{"report_id":"77ae41ce-9c13-4076-be34-a8e353e34fa7","version":6,"status":"done","tags":["wetransfer","phishing","financial"],"date":"2026-03-18T10:44:26Z","url":{"schema":"http","addr":"westandard.appwrite.network","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.3.52","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"westandard.appwrite.network/","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"title":"WeTransfer","dom":{"size":636799,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (64533)","md5":"cecdc919163372a7bad5a431a6b7fa64","sha1":"31a2ef6312c21fee7fcb64dfb293efa90caed66e","sha256":"20cfbe0c5b496416ea0876ec2289caf8909d327af40e4b7132daa498fc49e8a0","sha512":"d5c45b89f62760a8eaffb779283e82d7d3c95809df4aa6c44f40a32fd35547acba1fc6c3cf5df513b34bbde14479c574833582ffd0300c44ddf2a0da1cedcfae","ssdeep":"12288:nkTBMXjRSZEq1juWQO1iJD5Wv4PW0oyoAF:nC9ZEqBuWQO1iJD5Wvg","tlshash":"11d46b36a6692914db7bcab6b5c1fe943c24dc13c143d4d8f28573ac8ac722547f2b1a","dom_hash":"domhashd8532b0f87794c617ff6cc0aa24aafa6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"westandard.appwrite.network","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.3.52","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-22T10:44:26Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":3,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]},"summary":[{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-03-15T23:23:31.668018Z","alert_count":0,"request_count":1,"received_data":86564,"sent_data":456,"comment":"","tags":null,"fingerprints":null},{"fqdn":"westandard.appwrite.network","ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2022-06-28","domain_rank":0,"first_seen":"2026-03-16T00:17:12.319167Z","last_seen":"2026-03-16T00:17:12.319167Z","alert_count":98,"request_count":14,"received_data":646976,"sent_data":6450,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Popper:1.12.9","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"BootstrapCDN:4.1.3","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"jQuery:3.2.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap:4.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2026-03-16T02:04:12.350343Z","alert_count":0,"request_count":2,"received_data":103925,"sent_data":924,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"i.ibb.co","ip":{"addr":"45.43.142.7","port":443,"asn":215751,"as":"Mikhail Fedorov","country":"Israel","country_code":"IL"},"domain_registered":"2010-07-20","domain_rank":21643,"first_seen":"2018-11-25T10:13:48Z","last_seen":"2026-03-11T20:03:12.559393Z","alert_count":0,"request_count":1,"received_data":13459,"sent_data":450,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"maxcdn.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":6807,"first_seen":"2014-06-18T00:37:31Z","last_seen":"2026-03-16T02:29:04.807106Z","alert_count":0,"request_count":1,"received_data":49841,"sent_data":501,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"mk2-b4c8d3.ingress-earth.ewp.live","ip":{"addr":"63.250.43.128","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"2022-05-26","domain_rank":0,"first_seen":"2022-08-12T11:46:38Z","last_seen":"2026-03-11T21:47:11.283879Z","alert_count":2,"request_count":1,"received_data":106,"sent_data":492,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-03-15T23:03:26.25948Z","alert_count":0,"request_count":1,"received_data":70230,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-03-15T22:30:49.343058Z","alert_count":0,"request_count":1,"received_data":20207,"sent_data":507,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"prod-cdn.wetransfer.net","ip":{"addr":"54.240.174.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2009-02-02","domain_rank":760029,"first_seen":"2018-10-23T08:53:42Z","last_seen":"2026-03-11T21:47:11.137095Z","alert_count":0,"request_count":2,"received_data":44416,"sent_data":993,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"70d3fda195602fe8b75e0097eed74dde","sha1":"c3b977aa4b8dfb69d651e07015031d385ded964b","sha256":"a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66","sha512":"51affb5a8cfd2f93b473007f6987b19a0a1a0fb970ddd59ef45bd77a355d82abbbd60468837a09823496411e797f05b1f962ae93c725ed4c00d514ba40269d14","ssdeep":"384:+CbuG4xGNoDic2UjKPafxwC5b/4xQviOJU7QzxzivDdE3pcGdjkd/9jt3B+Kb964:zb4xGmiJfaf7gxQvVU7eziv+cSjknZ3f","tlshash":"1c82a3cc3291b06643a79167a06f960fb2339979614e9410f199f2d87c70ef9913fc7a","size":19188,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-05-06T09:44:13.299533Z","times_seen":106545,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","size":51039,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-05-06T10:45:16.415723Z","times_seen":122628,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"westandard.appwrite.network/","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e9c60c0e35d34060648ce34e2c08cbd1","sha1":"396a4cb2f4b6cdca078b788d5c9df56765bc70ab","sha256":"697a30b89a2de98bfe0890e0e6ce173658463499ce877a3df9221b797559c928","sha512":"c2da829b8ada481d9a604a900945d7a1632132faa34565a7ff72270735cb734310786519de98a61e89cf1bc01a3a06174e695aaaf481f19576760972b86f2863","ssdeep":"","tlshash":"64c080b37153093005efb57f19304b8c3438c40c2d0133042c2c84748035de7582ba85","size":177,"data":"","first_seen":"2023-03-07T13:52:30Z","last_seen":"2026-04-20T04:29:27.168049Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","size":51039,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-05-06T10:45:16.415723Z","times_seen":122628,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"westandard.appwrite.network/","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"10c6db510fa5e86ca96c9e5478998536","sha1":"be37bd9e1d8e9ace1a0d36b68ac844316073f0d6","sha256":"00de48e5cc9a51c60b85c1b75fc1552fca4090e5e17ec5162c35f6edcc803c9a","sha512":"a3a2fd3ed34de798c44973b4ec0e7d74486506d2c2ecbb464cd9454ca041f78193478b64d9f1d8aa20dd57a58a4f10f4e342dbbdbf4bc0fe9ee6af501347c17e","ssdeep":"","tlshash":"7fd05ef772e619b00bde76ef182287497c78c8349c152054ac6c84719074e9554aaa94","size":255,"data":"","first_seen":"2023-03-07T13:52:30Z","last_seen":"2026-04-25T00:15:06.651779Z","times_seen":240,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"westandard.appwrite.network/","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"287da33f028c1bdc01293ede623301a6","sha1":"906856ef0a503995cfed17121d05ab22fb6f8c09","sha256":"8ecb2899c89e3ce4a2a8f2086e0ffb0fdb57e5dbd4d13935828cab2bbf1ae381","sha512":"6c069517eef608b06c12f1b1d3a3dcb0807b12cf4a74fe5bfcb95ab85efe4abb45265c579ebc8402d22fcc992a734824b744fbe37fe838cef6de55da8c88dbd6","ssdeep":"","tlshash":"84515245a2ad32c6067360b5217f220c72a548ab2e44df44b87da18cbf2cf1eb9674c3","size":3092,"data":"","first_seen":"2026-03-16T06:01:15.516795Z","last_seen":"2026-04-01T17:40:13.236923Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.2.1.slim.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f48fc77cac90c4778fa24ec9c57f37d","sha1":"9e89d1515bc4c371b86f4cb1002fd8e377c1829f","sha256":"9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398","sha512":"cab8c4afa1d8e3a8b7856ee29ae92566d44ceead70c8d533f2c98a976d77d0e1d314719b5c6a473789d8c6b21ebb4b89a6b0ec2e1c9c618fb1437ebc77d3a269","ssdeep":"1536:qNhEyjjTikEJO4edXXe9J578go6MWX2xkjVe4c4j2ll2Ac7pK3F71QDU8CuT:Exc2yjq4j2uYnQDU8CuT","tlshash":"b663d5d9b2c67062db7730b950bf410bf07a98dab44c8c60e198d8d47d78a99817bf2d","size":69597,"data":"","first_seen":"2023-03-07T01:02:43Z","last_seen":"2026-05-06T09:44:13.297571Z","times_seen":77907,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-06T10:46:17.988552Z","times_seen":276683,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"14d449eb8876fa55e1ef3c2cc52b0c17","sha1":"a9545831803b1359cfeed47e3b4d6bae68e40e99","sha256":"e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b","sha512":"00d9069b9bd29ad0daa0503f341d67549cce28e888e1affd1a2a45b64a4c1bc460d81cfc4751857f991f2f4fb3d2572fd97fca651ba0c2b0255530209b182f22","ssdeep":"768:9VG5R15WbHVKZrycEHSYro34CrSLB6WU/6DqBf4l1B:9VIRuo53XiwWTvl1B","tlshash":"7523c84a7254b4a202dfa476913f450bb73b389aa60bc16cb95994ed1d7cd8c3227f3c","size":48944,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-05-06T09:44:13.298771Z","times_seen":105830,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30028\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 17:57:47 GMT\r\nexpires: Tue, 16 Mar 2027 17:57:47 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 146777\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85578,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-06T10:46:17.988552Z","times_seen":276683,"resource_available":true,"data":null}},"time_used":369,"timings":{"blocked":167,"dns":1,"connect":7,"send":0,"wait":9,"receive":8,"ssl":172},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/analytics.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/analytics.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.88229990005493\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":1027,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1024,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/gtm_002.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/gtm_002.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.45847105979919\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":849,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":846,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/17116643.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/17116643.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.88638401031494\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":951,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":949,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.2.1.slim.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.2.1.slim.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nOrigin: https://westandard.appwrite.network\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-10fdd\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 18 Mar 2026 10:44:04 GMT\r\nage: 930239\r\nx-served-by: cache-lga21963-LGA, cache-hel1410024-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 38, 2448\r\nx-timer: S1773830645.645130,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 23856\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":69597,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32012)","md5":"5f48fc77cac90c4778fa24ec9c57f37d","sha1":"9e89d1515bc4c371b86f4cb1002fd8e377c1829f","sha256":"9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398","sha512":"cab8c4afa1d8e3a8b7856ee29ae92566d44ceead70c8d533f2c98a976d77d0e1d314719b5c6a473789d8c6b21ebb4b89a6b0ec2e1c9c618fb1437ebc77d3a269","ssdeep":"1536:qNhEyjjTikEJO4edXXe9J578go6MWX2xkjVe4c4j2ll2Ac7pK3F71QDU8CuT:Exc2yjq4j2uYnQDU8CuT","tlshash":"b663d5d9b2c67062db7730b950bf410bf07a98dab44c8c60e198d8d47d78a99817bf2d","first_seen":"2023-03-07T01:02:43Z","last_seen":"2026-05-06T09:44:13.297571Z","times_seen":77907,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":69,"dns":11,"connect":26,"send":0,"wait":27,"receive":7,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/vendor-ef8fd9ca3a0295622111.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:05.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/vendor-ef8fd9ca3a0295622111.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.44593477249146\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 05:27:05 GMT","end":"Wed, 03 Jun 2026 06:27:01 GMT"},"fingerprint":{"sha1":"04:A8:A2:DB:A5:D9:6E:A1:96:19:8E:E4:20:63:9D:DD:4B:05:E5:4A","sha256":"86:F0:31:59:6F:27:50:6B:1C:65:39:9A:BF:6D:0C:A8:82:D5:B2:A6:36:4B:9C:0A:EB:05:EE:13:0F:EE:25:EC"}}},"request":{"raw":"GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://westandard.appwrite.network/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 10:44:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"67176c242e1bdc20603c878dee836df3\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:06 GMT\r\ncdn-cachedat: 08/01/2025 15:36:25\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1078\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: a78b5a25cfaf2df533c60a6d4fa388d4\r\ncdn-cache: HIT\r\nage: 2267164\r\ncf-cache-status: HIT\r\ncf-ray: 9de3a3d8696edfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51039,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50758)","md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-05-06T10:45:16.415723Z","times_seen":122628,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":15,"dns":11,"connect":1,"send":0,"wait":9,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/wallpaper-59e18dcf37d4cc5f163b.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/wallpaper-59e18dcf37d4cc5f163b.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.43616890907288\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":564,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"i.ibb.co/xLtJ7bS/download.png","fqdn":"i.ibb.co","domain":"ibb.co","tld":"co"},"ip":{"addr":"45.43.142.7","port":443,"asn":215751,"as":"Mikhail Fedorov","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ibb.co","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Feb 2026 07:06:34 GMT","end":"Fri, 15 May 2026 07:06:33 GMT"},"fingerprint":{"sha1":"48:08:17:3C:24:BE:AF:E3:A7:15:95:2B:10:C7:81:6D:71:75:A1:79","sha256":"5C:C2:85:75:C7:FB:D5:BF:48:B2:53:D1:3F:41:4C:33:F4:A5:D7:7F:D0:00:DA:48:50:93:31:14:32:70:1F:0E"}}},"request":{"raw":"GET /xLtJ7bS/download.png HTTP/1.1\r\nHost: i.ibb.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 18 Mar 2026 10:44:04 GMT\r\ncontent-type: image/png\r\ncontent-length: 13096\r\nlast-modified: Mon, 28 Oct 2024 18:10:10 GMT\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13096,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"49d4041b8e7e375f3e2950a9738bc59b","sha1":"cd3dc4e38ce48e26df8f216503d6027bfbd22378","sha256":"1d6f06c578fbe919beec761b4b1f7d75445753b0db44ead4039bd71e4c3c098e","sha512":"42a087aa67fb51d5cad81de6c09790d23eedbb9aa171a95c68d5a25781de4b6fd1d20d321ff450e5f2254cea80d5dfecc5a2756992b5cf60c4d12d4df1a9701c","ssdeep":"384:vkUMyaefI7oYuZAWnwmI/7t/drxI7zCA4uJP:vkGaef2NuZAtmA7LrOCTEP","tlshash":"db426b6fd1f104f1d1acaa33dc72ad06b63af0639a625313093e94b9bc673595e683c4","first_seen":"2023-05-15T21:49:42Z","last_seen":"2026-04-25T03:57:07.140405Z","times_seen":204,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":72,"dns":12,"connect":27,"send":0,"wait":26,"receive":24,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nOrigin: https://westandard.appwrite.network\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 10:44:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6157\r\ncf-ray: 9de3a3d8af50958c-ARN\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03fa9-4af4\"\r\nlast-modified: Mon, 04 May 2020 16:15:37 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1188333\r\nexpires: Mon, 08 Mar 2027 10:44:04 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=qg6%2BTEKqJl6RQPI6iUSpDji2O9Nfgvw1IuDqiyF8SU8vckWr9dkDbpgWZheWvQ2DP1dWPeMp8RxtAmiKth8M%2FN12e2P9LH5Vvdtm6lZ1Yj%2FLEiskg9lXzcNM%2BsqcfKulOIUBr2tq\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19188,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (19015)","md5":"70d3fda195602fe8b75e0097eed74dde","sha1":"c3b977aa4b8dfb69d651e07015031d385ded964b","sha256":"a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66","sha512":"51affb5a8cfd2f93b473007f6987b19a0a1a0fb970ddd59ef45bd77a355d82abbbd60468837a09823496411e797f05b1f962ae93c725ed4c00d514ba40269d14","ssdeep":"384:+CbuG4xGNoDic2UjKPafxwC5b/4xQviOJU7QzxzivDdE3pcGdjkd/9jt3B+Kb964:zb4xGmiJfaf7gxQvVU7eziv+cSjknZ3f","tlshash":"1c82a3cc3291b06643a79167a06f960fb2339979614e9410f199f2d87c70ef9913fc7a","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-05-06T09:44:13.299533Z","times_seen":106545,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":28,"dns":1,"connect":8,"send":0,"wait":19,"receive":1,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/17116643.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:05.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/17116643.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.88638401031494\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"westandard.appwrite.network/","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-18T10:44:03.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.47644996643066\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 18 Mar 2026 10:44:04 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Popper:1.12.9","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"BootstrapCDN:4.1.3","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"jQuery:3.2.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap:4.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":637154,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (64464), with CRLF line terminators","md5":"2cf15ccdd738f41552625156133c5b3d","sha1":"2d0b1ce018d9fab69efdca2616de1efa73d515bb","sha256":"397b51d4837443b5c18b2831ca2761e6488db4647d07de2d29b6281ffeec8f84","sha512":"6d99d1740700ffc88df6bc761f82c93c902c1fe7ef81f5f7ff6d85d9e6af5c207aa03ffa8cc78d8cf93ac429b9f2bef13beae1d638f59f3841e112ed7ed726a1","ssdeep":"12288:UkTBMXjRSZEq1juWQO1iJD5WvmPWUoQojC:UC9ZEqBuWQO1iJD5Wv+","tlshash":"39d46b36a6692914db7bcab6b5c1fe943c24dc13c143d4d8f28573ac8ac722547f2b1a","first_seen":"2026-03-16T06:01:15.51502Z","last_seen":"2026-04-01T17:40:13.233146Z","times_seen":6,"resource_available":false,"data":null}},"time_used":853,"timings":{"blocked":36,"dns":3,"connect":13,"send":0,"wait":715,"receive":66,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/runtimeapplication-bafdd8b86fd88bb4273d.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/runtimeapplication-bafdd8b86fd88bb4273d.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.88429617881775\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":979,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":977,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/application-c2b6f877fed288c2431f.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/application-c2b6f877fed288c2431f.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.4413480758667\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":701,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":699,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"prod-cdn.wetransfer.net/packs/media/transfer_window/email-verification-lock-e6ed8c56.svg","fqdn":"prod-cdn.wetransfer.net","domain":"wetransfer.net","tld":"net"},"ip":{"addr":"54.240.174.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wetransfer.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sat, 31 May 2025 00:00:00 GMT","end":"Mon, 29 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CE:9C:13:F1:EB:4D:B9:AB:7B:01:CB:1A:57:9F:D0:9D:B9:80:74:3F","sha256":"A1:5C:76:DB:AC:9E:FE:69:72:E3:60:14:42:F7:E0:A2:38:BA:C9:59:0A:13:65:3B:A6:51:9A:39:45:16:FD:AD"}}},"request":{"raw":"GET /packs/media/transfer_window/email-verification-lock-e6ed8c56.svg HTTP/1.1\r\nHost: prod-cdn.wetransfer.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/svg+xml\r\ndate: Mon, 18 Aug 2025 06:03:41 GMT\r\nlast-modified: Thu, 21 Dec 2023 14:26:03 GMT\r\ncontent-encoding: gzip\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=31536000\r\nserver: AmazonS3\r\netag: W/\"207f0c93fc997af575b8b9ad9db8777c\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: kqJZ9-DVLgHEKpyBVddowXqVBQHIkgn0NqTysBSeqO4-JhiW6Kc0_A==\r\nage: 18333624\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":1747,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"207f0c93fc997af575b8b9ad9db8777c","sha1":"9f7d95b4aacc2545baa6998d51041ec317fd4543","sha256":"03f8a16b83dee3c100530e0d94d6dd12833087841e1b7f5e56ca65c890984d92","sha512":"342281ab94285f9df2fc55af42ef780c046cbd70bffdad9b873f99ca6116515a8180cab79224c47d093e3643f0766429074b9164f482e6cb42d6ca88725de370","ssdeep":"","tlshash":"0e3142666339537ad424e32c8e3950b55b2395f0df1c302dd0a11833749a6cf9ed2af8","first_seen":"2023-05-15T21:49:42Z","last_seen":"2026-04-25T00:15:06.648624Z","times_seen":214,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":88,"dns":48,"connect":1,"send":0,"wait":2,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 05:27:05 GMT","end":"Wed, 03 Jun 2026 06:27:01 GMT"},"fingerprint":{"sha1":"04:A8:A2:DB:A5:D9:6E:A1:96:19:8E:E4:20:63:9D:DD:4B:05:E5:4A","sha256":"86:F0:31:59:6F:27:50:6B:1C:65:39:9A:BF:6D:0C:A8:82:D5:B2:A6:36:4B:9C:0A:EB:05:EE:13:0F:EE:25:EC"}}},"request":{"raw":"GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nOrigin: https://westandard.appwrite.network\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 10:44:04 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"14d449eb8876fa55e1ef3c2cc52b0c17\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:04 GMT\r\ncdn-cachedat: 03/22/2025 12:19:15\r\ncdn-proxyver: 1.22\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1048\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: fbb9f711bb3a74e0d7f9be788953a709\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\ncf-ray: 9de3a3d8a887783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48944,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (48664)","md5":"14d449eb8876fa55e1ef3c2cc52b0c17","sha1":"a9545831803b1359cfeed47e3b4d6bae68e40e99","sha256":"e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b","sha512":"00d9069b9bd29ad0daa0503f341d67549cce28e888e1affd1a2a45b64a4c1bc460d81cfc4751857f991f2f4fb3d2572fd97fca651ba0c2b0255530209b182f22","ssdeep":"768:9VG5R15WbHVKZrycEHSYro34CrSLB6WU/6DqBf4l1B:9VIRuo53XiwWTvl1B","tlshash":"7523c84a7254b4a202dfa476913f450bb73b389aa60bc16cb95994ed1d7cd8c3227f3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-05-06T09:44:13.298771Z","times_seen":105830,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":28,"dns":13,"connect":1,"send":0,"wait":78,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/application-c2b6f877fed288c2431f.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:05.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/application-c2b6f877fed288c2431f.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.4413480758667\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"mk2-b4c8d3.ingress-earth.ewp.live/packs/media/images/globe-dd3d31e7.svg","fqdn":"mk2-b4c8d3.ingress-earth.ewp.live","domain":"mk2-b4c8d3.ingress-earth.ewp.live","tld":"ingress-earth.ewp.live"},"ip":{"addr":"63.250.43.128","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:05.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ingress-earth.ewp.live","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 09 May 2025 00:00:00 GMT","end":"Thu, 04 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CF:DA:12:6B:38:91:02:10:F5:47:78:7C:AF:80:FF:15:35:76:D8:1B","sha256":"C4:E9:92:95:21:77:5B:3F:20:50:4B:26:DA:6B:2D:09:0F:B8:0A:A2:C3:D3:E3:43:ED:80:DD:3A:C3:9F:6C:1D"}}},"request":{"raw":"GET /packs/media/images/globe-dd3d31e7.svg HTTP/1.1\r\nHost: mk2-b4c8d3.ingress-earth.ewp.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ndate: Wed, 18 Mar 2026 10:44:06 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":1077,"timings":{"blocked":437,"dns":19,"connect":165,"send":0,"wait":202,"receive":1,"ssl":249},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"mk2-b4c8d3.ingress-earth.ewp.live","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:05.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 05:27:05 GMT","end":"Wed, 03 Jun 2026 06:27:01 GMT"},"fingerprint":{"sha1":"04:A8:A2:DB:A5:D9:6E:A1:96:19:8E:E4:20:63:9D:DD:4B:05:E5:4A","sha256":"86:F0:31:59:6F:27:50:6B:1C:65:39:9A:BF:6D:0C:A8:82:D5:B2:A6:36:4B:9C:0A:EB:05:EE:13:0F:EE:25:EC"}}},"request":{"raw":"GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"67176c242e1bdc20603c878dee836df3\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:06 GMT\r\ncdn-cachedat: 08/01/2025 15:36:25\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1078\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: a78b5a25cfaf2df533c60a6d4fa388d4\r\ncdn-cache: HIT\r\nage: 2267165\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncf-ray: 9de3a3df5f35a41f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51039,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50758)","md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-05-06T10:45:16.415723Z","times_seen":122628,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/fbevents.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/fbevents.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.84487080574036\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":1111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1109,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/bat.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/bat.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.46610593795776\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/vendor-ef8fd9ca3a0295622111.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:04.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/vendor-ef8fd9ca3a0295622111.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.44593477249146\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-appwrite-edge-server: 0bBHNYBByXcKOErbUf2l16--F_fra1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":730,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":692,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"westandard.appwrite.network/css/wallpaper-59e18dcf37d4cc5f163b.html","fqdn":"westandard.appwrite.network","domain":"westandard.appwrite.network","tld":"appwrite.network"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:05.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"appwrite.network","organization":""},"issuer":{"commonName":"Certainly Intermediate R1","organization":"Certainly"},"validity":{"start":"Wed, 11 Mar 2026 08:09:01 GMT","end":"Fri, 10 Apr 2026 08:09:00 GMT"},"fingerprint":{"sha1":"3C:6E:F6:03:5F:D0:68:35:8D:B8:8C:7F:92:D7:73:9D:CC:0B:72:2D","sha256":"AB:4F:E1:43:DE:BE:5C:AF:2B:0A:A5:7A:C7:55:28:52:9A:EB:3A:F6:69:85:66:93:13:5C:7C:B3:A2:66:E7:88"}}},"request":{"raw":"GET /css/wallpaper-59e18dcf37d4cc5f163b.html HTTP/1.1\r\nHost: westandard.appwrite.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=utf-8\r\netag: \"2cf15ccdd738f41552625156133c5b3d\"\r\nserver: swoole-http-server\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-appwrite-project-id: 69b256850027bc09cd13\r\nx-appwrite-traffic-type: site\r\nx-content-type-options: nosniff\r\nx-debug-speed: 0.43616890907288\r\nx-edge-location: fra\r\nx-edge-rule-cache: hit\r\nx-edge-runtime-cache: hit\r\naccept-ranges: bytes\r\ndate: Wed, 18 Mar 2026 10:44:05 GMT\r\nvia: 1.1 varnish\r\nage: 1\r\nx-served-by: cache-hel1410020-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\ncontent-length: 637154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T10:45:45.277331Z","times_seen":14731696,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-18","alert":"Phishing Block","trigger":"westandard.appwrite.network","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"westandard.appwrite.network","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - WeTransfer","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with WeTransfer phishing","tags":["wetransfer","phishing","financial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico","fqdn":"prod-cdn.wetransfer.net","domain":"wetransfer.net","tld":"net"},"ip":{"addr":"54.240.174.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://westandard.appwrite.network/","date":"2026-03-18T10:44:05.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wetransfer.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sat, 31 May 2025 00:00:00 GMT","end":"Mon, 29 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"CE:9C:13:F1:EB:4D:B9:AB:7B:01:CB:1A:57:9F:D0:9D:B9:80:74:3F","sha256":"A1:5C:76:DB:AC:9E:FE:69:72:E3:60:14:42:F7:E0:A2:38:BA:C9:59:0A:13:65:3B:A6:51:9A:39:45:16:FD:AD"}}},"request":{"raw":"GET /packs/media/images/favicon-a34a7465.ico HTTP/1.1\r\nHost: prod-cdn.wetransfer.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://westandard.appwrite.network/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 41566\r\ndate: Thu, 11 Sep 2025 04:40:07 GMT\r\nlast-modified: Thu, 21 Dec 2023 14:25:56 GMT\r\netag: \"692e1c7339c359b6412f059c9c9a0474\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: WSPfwMXP4VDLHPggbQK9yTzA726DqIdgg4FYB4a0Jrxi8F9TmZzgoA==\r\nage: 16265039\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":41566,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"692e1c7339c359b6412f059c9c9a0474","sha1":"e7c1a53dca16b7664880e5b8a92524cf9a47fb62","sha256":"d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda","sha512":"115b958093186bf5f98beced2bde91775121083b1e73f720372d793a23ebc7cf130cc4c6196f5f0d725a809fd63997666ae1de36cf070dcb6b6d2178c6796894","ssdeep":"96:pnvhextGn8hK7mxOBsOqHJt46FWJisw0msSieZQckSpyt:pnZHKzxOeOqf46FWuASjQcA","tlshash":"0f13459726c4ca1cc7916f33c0e245fad77adc96cd34ae0fa18cbe5a7471529285b14c","first_seen":"2023-05-01T18:12:38Z","last_seen":"2026-05-05T13:52:56.495786Z","times_seen":2648,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}