent-type: image/png\r\ncontent-length: 661\r\nserver: cloudflare\r\nlast-modified: Wed, 25 Mar 2026 18:00:54 GMT\r\npriority: u=6,i=?0\r\netag: \"69c422d6-295\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oKHKV0SihOE8uoZ0b%2BXnwe2URtixI2WTrW8E0yyOQcKVy%2FOZa8Jc3d6qg4ZcqftyWwVkxISpMHG482lNS7sDjckwMBE%2FfnWfAcsdqfIgRGHwCZge6icXm9vIsIy4PaaJVbLY49P3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e2247585abb3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":661,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"b9f6bd2a4d6e531a395a8cccd662a061","sha1":"9caaa3ecc568595863bcb536557785e061d40f0e","sha256":"b0bfc5cd9cff1709a44a52447de893515a567a5da4355d30362142ff7c16f95b","sha512":"751e20fe5fe395d6a8ec7fba4b1530c347f985506c719154bc556b34f72c2bb12a18711859490a15086b61a953ba3ec983774f5f7265a929879e4a2ccb8283c8","ssdeep":"","tlshash":"eb0123c2b76e54bfc87314d4527a2be6685b1d669762c6068c8a1421427fe01005b762","first_seen":"2026-02-07T00:47:20.628512Z","last_seen":"2026-03-31T15:47:43.220522Z","times_seen":41,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/airbase.jpg","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:57.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET /airbase.jpg HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Mar 2026 01:10:57 GMT\r\ncontent-type: image/jpeg\r\nserver: cloudflare\r\nlast-modified: Wed, 25 Mar 2026 18:00:56 GMT\r\npriority: u=4,i=?0\r\netag: W/\"69c422d8-1fc44b\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ml8kBuocwddd88CSqYaNS%2B9O%2B1jEBbOs%2FBldpBN9OUfhiy2C2PvrRa0qEBtDxIBpPBJSiH1u2JPPlrOKRc5iYjJR2ldv8zU%2BToUt6%2BkCZldtw9IekBheY2fqNe%2FZeH3sGtWrXwul\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e22475408c23181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2081867,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1508x1889, components 3","md5":"caa0ccb59a5cf098ba8d7ab842e9a953","sha1":"fa486b8aefc44aa207e0c900435dc18552ea3a3f","sha256":"569191c79e496c1f6ba11ca44294343f9e131936c23304ded674b789f5f8b286","sha512":"1e6e39d9a0708b433682fc38717f271ada0934e31d75001e385ee3937fee7d25f1144c30a8dafe4525db93625bc5aadd6a2feb0b231dec960de493a6856dac69","ssdeep":"24576:S5NODAg//xPT2P50PiofiOElPLMo70bMqGXnxT4pYGJOypEP:S5IZKKPdfiOElTMo70bcxT4GIEP","tlshash":"b92533657b22139bce080921547e2f465a24157c196cb45a02eca9db983ef634cbff3f","first_seen":"2026-02-21T20:23:18.567714Z","last_seen":"2026-03-31T15:47:43.225249Z","times_seen":37,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":219,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"event-waronusd1.com/Liberator-Medium.ttf","fqdn":"event-waronusd1.com","domain":"event-waronusd1.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://event-waronusd1.com/","date":"2026-03-26T01:10:58.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"event-waronusd1.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 14:55:42 GMT","end":"Tue, 23 Jun 2026 14:55:41 GMT"},"fingerprint":{"sha1":"02:2C:CE:79:C1:5E:C4:7B:FA:5B:61:15:C8:66:B8:FD:70:39:01:28","sha256":"29:9B:64:F6:4F:04:1E:AD:5E:39:C9:AC:C0:B0:EA:94:31:76:CA:26:ED:6E:B0:66:AB:31:AA:29:9C:6B:B8:ED"}}},"request":{"raw":"GET /Liberator-Medium.ttf HTTP/1.1\r\nHost: event-waronusd1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://event-waronusd1.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Mar 2026 01:10:58 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 14668\r\nserver: cloudflare\r\nlast-modified: Wed, 25 Mar 2026 18:00:56 GMT\r\npriority: u=4,i=?0\r\netag: \"69c422d8-394c\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yl1PqUUjrBZo9J7Cuo3Y5zFLd154A7h98JRuFcL8IUIhbwW10m0bjqfw2bEcEjcu8yWnm8ETx8%2BVD1nR6EFyf%2FGrN04TDgjFLxShFCJiBMcLFK63gKN0DT5kAczQniQwZtl%2B8x0K\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e2247564db23181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14668,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 13 tables, 1st \"GPOS\", 35 names, Macintosh, Copyright (c) 2014 by Ryan Clark. All rights reserved.Liberator MediumRegularRyanClark: Liberato","md5":"93f48cb2b0a5a6b6982bcf980097455d","sha1":"ddfc0529deeef3b9d5507dcd562543a4b89bd42c","sha256":"1acd9f43b3ea85475c53c9e1487af0c5a2c70ba3615b3e84225517dd76ec21d4","sha512":"cde25ff95a8cce3caa1d60d15950b600341b5a8811dcda06c01cdf40c767161e6eb946feab5573acfb0870acef807d15a3617604ebf0dfe3ab7e20c81e04399b","ssdeep":"384:SqT5eOlyTycBFB4lf75ZFf1C8L4RnHyjeeO:RX+ycB3wflHNC8L4RnHyjeeO","tlshash":"1262fa2bf7985312e0f357b8c9f48b4263b4be44b1a66717388b920c6ca95c0de15b1f","first_seen":"2026-02-07T00:47:20.614414Z","last_seen":"2026-03-31T15:47:43.222629Z","times_seen":40,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}