{"report_id":"1f3a2e3e-6a9d-4fca-a8bf-08b296ef2433","version":6,"status":"done","tags":[],"date":"2025-12-14T00:39:12Z","url":{"schema":"https","addr":"t.co/9iqMgur3KZ","fqdn":"t.co","domain":"t.co","tld":"co"},"ip":{"addr":"172.66.0.227","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"http","addr":"dimestor.com/images/whoops.jpg","fqdn":"dimestor.com","domain":"dimestor.com","tld":"com"},"title":"whoops.jpg (JPEG Image, 450 × 230 pixels)","dom":{"size":437,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (436), with no line terminators","md5":"0c2191ec946c227c525365aa063f4cd8","sha1":"4c229b8432090705f9d4ec0d5ffd22be311a3f44","sha256":"1efe6d354e557f63c7444a81a5fb1f2e9b17f7f7cf0fabed5c4d028699029287","sha512":"5990e3b8a2ebf01214bc68be0247630cfab8327a90f3a0667f96ece179243e29460b34a2c19f2ea0e2b5df5d8100cc738db811a053fb9ed24a3af3dcfd0e1196","ssdeep":"","tlshash":"e3e0abaf5252706bb23060c3f68631cd7cd490c8e2312941f34c52c810c438de57af21","dom_hash":"domhash3b196952ed6768234b7eb261590428d7","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"t.co/9iqMgur3KZ","fqdn":"t.co","domain":"t.co","tld":"co"},"ip":{"addr":"172.66.0.227","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-18T00:39:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"dimestor.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"dimestor.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2018-07-18","domain_rank":3291785,"first_seen":"2021-02-01T01:49:36Z","last_seen":"2025-12-12T14:31:36.211829Z","alert_count":3,"request_count":3,"received_data":42155,"sent_data":1278,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.12.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.eartrissin.com","ip":{"addr":"45.15.21.64","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"domain_registered":"2019-12-23","domain_rank":0,"first_seen":"2025-06-03T02:25:25.023145Z","last_seen":"2025-12-10T05:51:48.021836Z","alert_count":6,"request_count":1,"received_data":344,"sent_data":597,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.12.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"t.co","ip":{"addr":"172.66.0.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2010-04-26","domain_rank":232,"first_seen":"2012-07-25T19:09:44Z","last_seen":"2025-12-08T13:54:41.695771Z","alert_count":0,"request_count":2,"received_data":2768,"sent_data":1167,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.eartrissin.com/bUrwQxGvv01yumTWrsgVoLl1paa733bK8sFdbIsu8X8nCZqOwFVSpaj8zm22qeL3RRRNtGDGamZmYbc_cX_UGw","fqdn":"www.eartrissin.com","domain":"eartrissin.com","tld":"com"},"ip":{"addr":"45.15.21.64","port":443,"asn":9009,"as":"M247 Europe SRL","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-14T00:38:51.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"www.eartrissin.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Oct 2025 18:58:26 GMT","end":"Tue, 13 Jan 2026 18:58:25 GMT"},"fingerprint":{"sha1":"A3:B9:F1:D5:59:F1:37:FF:40:A7:E3:5D:DD:2D:BF:66:B7:56:3A:60","sha256":"EE:5C:A0:FE:E4:4D:F6:2F:A6:BF:66:6D:CC:13:A0:2D:6E:27:5A:AD:EE:F4:15:13:B8:E0:D5:9C:C5:96:D3:F5"}}},"request":{"raw":"GET /bUrwQxGvv01yumTWrsgVoLl1paa733bK8sFdbIsu8X8nCZqOwFVSpaj8zm22qeL3RRRNtGDGamZmYbc_cX_UGw HTTP/1.1\r\nHost: www.eartrissin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://t.co/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Moved Temporarily\r\nDate: Sun, 14 Dec 2025 00:38:52 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nServer: nginx/1.12.2\r\nSet-Cookie: uid8759=833083779-20251213193852-d561a375695d661b0efde3f3d7b3a9d4-; domain=eartrissin.com; path=/; SameSite=None; Secure\r\nLocation: http://dimestor.com/images/whoops.jpg\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Moved Temporarily","fingerprints":[{"name":"Nginx:1.12.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":917,"timings":{"blocked":312,"dns":47,"connect":87,"send":0,"wait":291,"receive":0,"ssl":178},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"www.eartrissin.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"t.co/favicon.ico","fqdn":"t.co","domain":"t.co","tld":"co"},"ip":{"addr":"172.66.0.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://t.co/9iqMgur3KZ","date":"2025-12-14T00:38:51.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"t.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 15 Nov 2025 11:16:13 GMT","end":"Fri, 13 Feb 2026 11:16:12 GMT"},"fingerprint":{"sha1":"21:5E:49:8B:6E:47:BC:50:8A:2C:13:39:54:FA:AA:2A:5E:2A:5D:3C","sha256":"76:5D:64:03:57:50:37:2E:A3:48:F7:11:DB:3E:63:60:92:0F:A2:8F:80:62:40:D7:A2:F4:E8:81:EA:9A:90:40"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: t.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://t.co/9iqMgur3KZ\r\nCookie: muc=d88d6445-a9df-466b-b69a-de1b0277e58c; __cf_bm=IFIM2JfKTgUtrJ1yzRIEmICA0DDM_0nNyzI4wXmZISY-1765672731.2153332-1.0.1.1-3G1hYBfF0I3vkTM8tjKXz_.ptemw3Yn.WZxRHLdgDGfSO3AsFZONGVVGzHduM7PffjRcqYydryHEkXSjGkcDalKZ4mijhCdXnHoyyDjlpAFWIQ3ZpONoPh4_nDgYlgoP\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 14 Dec 2025 00:38:51 GMT\r\ncontent-type: image/x-icon\r\nperf: 7402827104\r\nserver: cloudflare envoy\r\ncache-control: no-cache, no-store, max-age=0\r\nx-transaction-id: 58a77bd9fc287d06\r\nx-response-time: 3\r\norigin-cf-ray: 9ad9a40cab678deb-OSL\r\nstrict-transport-security: max-age=631138519; includeSubdomains\r\nx-served-by: t4_a\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=GQDEwPt44c6QCE72UPk3On8XDWNFNL1WUYjiSPxkuBk-1765672731.6221404-1.0.1.1-aoSdyqU853cUdxewPz6zvye7xmH2ASk9CN_co63N.iQjLO00jaQjnqzD8Pa1KW_TmvG_6.BeEiQ9trty1BHiaWKL1fh4hH9sbCMzqHpnBuM4lcKKxnC5au73s6._k793; HttpOnly; Secure; Path=/; Domain=t.co; Expires=Sun, 14 Dec 2025 01:08:51 GMT\r\ncontent-encoding: gzip\r\ncf-ray: 9ad9a40cab678deb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":549,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"9d99a2372bbd5b28ef4b2eaecac8c805","sha1":"6503a35c95cdf2d08ed83e17ae81c8b0e58f49c2","sha256":"cc4939af5d16855f2bea8322dbf33461ebc6bfd092fa3e2291d87d3d83ebd8ed","sha512":"7efba58d391137ea50c0ed95025316e404ce8fed549c386f2d3316d91797cd39e5447db9b0ffdb0ebadbaf1f38766743603c140b8dfb956eccc144aa78cff766","ssdeep":"","tlshash":"06f0eb835322f47ce2c32a41b646d0fce92a472a085c4c0c032da5ba9a5195c9e4b068","first_seen":"2023-07-25T15:05:02Z","last_seen":"2026-05-31T15:37:18.333004Z","times_seen":5912,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":145,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dimestor.com/images/whoops.jpg","fqdn":"dimestor.com","domain":"dimestor.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-14T00:38:52.129Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/whoops.jpg HTTP/1.1\r\nHost: dimestor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-31T18:31:00.561381Z","times_seen":15971922,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":120,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"dimestor.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dimestor.com/images/whoops.jpg","fqdn":"dimestor.com","domain":"dimestor.com","tld":"com"},"ip":{"addr":"104.200.28.218","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-14T00:38:52.373Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /images/whoops.jpg HTTP/1.1\r\nHost: dimestor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.12.2\r\nDate: Sun, 14 Dec 2025 00:04:55 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 41589\r\nLast-Modified: Fri, 20 Jul 2018 17:35:31 GMT\r\nConnection: keep-alive\r\nETag: \"5b521d63-a275\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.12.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41589,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 450x230, components 3","md5":"d36c171ac8467ff2ce82e747c9aab086","sha1":"1932c5675195169bcc8d3aad6d661ce279ebb6ee","sha256":"378508849997be414ca3966a65635fd15b1bc2dbf1c733634b5054739088945e","sha512":"5d5473cf1c3f84915de5ca24ce9edff7de83d353af56c848b1a38a556eece3fd3ee2ea8c656e0a09a01c503e8a79df384e707ce81c33e08d0687ea513d336bc4","ssdeep":"768:JCV5/8xWrUs6ILwgzIasfNqIIYSTuNpnVJBLBJwf8QJiCgsFuFh5YYH5Ur7ZnLvL:J0pwg8asfXIYSCpnVJJgiC8FfUrdnjiE","tlshash":"1a13cf33e7d31c91c734c7ea921ad402ba654b1c7d06a4084a41ba3eedf3a4cb6575eb","first_seen":"2023-05-04T19:46:47Z","last_seen":"2026-02-14T16:16:46.965181Z","times_seen":842,"resource_available":true,"data":null}},"time_used":356,"timings":{"blocked":88,"dns":1,"connect":88,"send":0,"wait":89,"receive":90,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"dimestor.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"dimestor.com/favicon.ico","fqdn":"dimestor.com","domain":"dimestor.com","tld":"com"},"ip":{"addr":"104.200.28.218","port":80,"asn":63949,"as":"Akamai Connected Cloud","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://dimestor.com/images/whoops.jpg","date":"2025-12-14T00:38:53.249Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: dimestor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://dimestor.com/images/whoops.jpg\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.12.2\r\nDate: Sun, 14 Dec 2025 00:04:56 GMT\r\nContent-Type: text/html\r\nContent-Length: 169\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.12.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":169,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"ca8bba226fc38384d4e889ff1e5f0b02","sha1":"8dc2ae5a396686aba485bec7815e8fc8a6e12be5","sha256":"6640c51ecd2c4eb6c19c779df63efed77969da44c085c27f991ba8a40c60c914","sha512":"a06de26d5d99f368b894dd11ebf23c237e0406245d761ee6b1b8d90f29d3040e89bbf968aa449528f7b54a8d5de0d4999e398932de228a7b3ee897f37dcc0480","ssdeep":"","tlshash":"9ec08c6d6a13fc8dca93227826c3a480c196a32baafb45110580914370cb2998ac239a","first_seen":"2023-04-06T01:26:32Z","last_seen":"2026-05-31T04:06:27.001865Z","times_seen":3105,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-14","alert":"Sinkholed","trigger":"dimestor.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"t.co/9iqMgur3KZ","fqdn":"t.co","domain":"t.co","tld":"co"},"ip":{"addr":"172.66.0.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-14T00:38:51.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"t.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 15 Nov 2025 11:16:13 GMT","end":"Fri, 13 Feb 2026 11:16:12 GMT"},"fingerprint":{"sha1":"21:5E:49:8B:6E:47:BC:50:8A:2C:13:39:54:FA:AA:2A:5E:2A:5D:3C","sha256":"76:5D:64:03:57:50:37:2E:A3:48:F7:11:DB:3E:63:60:92:0F:A2:8F:80:62:40:D7:A2:F4:E8:81:EA:9A:90:40"}}},"request":{"raw":"GET /9iqMgur3KZ HTTP/1.1\r\nHost: t.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 14 Dec 2025 00:38:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\nperf: 7402827104\r\nvary: Origin, accept-encoding\r\nserver: cloudflare envoy\r\nexpires: Sun, 14 Dec 2025 00:43:51 GMT\r\nset-cookie: muc=d88d6445-a9df-466b-b69a-de1b0277e58c; Max-Age=34214400; Expires=Thu, 14 Jan 2027 00:38:51 GMT; Domain=t.co; Secure; SameSite=None\n__cf_bm=IFIM2JfKTgUtrJ1yzRIEmICA0DDM_0nNyzI4wXmZISY-1765672731.2153332-1.0.1.1-3G1hYBfF0I3vkTM8tjKXz_.ptemw3Yn.WZxRHLdgDGfSO3AsFZONGVVGzHduM7PffjRcqYydryHEkXSjGkcDalKZ4mijhCdXnHoyyDjlpAFWIQ3ZpONoPh4_nDgYlgoP; HttpOnly; Secure; Path=/; Domain=t.co; Expires=Sun, 14 Dec 2025 01:08:51 GMT\r\ncache-control: private,max-age=300\r\nx-transaction-id: c4580b3338f91e8c\r\nx-xss-protection: 0\r\nx-response-time: 13\r\norigin-cf-ray: 9ad9a40a1f248deb-OSL\r\nstrict-transport-security: max-age=631138519; includeSubdomains\r\nx-served-by: t4_a\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: gzip\r\ncf-ray: 9ad9a40a1f248deb-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":494,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (494), with no line terminators","md5":"a4d7b111f0c39fce5734a638e080a3e2","sha1":"d542dd886ee0b77308c4f3afb97460ee45664b6b","sha256":"8521ce43a988073a348ae75cf71ed31348ce06c28d1c38b38e5062cb1fa33444","sha512":"c9b8741d606de4eae2c13f5c4ff4960fac4d45b701eeede4796aaec233511315d620e79fd4cc2c81a800e4c17468aacf33d33814092bb870e3108d23ffab98e4","ssdeep":"","tlshash":"8bf02e474d00ce6a4ef85081443af52d983e4517ef6d99928943d0f10664737dd9422c","first_seen":"2025-12-14T00:39:13.581926Z","last_seen":"2025-12-14T00:39:13.581926Z","times_seen":1,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":30,"dns":22,"connect":1,"send":0,"wait":156,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}