The last couple of days have been a bit hectic and although the below topic contains pretty much all the info on events, I figured to summarise how we found the new W/ARE website and following puzzle in this topic, for those who are just now trying to catch up, so here goes …
A very well done, extensive recap video was made by @kyle-culver, which you can find here:
The WT STATUS
command updated several times to eventually show the following:
Users were searching for clues using the info shown for CLIENT 3597B.
The NAT IP address 52.2.248.*
proved to be our best bet, but was incomplete.
The :80\\
Indicated it would be a port 80, which is generally used for web browsing.
Checking any possible last digits (0-255) to complete the NAT IP address and using that as an address in the web browser, resulted in quite a few web pages with one of them standing out, 52.2.248.6
.
As this was just a single page, using a 404 image, we checked the source for this page to hopefully find more clues. The following bit of HTML yielded results:
<meta property="og:description" content="W/ARE 是市场上功能最强大、技术最先进的头显。">
Doing a web search (Google) with the full Chinese string within quotation marks, showed only one result:
We then checked this found website, which is almost completely in simplified Chinese, but translates amazingly well to English. The full content of the website seems to be about some very interesting but likely fictional technology, which matches the lore of Waking Titan very well.
Searching for additional external sources for this company, using the website logo for an image search, resulted in a variety of Twitter accounts :
(changed background color for visibility)
The actual Twitter account was found easily:
W/ARE @warecloud (Twitter)
Various additional Twitter accounts were found, who had been sending out the following tweets for W/ARE, each containing an image with a Hex code:
Some duplicate images were found with other Twitter accounts. By combining these results, we got the following shortened url:
62 69 74 2E (Hex) <> bit.
(Ascii)
6C 79 2F 77 (Hex) <> ly/w
(Ascii)
61 72 65 32 (Hex) <> are2
(Ascii)
30 31 38 (Hex) <> 018
(Ascii) <— Also received after signing up for W/ARE (Email registration)
bit.ly/ware2018
(combined)
When following this url, you are being invited to a Discord channel for W/ARE.
Some users remembered having been contacted on Twitter by the following strange Twitter account, showing some interesting Tweets:
https://www.reddit.com/r/NoMansSkyTheGame/comments/87lg4f/waking_titan_possibly_connected_to_the_twitter/
w9rPQ45E @w9rPQ45E (Twitter)
Combining these strings from the Tweets, resulted in the following from Hex to Ascii:
When familiar with crypto currency, you will recognise the above result as a ‘Txhash’ address:
When looking at the ‘Input Data’ it shows the following:
0x484e714b45557053
(0xHex), which converts to HNqKEUpS
(Ascii)
This was then used on Pastebin and gave us a string of 31 digits:
b67fbb5e90ddcda8a921656d0b30a20
We then realised that the Twitter account name could be used the same way, resulting in another string of 33 digits:
edb044c81d40a196c4672a2bd6f17f1f6
Combining both strings, turned out to be the private key to the wallet, which makes it possible to transfer any funds available, making someone happy with close to $50:
edb044c81d40a196c4672a2bd6f17f1f6b67fbb5e90ddcda8a921656d0b30a20
This solved the first W/ARE event/puzzle. Job well done everyone !!!
Relation to WT (unofficially) confirmed?
- The W/ARE website was found due to updates for the STATUS command on the WT console.
- Very familiar look/feel/story.
- Use of Dreams (Dreamscape), matching WT lore.
- Use of REM and NREM sleep cycles, where REM SLEEP was the solution to our 10th glyph.
- Location of W/ARE is Zhongguancun, Haidian District, Beijing, China. With Myriad-70’s status page now showing: Beijing: 29.1Tb/s.
Using the WT console string as a map search also leads to Beijing. - Use of <CORRUPTED> on some of the pages
- Similarity between NMS Anomaly door and the W/ARE sensor.
- Possible reference to the abbreviations shown in the Secret Memo received during the Live Drop in NY (see here):
MY (Myriad-70)
AT (Atlas-65)
WT (WakingTitan)
WR (W/ARE?)
CR (???) - Client W9 [ CORRUPTED ] from earlier Myriad-70 status could reference Twitter account w9rPQ45E.
- WT console string (32 characters), alternating match with the private key found.
- When attempting to register the same email address twice on W/ARE, a security check from MailChimp shows the address for Alice & Smith.
I may have missed a few things, but feel free to mention them in a reply.