{"report_id":"f3e4174a-b54b-464d-a7cf-4edb5210b660","version":6,"status":"done","tags":["meta","facebook","phishing","social"],"date":"2026-02-26T14:59:18Z","url":{"schema":"http","addr":"diwkr.com","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":0,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"diwkr.com/#/index","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"title":"Facebook","dom":{"size":156727,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (44679)","md5":"8443b5f86c806bba54ea9cd9970d8a01","sha1":"c63f017b9e2866511e569010f795d722fb08a5f9","sha256":"7803991f413db96b8eefa1aed4e69a20069b987532f6b9b46c52604605315703","sha512":"2d7232248fdb9355a13037e547814499ed683ce0cab1a0063036345db3aefa7da7637d12a71ffe5b100d946e3f414493723a0628c0ca24484e101eb5e4d8df48","ssdeep":"1536:b4LajKaZeveMMzVIxpOMZMiO/7/NEWElxkvelD/ClA1KZa2PIPMQFiYnOjDdDVeE:b4La+GMYVCFOiYNEWErDP8mIFRx","tlshash":"e4e3c771c55a313b06274de8b0605b4fbae3831eda974a0167fcb78e5febc94ea04485","dom_hash":"domhash593532499c6b055a099192227fa2fd1d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"diwkr.com","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":0,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-02T14:59:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]},"summary":[{"fqdn":"diwkr.com","ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-26T14:59:23.507285Z","last_seen":"2026-02-26T14:59:23.507285Z","alert_count":576,"request_count":96,"received_data":6611951,"sent_data":41062,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"imgtest1.s3.amazonaws.com","ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2019-08-25T08:51:32Z","last_seen":"2026-02-22T19:04:21.391996Z","alert_count":0,"request_count":30,"received_data":3824016,"sent_data":13690,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"mall-test.s3.amazonaws.com","ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":0,"first_seen":"2024-08-11T22:28:16Z","last_seen":"2026-02-22T19:04:21.394924Z","alert_count":0,"request_count":35,"received_data":3407208,"sent_data":15910,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"zhuzi-tk-mall.s3.amazonaws.com","ip":{"addr":"52.219.184.49","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":3,"received_data":600190,"sent_data":1383,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"diwkr.com/js/app.5ec9074d.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"9334902a7d5a991dbb9c67080707a853","sha1":"81b91546122cd2d4562237f22ceab3ee6ae1fed4","sha256":"cc3dfbcf690a5e886493d32c430f2a4b6d002020d76703dd21b8b81682cad73f","sha512":"c2f83fc544c620edf3c0846e399f355da98c069ac95d34c959ac04443f4faa20f299ef9f9ba4ae3221efe3f721113c675967bc7c17cd4501082fa24c32d955bb","ssdeep":"24576:a2O3Tb8OVuhFWMU929PUAtLz29HxNUCOE3Nkxp5R+4t69uE9s1B9Lfbzxg7BuiV/:XO3Tb8OVuhFWMU9wPBtm9Hb59dWf+83o","tlshash":"7c658def67da77fc08545646a04f397421981cbafb96f4e008edf61922e9e40c213f69","size":1443649,"data":"","first_seen":"2026-02-26T14:59:42.126403Z","last_seen":"2026-04-08T00:27:57.284383Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-41aebf37.08e724c5.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"7db22ec6ff7aa1608dbf6b1f41c86406","sha1":"5034b2ccde94a8f1592a4ec80c4ae95adc0a5eeb","sha256":"68ee420cbf18493f2da23bdf5e6b536f701cba369dfdc0e2c5f9a34fdbb2fc59","sha512":"5d1c0699ad6947fb5a7466860675da639bdad0b642c0d40743e8f1541542ab46d975e26bc61244002694433ae955aa26d8d615a95fa6c2ab9565ff3aeb75bc8c","ssdeep":"192:4zCjfAcMsHsuDmLDYRRHEX8bMuMOO0L5xq/cictjAfNeNF/BPsGC8jd:5fNMsHfkX8bMKdmmvPXB","tlshash":"d15283e6c470a4bd895a92722045f1e0fb643a28d006514ffa7cec9a72ed424332e77e","size":14132,"data":"","first_seen":"2026-02-26T14:59:42.10872Z","last_seen":"2026-04-08T00:27:57.203995Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-00cedfd2.4003f8a3.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"f1829233d24683b188d21846049581a0","sha1":"e5f0526f630d8615a9646001f3c9d89e228ee460","sha256":"b698a01dad496ecec5b06cc40c3b7998d7a51c43f4b15e8ab0fe4fd56aef15d1","sha512":"2446788c7db2d046f8f7cf0d78026f2fced4ee7a897d892e4c3c565b407513158a302d5c3996114b03c019d453cb66597c3c9691055a1d5b81e3db5af5da1086","ssdeep":"384:qzsnfX8TCU86Zb2aMsJ0CnlDKalAeuMoPu/QWoYqWvztrhYO1B8c:XMT6sJznlD4W/QYHdYbc","tlshash":"74e21a4794816c3d8f57625a341b1298fa362b85d442cc96b53cfdf9e2aae30331b76c","size":33010,"data":"","first_seen":"2026-02-26T14:59:42.028332Z","last_seen":"2026-04-08T00:27:57.216528Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/js/vendors~app.073d0a83.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"ccdf722a20c51ab735abf90aff41af84","sha1":"4d182271df5dc982db855c230e0bf287ef3ff984","sha256":"e040c1dbc5950db60a7d5c7645c7cfed17e848f0c5e2a73f9031c8148e79667e","sha512":"c6bec2a8c326f03112d95859aeba946c0cd96524347a9e5893cd19f0b1d007f58e7be0f0c9eb34f0842cb9ef61c8a8b30045c5bf50dd1391212b3b12001f4234","ssdeep":"49152:cakrxaaVRfIIdNpOZM7U0/FEvmzsEARKpaDTVnzT9ZhAz+/31px:1krAIMZM7U0+mAmpEV39Mz0jx","tlshash":"97f5b35c364af340915ad0e7e43b3c49d26ae589a40b00d07f7187f31eb574ae7aee26","size":3532217,"data":"","first_seen":"2025-11-25T04:06:04.777988Z","last_seen":"2026-04-08T00:27:57.286117Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"diwkr.com/img/banner_02.89b098f4.png","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/banner_02.89b098f4.png HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"20449-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20449,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 297, 8-bit colormap, non-interlaced","md5":"89b098f43ae255167ff8b26c24194870","sha1":"6cf7d73b538b2f6b92942a9054b0befe10e03f33","sha256":"9d85d3258f92e0cb5dd6bbe44d10f65aa9910a75a1f9e6774428314c9e76659c","sha512":"e093c03f4de4cf196a7b8d6f2004339f82c355268b832a0bf8ba719d23af27cb3136483c34e3390e0881e643d518ac1a01448fb3faecbf6949bd8443634441bd","ssdeep":"384:RwLMKW7MjvwmrXJxI/vlWvanoXTSrZzmo8NC4YIWFdhipRB2MvT/34kLPEbdv8N4:vMbNrzglWinQTSrZzm94bqpR0K/IkLaB","tlshash":"a892e145bc5d88b5e97da4113380b98f0b75decf61d2984f3a2b48ff86e9a904353863","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-03T20:19:56.437465Z","times_seen":1275,"resource_available":false,"data":null}},"time_used":1025,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1025,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/fonts/iconfont.0080bb9b.woff2","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /fonts/iconfont.0080bb9b.woff2 HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://diwkr.com/css/app.b6bf93d8.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 5212\r\netag: W/\"5212-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5212,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 5212, version 1.0","md5":"0080bb9b021fc0823608910adc2e5fdb","sha1":"b03c86fc4fb5e0542122925d2eb2468cdc842dd3","sha256":"a72e9b48fd851011d2e52a77ae7f72b6de42e4647182c7bae3ca49edf3347af4","sha512":"aa68b80986d5ebce07a92a36839e2b7f4365932ac12c992864ebb4a4e49ab9964e39464d9da1b79a0f963947a669176c3f65b23ef4e4203e520a790bfe6b0756","ssdeep":"96:vSvxwJyBbfhD1WrBqAFtlzkqV4tQWGRGQX/rZHhxm9Sy4kUf6:vS5H1p4FtlwqV4tOGQXtBxm9SpkUi","tlshash":"94b18f888c661528cf387a353840367dc9a3130db636e49acae41f1b57ab78a0159761","first_seen":"2024-02-11T04:26:44Z","last_seen":"2026-06-07T01:37:39.209662Z","times_seen":8059,"resource_available":false,"data":null}},"time_used":1067,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1067,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/06f91542-f535-445e-b3aa-04e3fb05fe8a.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/06f91542-f535-445e-b3aa-04e3fb05fe8a.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: nKP62zmQa2WqGldSmMA4If9M1JJED5lexY6FW9PV7I//tQUm4EG0psmQTJvI4xBcoBg9156g89uz5YZFRb/KSz9TKmggXKW9\r\nx-amz-request-id: JWRTH6VNSTYSY2YG\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:17 GMT\r\nETag: \"1b8714109ac1c300a6848b18f4b10531\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 27057\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":27057,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"1b8714109ac1c300a6848b18f4b10531","sha1":"1c40a9917624327dcad395e8d0a9a204e24d73d0","sha256":"952d26075b0ffa3fd64c6add8791e566a5d7010f52382b468a3f1672c5496320","sha512":"4a5388c14a734141ce576fb7e988c90418774f74d2641dfda2714951ce30264714baaa6338374f69d053de8e232efa6e658ff156ac04412adcfa3d6c41a3b94c","ssdeep":"768:G7DH6SIfn5ChIqflgQY2z+CR8hUywK3cD:GRIRCm3QY2z+nCywKE","tlshash":"2ac29d5348089fc7b13ac361bf031e6daf96bf09d495beeb10920ac7bb34655ac4d128","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.507252Z","times_seen":9648,"resource_available":false,"data":null}},"time_used":1039,"timings":{"blocked":921,"dns":0,"connect":0,"send":0,"wait":116,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/50277ee1-dc11-4e3b-948e-f2f37f4858da.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/50277ee1-dc11-4e3b-948e-f2f37f4858da.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 5N43diIRYXqFEOu7osB0JGTd/jktV2tYtcNjF0HRO/k95ou2PKO07xAxFYO67/D0/1ouTNhq3Xg=\r\nx-amz-request-id: JWRW3WVB7WHMJPDY\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:49:21 GMT\r\nETag: \"cf0c2ebda19a43267a2348c11f0e9b1a\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 104771\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":104771,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1166, components 3","md5":"cf0c2ebda19a43267a2348c11f0e9b1a","sha1":"f530278c1954d58bd91d7fd632ec98745670d158","sha256":"f38fad678825212dd76b489f41c44d65f661ffa87f0391f2a1f12823ffa01adb","sha512":"d22c73c72f3979b6d42c25bf33b4dc242900c7923bf2a5fffe6eb262a1c94ec32958594df688404505b92ae99ee8213518bdf76f2a6b4b63c96515899aa48014","ssdeep":"1536:4hPJiIGQfVd8Vw5LuDqpota4IsA1zT05E/igYy8aiPVymyKvgLgwwdmFwXlqfMKi:4hPpVWiLuDqIAkzy8aiPVy0vQ4R","tlshash":"c3a301c3611e5ca3c9381877233286328fb7e7c7c15da49cb458aa29c1e97bd3db9095","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-05-31T17:27:36.66319Z","times_seen":7021,"resource_available":false,"data":null}},"time_used":950,"timings":{"blocked":833,"dns":0,"connect":0,"send":0,"wait":113,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pachong/gaoqing/B07DWPTLJR/514KL6gAvYL._AC_SL1000_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pachong/gaoqing/B07DWPTLJR/514KL6gAvYL._AC_SL1000_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: IU8K0iOkScoaz/uK1PEexC+8bkt5QsXicoICVV0uzIBXF99wkflDRAl+BtxNqMkkTDAYfzVbrWw=\r\nx-amz-request-id: JWRT8YK61PNKKR45\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Tue, 21 May 2024 18:47:46 GMT\r\nETag: \"333bc9f8102abd9920062f747fd1aece\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 45252b2a7e6e7d31e4b51f95f215232c8cc5de8eb6d719a60ee4aa70022d8f70\r\nx-amz-meta-s3b-last-modified: 20230415T142418Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 30129\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":30129,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 888x970, components 3","md5":"333bc9f8102abd9920062f747fd1aece","sha1":"e9e549efd4c0bff166582969196d4c48963d64c5","sha256":"45252b2a7e6e7d31e4b51f95f215232c8cc5de8eb6d719a60ee4aa70022d8f70","sha512":"c5b4682553f9430c4d889d864ea2c426e13264803531b8fe3781edadf67ef75dcb4b92a5f7b1e3f828cd768945dafb8746d7b0ca1fcaeefceb40a0fb2e16b600","ssdeep":"768:1rqMSN/4n00wwRelfNwPFdMOHhXhEM773zrWjYV0+aF16JO3j:sMSa0rwR6lwPFzhXhEgnrbVzaFkJ4j","tlshash":"fcd2e1b57b17c379e8b3217b8749638f9ed9cdb52126025f1149b9343c61d644cad8cc","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.467374Z","times_seen":7233,"resource_available":false,"data":null}},"time_used":795,"timings":{"blocked":677,"dns":0,"connect":0,"send":0,"wait":116,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-41aebf37.c3acef98.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-41aebf37.c3acef98.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"6834-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6834), with no line terminators","md5":"f7b1de25905c81c373dba149d03c31f9","sha1":"862e37406535632dfb53a15f6a89c16efb3c94df","sha256":"e75dbd8d3fa49fec96c2b893018aed78a616974cb812b015636553d832881751","sha512":"5a2f0034e39196a38ce44b9d9cc46301069bf252b4f092c46db65bcd45a55ed05a6b53bc8241f14a5f5390b530394bcfb0ffea60b21c9262d0b669e07fd1707d","ssdeep":"96:Zsivfdy8lOFD1vq80WV/LPxDmvo6SOwUu50NJj9MC2:Zz33lSD1v30I/LPxDWrhxuuz+","tlshash":"56e10ff2f231112f7426953be18389e8bc86b10dd3ffc656ff84b514daa9182063518e","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-06-06T14:40:04.448067Z","times_seen":1977,"resource_available":false,"data":null}},"time_used":465,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":465,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-574f8736.7da50378.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.369Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-574f8736.7da50378.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 971\r\netag: W/\"971-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":971,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (971), with no line terminators","md5":"364b94b45eaf72b8e38bf5dc4b2348f9","sha1":"869691808bc786803fba4730ffaecb8c2c95a975","sha256":"2da93f714bc866a0e4f302d78c7e5d14d291c27551b29d27969cb57089a191d4","sha512":"a33a5504a3284c5c20c32c7385f61833fada6b1d13e575231c0153a9fdf87d61b7a62caf829e6a22187ec6c8699b87ed13dec945c814e12be7034015716509a0","ssdeep":"","tlshash":"ca119bf151081435b867f26475d055fe316ef343a233446daea4b3a6ce93a9b12212ce","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-06-06T14:40:04.434707Z","times_seen":7560,"resource_available":false,"data":null}},"time_used":440,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":440,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-ec5b203e.45f75ffc.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-ec5b203e.45f75ffc.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"4759-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4759,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4759), with no line terminators","md5":"50b67c1e36297b1843f24dadece451cb","sha1":"aab4395d6d74d3e50d7016a544f7709a601343a2","sha256":"6310619d584f66c72ad89a3e491fcd0100f459bbb6c9d49d92843f464fcf51d5","sha512":"4dfc42a95a7a19d045ca233519f6f1c6fbd5446b344a059b1a5f691e916a5191b0121a7ba61619722cb7989a175982917bdf4e6359cfa4920d9f1e4b3ae2f29b","ssdeep":"96:2oxsUQOwXVcjglPJiA8J+eCkGCaCR4CRjpClCucCOCTpCHC9C3C9CtACbCUCtCcJ:2oxsUQOwXVcjQPJiA80eCkGCaCqCTClX","tlshash":"35a11297311f133d68b7e1571981a86d7878efc2c1322211fc27aa18c8db6977a3724d","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.336196Z","times_seen":5412,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":441,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/syspara!getSyspara.action?code=mall_max_goods_number_in_order\u0026lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:59.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"POST /wap/api/syspara!getSyspara.action?code=mall_max_goods_number_in_order\u0026lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://diwkr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":71,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"7c4654fa4ff81d11b3c8d322ec628880","sha1":"080c15bfaa6d03e4ccdd092630344aaf1f003c47","sha256":"1f9573c145cceac2e7ec7273293953edd53fd282aca6e50acd9334f59f34a5fa","sha512":"61d2d5a60435f554ef05dcb0e1b1c47875ac6610289e4d3ea66013244a25a7b1b720d3927649ce420575cc00929d9350f519524350066508593ad659aacb79ed","ssdeep":"","tlshash":"b9a012009c155c150c03c244a84d260641c8210246404e180d041928017d43c21000b0","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-06T14:40:04.499491Z","times_seen":5687,"resource_available":false,"data":null}},"time_used":937,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":937,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/selle/2023-11-06/e2e57f13-bf6d-48e0-be0a-1a881b082e8c.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /selle/2023-11-06/e2e57f13-bf6d-48e0-be0a-1a881b082e8c.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 1DxHWGLFom1NJZ6r6DTzV9VcqBaifeQokDGIcp5PHWYnIqW6Ysa8b86w/ZoTGX46/XzWjB+A+c1yo1s85R5g4A==\r\nx-amz-request-id: JWRYSP27YC3XWVR9\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:44:45 GMT\r\nETag: \"292f81f90fe6cd140ff2e3d5ed135a71\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 91249\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":91249,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1078x774, components 3","md5":"292f81f90fe6cd140ff2e3d5ed135a71","sha1":"0f4330a32fd09325d535bfeb90e423a3ee421f44","sha256":"d88ba58bbf925231866abf29db5bee81900e5e7cdb49cca4509264528a7ee976","sha512":"ae6a21497015b12bf1b99dc4301fef11d5616d40ec3e1f4d12a011a89d59c7824ee3dc00d5963a78099f598ef715fd4389ce4bf9b23dbbbcfe1ba317a513c9de","ssdeep":"1536:Lnembrn6M4ZkHJgptZaGEISdc9sth3ZtAMOxh3W75UCerd:Lnembrn6M4ZcJI40Se9s3AMOn3W75eZ","tlshash":"4f93e2c532615903d39d4b7a1e8912d21210ff7d21c2497be9d64d2f2e9da736a80cdf","first_seen":"2024-05-25T22:56:10Z","last_seen":"2026-06-05T23:30:49.72924Z","times_seen":834,"resource_available":false,"data":null}},"time_used":614,"timings":{"blocked":496,"dns":0,"connect":0,"send":0,"wait":115,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/shopAvatar/2023-11-23/1e60a570-fd75-42c1-b3b9-3c040b0cc19e.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /shopAvatar/2023-11-23/1e60a570-fd75-42c1-b3b9-3c040b0cc19e.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: tr+D54f3zUJp5pb+ahNTp8I/IivIw2MCjHS+N2ZFzBoOmL0b3GB/KVBqM/Vu8CrEF4KTFE/HtnYwF7/q29F/5wLoAxLBZD6A\r\nx-amz-request-id: JWRT4AAQF7RPRSYP\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:45:32 GMT\r\nETag: \"3224e47c70fef9289898672d8fa26d2a\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 1521350\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":1521350,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 936 x 936, 8-bit/color RGBA, non-interlaced","md5":"d4ad8c8f28bbff0552707fa501cf07cf","sha1":"6dc1348a98aa7efc61489e2bc7f95cefb44f4a09","sha256":"a8c5a04357bad806ad855cef0f92ef998bfc2e0cd8a390818df436cf40d6efde","sha512":"9ca2c9b123ef136a260b5bc2a1a0a900a29e45034ea01184e89ddae6e0a302812fe0c74771958d398cc59a9ef13737429aa37297fbfdcde96293f608ad42d367","ssdeep":"24576:wp4vxIrg4fman4ZmBk2/MqGj9jKKxrijvB:wevxZ4frBkA2QKMB","tlshash":"75253315d425b107fbc79a75d98617833cfe1421b3abb04d0fe48a1af972e726898137","first_seen":"2025-07-28T06:58:14.003726Z","last_seen":"2026-06-05T23:30:49.818893Z","times_seen":400,"resource_available":false,"data":null}},"time_used":964,"timings":{"blocked":525,"dns":0,"connect":0,"send":0,"wait":117,"receive":322,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/avatar/2023-05-27/bb83d710-d830-40db-a3ea-ad1c84d707d4.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /avatar/2023-05-27/bb83d710-d830-40db-a3ea-ad1c84d707d4.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: i4i7XsMJDPa0WqBoDphSmENfSxDUv1pEoWZlGK8bMxAOWFAYWO6p8Ws6A3rSuHqQcs5ECfNHmAscjewy6hihUw==\r\nx-amz-request-id: JWRZ324112RJA6BK\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:20:56 GMT\r\nETag: \"72fd36f0d2f325647f3117410aec1dd6\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 14021\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":14021,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced","md5":"72fd36f0d2f325647f3117410aec1dd6","sha1":"7ee804c2afef0256e666952f16239780acc8de61","sha256":"c3041ec54bc45f4d7ac030cf08264a14272459bc059ad82c7e8bf501ee96e9b4","sha512":"1288bf9bb3ef598d80744253b06416d96a58aa89d2be7102dcec88c21f1a8fa36fd72ab9040f27bcaf2f24d1fea44c56ed857493834f5f1581c21883041ad6cd","ssdeep":"384:7T3q3eRuJHzW+tRWfF/Kc2hNCzP13TDTv2VOu68CAvkfChP3b:7TDSqec4hGNDfv2Vr6Csqb","tlshash":"99529d91c740f5f9db8406f629001bb133b62573ba3b2a75b6bb84541d7a7a87304fca","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-06T14:40:04.376439Z","times_seen":2043,"resource_available":false,"data":null}},"time_used":677,"timings":{"blocked":559,"dns":0,"connect":0,"send":0,"wait":117,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/d9a4f743-88c7-49d5-8f27-acd79169d134.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/d9a4f743-88c7-49d5-8f27-acd79169d134.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: nlQ93CUaQUiXTMSz1b2Qd+787PzxSRQ1XxCkn1XMLoKse7vbcU/4L8ZvcCN43VKWKGljsgaPUCo=\r\nx-amz-request-id: JWRKH3213S8HV1RE\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:54:21 GMT\r\nETag: \"5eb7c18e0164431bc4ebd5432142d478\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 62006\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":62006,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 992x798, components 3","md5":"5eb7c18e0164431bc4ebd5432142d478","sha1":"0e7463b4754fba04259090a3e6c70865b6acde18","sha256":"c8e8e1655371e5817147fb849721d215226bb8f03e99bee89e9b3217f91187ba","sha512":"0dfacb79d468692bb1e777bfc2311eb6ae4f4de8d4f1d4f273a6e918a7538cc7f7450c577a7978b281b8c7c8a8f1cd224675df0ed5af052e11f82ec4acbc3af5","ssdeep":"1536:VBqvv4Wcx0q5rQdsUVr80gBJB0t+QZb2sG1/:wv4Ws0gUyUVrRgBJo+QRGR","tlshash":"0c53128569a9b165db633ab88e06708efc0f2ca6eef70074210dd3d93074af1bd4a45c","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.340656Z","times_seen":2411,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/908e2a95-723f-40aa-ac29-581a9ee153f5.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/908e2a95-723f-40aa-ac29-581a9ee153f5.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: u2mtXrR+Ewhb0U4pqNYgatofqz3IrYAr65XC0Hh2OP/csZTYsWoGkiU8RnXtvsi+XTeCtSNCbm4=\r\nx-amz-request-id: JWRGQ74KWQ1719D0\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:51:40 GMT\r\nETag: \"c5a47705795cdbc1e8729597ae3590c0\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 116736\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":116736,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x890, components 3","md5":"c5a47705795cdbc1e8729597ae3590c0","sha1":"dc331981dd3aeb0e2ef49a5339b9de6fc874a6b1","sha256":"2c4fb62978884f281072fa2aac50acd32f422cd139a6e8c703c644263f3cfefe","sha512":"64b217eb462365a15e408992e9f6cafc4da3aeff8be47a4a0d9cf1eec22ae84b8c49db9e0bde58eeb4c3218d3503147fa72fb222e07dd10f09e08108934f491c","ssdeep":"3072:5e2yg9EXZZEXO06Ae3UYn/HFkdOQRC+p/o:ZyeEXmO06AuUYnNkkQRC+p/o","tlshash":"82b313ed627148c6e96c04b5587ec05c8a31138bb6d8af6f30fe1d221bcda512edf549","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.523462Z","times_seen":2369,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-fc9179d2.85ee17e2.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-fc9179d2.85ee17e2.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\ncontent-length: 410\r\netag: W/\"410-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":410,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (410), with no line terminators","md5":"fc805b781c89c799b666c4fbc4aeb200","sha1":"fd06224fae1c2c2bde5a18ae89ad003e03d5fef3","sha256":"a69b97003c8dfe86e112829516ab7dd637a12b08508d6cb9049741ea93868576","sha512":"2c06b84040f5df4f5486d754fa36dc5acfd67741c94e929f9c94994c1e7e71898c1fb336dc6be4e8568c2bd0c449b0e34e8f392cee6452d08874382a90856bf6","ssdeep":"","tlshash":"09e0a942010a1e2b2563f42ad0820707b665fb37eb42d2409ee00a080f9b30a38383e6","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-06-06T14:40:04.364867Z","times_seen":6986,"resource_available":false,"data":null}},"time_used":468,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":468,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/fonts/element-icons.535877f5.woff","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /fonts/element-icons.535877f5.woff HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://diwkr.com/css/app.b6bf93d8.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: font/woff\r\ncontent-length: 28200\r\netag: W/\"28200-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28200,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 28200, version 1.0","md5":"535877f50039c0cb49a6196a5b7517cd","sha1":"0000c4e27d38f9f8bbe4e58b5ce2477e589507a7","sha256":"ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17","sha512":"da269b20f13fb5b0bb4628b75ec29e69bb2d36999e94b61a846cb58db679287a13d0aa38cdf64b2893558d183c4cc5df8da770e5a5b2a3288622cd4bd0e1c87b","ssdeep":"768:gOvv6ExpCVxUtrT6w8ClFd80EjPVerMKBaGXjAlEm:Hvv6xVWewtlFdGjPlkFjAlEm","tlshash":"b9c2e13197213ae9d9824ef876e498fef1651402290f390e8696adb3a98d5c73e16831","first_seen":"2023-04-05T15:22:49Z","last_seen":"2026-06-07T08:02:28.29093Z","times_seen":26022,"resource_available":false,"data":null}},"time_used":1087,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1061,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/b8a68172-576a-4457-b9aa-10c98bb46782.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/b8a68172-576a-4457-b9aa-10c98bb46782.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: vn/Lnhtj0lpGzmRHg8L6gFnce22/dGgfv4QPgnLRrdFkEV5S/jCju1IR4AagT20emyGddX2CuoI=\r\nx-amz-request-id: 7RX5R3XXHQHVDYVX\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 20:53:09 GMT\r\nETag: \"963cb56e987f75139a4206e2853821e6\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 234396\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":234396,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x1440, components 3","md5":"963cb56e987f75139a4206e2853821e6","sha1":"ce71e1769f7261cd7b9a24961ad20fb7a59020af","sha256":"ca1da66523d750de307c04335a1c1c6a4a5984b6e18740d6a9b5d05328a83eb3","sha512":"32b60068394c931060c1753e698783852cf5287a33a02520531964297d9f7c9b2a075a104400d58371a38b39e90f79349952df52f99ce456d4a43da248fba813","ssdeep":"6144:hEAd94lqhbTQUovlU065PNq7FHQpTmsx/:hpd94lEE/Nc5w7Fwt1","tlshash":"de3423f953a91d48d25c2b303153934d7ebd68f3ebe22b319440240b0efd590f55a5ba","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.432118Z","times_seen":2431,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":239,"dns":0,"connect":0,"send":0,"wait":106,"receive":189,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/f6acb799-6e3d-40d7-9dea-f88b73ddc661.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/f6acb799-6e3d-40d7-9dea-f88b73ddc661.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Gc0JQFbXQwrgBV+evwfaQZA423ixILqCAw0805SsvbtYkk15czQGGrOa8VRpEe18i3qe34M0pNQ=\r\nx-amz-request-id: JWRV37P4J651FAAK\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:55:24 GMT\r\nETag: \"188e058e6f7fbe9ad0a5f77351993576\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 58343\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":58343,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 887x658, components 3","md5":"188e058e6f7fbe9ad0a5f77351993576","sha1":"5aa78ff88b30cbd54edb475d4275fc0d4218497f","sha256":"0c05def09a06513f1f4642a32933517dae2a570113bee37d42eb032886be835d","sha512":"bdf8a4a595692fbe4e7852b784846f1a76a87e36bde4e0a4d20eb190020965784572ee99ea2df88e46b3f22048cc6b2a04fd179d1796a7ab3b4911a699a230a8","ssdeep":"768:1708n17R4+OZnvTjYIoH3etV6CFmPxPoLsRkmVNIHEGjLF8asgzZ0vc/aT39Carl:d07BTjYfXet3mZPoLgknF8BgkB5rDZ","tlshash":"3643f260337882f3f1bbb8386b8d3a1a5b55b4975382cdef11126db2ab07a51745438f","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-06T14:40:04.351187Z","times_seen":2419,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-3581ccc6.f09689d1.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-3581ccc6.f09689d1.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"3625-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3625,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3625), with no line terminators","md5":"f1780f9d45f7658d040c38d25eb705a1","sha1":"b819f324b3d0a8530037bb5474799ad57939ea91","sha256":"67041091f6905c2a4d162ea27c32382a85a0519e0b6c9dd7e3fe9e3a2393597c","sha512":"a7f6365c1ed56e22baa5c02f6e0d5336e10db1e34ebf13d65c0b62ef517c8a7b81498c8e2f5a8be34d1df3a8119fa643a2c8b569d04233da739edad49bdea906","ssdeep":"","tlshash":"d4718a117b2922f8e867805e2b56944d3710f10ba26ec8f7eea0d435cee29123b7459a","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.365877Z","times_seen":1778,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":558,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-6699a1ea.cd704402.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-6699a1ea.cd704402.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"1252-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1252,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1252), with no line terminators","md5":"b50aad23d365ccde72e78b8313b4e7c2","sha1":"82e1ed3080ed69d8b4384e17044cdcf837769a03","sha256":"e36128c4817614792876d24a43ab454dd8cdd52f66965bb00f14406da9011f3c","sha512":"3929980e42defe71e881ffa97bf69c5d70251a4adf0eaabc203dc87188f3d9da61887ecf8f793b9c6a2861a6b24484417bd3adc1cd46a41cf2a0f14082f92dd7","ssdeep":"","tlshash":"3f21ee67b51163ada3bb689413b29c8c7414c840f5ebebfae906411dc7c72973691388","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.522312Z","times_seen":7301,"resource_available":false,"data":null}},"time_used":418,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":418,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/img/logo.50274c6e.png","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/logo.50274c6e.png HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"35334-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35334,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 4541 x 1500, 8-bit colormap, non-interlaced","md5":"50274c6ec03bdd29860ba1738485ac22","sha1":"2bbb553cb082664359269d11d1cf11712b2ad939","sha256":"1d513ce23ff8b99b35295de7b2ae9a016185efbe2d71d9ef3f9055a2203f7ce3","sha512":"0fff81ba754363fd949cbb19afcaec59099fcd7b360ddeb82dcf88123df81090ba876427ca86b67d4a3e0b1ba27be92bd6682635f2abc3aff4940bae46b23e74","ssdeep":"768:S9GMWYt0TzyZATuKVZZqKDLtpPRrfGI+6YBOnavJSIeLvaI22M:SoNYtUe3AyK/XZrfGI+6YO0JBMvaI22M","tlshash":"56f2d0aeda09cd47f6223e304285519df1f97cad5346f8fba922c1177a5731c232272a","first_seen":"2026-02-26T14:59:42.006444Z","last_seen":"2026-04-08T00:27:57.164442Z","times_seen":8,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/category!recommend.action?\u0026pageSize=50\u0026pageNum=1\u0026lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:59.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"POST /wap/api/category!recommend.action?\u0026pageSize=50\u0026pageNum=1\u0026lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://diwkr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7436,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"21d637c390b670de7c37ae086f188861","sha1":"f1b8b2647612615ec5d14c393c35e7801bd59513","sha256":"90a272c25bb1976f2ef25efd6ac9e609732a8fc698011d019132b0d0acfe9fbf","sha512":"b952de23423f27f448286f4d215d04753700335cac67b036ca79454828e72782a8c4d8cdd921288ec6e6af84a2c28d51a278eddb115a2c8e5370244de9f12045","ssdeep":"192:5VvIdzoHaIDsGJTN1o1xzvxVRbQKgDCU70NUbcxhYuI3PnU7xG60gkAxpHPUL4CU:5VgF4DBm1hvPQmU7YTxhKU7s60RAszUN","tlshash":"e9e174a9ffe83c6d4b8486d1168725cfe4a0e03b9fd70ec604fdde448aa676a057c164","first_seen":"2026-02-26T14:59:42.007434Z","last_seen":"2026-02-26T23:43:04.841375Z","times_seen":2,"resource_available":false,"data":null}},"time_used":960,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":960,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/85c9fa3a-9c9f-44f1-aff5-1f72797dbdb2.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/85c9fa3a-9c9f-44f1-aff5-1f72797dbdb2.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Qa0beywl2OAB/Z0FQdtdBol6FFW+5lrfChdc7UAXMKPI2fe/UTYjvkCnwU+cw/uRc3U8rWhZcqg=\r\nx-amz-request-id: 7RX4S6TJKWX2JSXX\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 20:51:16 GMT\r\nETag: \"b8913d9e5154ba64e3fe7bbb1e357d39\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 115039\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":115039,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1214, components 3","md5":"b8913d9e5154ba64e3fe7bbb1e357d39","sha1":"099900879ee6c6ffc46886c6c7a51deb002620a5","sha256":"323c53514398146cf826ac3c7492cb33fdbf76048efb002dd7245cac6ac00de5","sha512":"1b3d93f1860985cf5a4523f0f637f212b67d23dc4083d74b905209fc50179efceef7878dc86d5f0a19a3e8fe499a5989dcb47f76445872f1551296dda4935dc6","ssdeep":"3072:tnAsQmUqLtgMVlm8Bq1u7PqMQq8+5AsIBYbu2ILf3rQX:BAq5SYlVg1GP50qC2ILDM","tlshash":"eeb3128b8363f8c8ff17a0b56f84b712e516042539b136840eed1614e27ea6f7d47e51","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.335063Z","times_seen":2402,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":346,"dns":0,"connect":0,"send":0,"wait":126,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp/B0842PRXT6/61tbbK8RkHL._AC_SL1000_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp/B0842PRXT6/61tbbK8RkHL._AC_SL1000_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: UXLaPcWy2zW014qUFtPobTaIj6vEMUhaKZaPO1bm+bZouP0kA8lLLmb3JKeIiYpTr/5htPiuKwg=\r\nx-amz-request-id: 7RX773V0JG7T3JJG\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 02:59:56 GMT\r\nETag: \"63e2fd337fbf2929ce3fe246e90ba31a\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 2fb50a8c3ba54fbd84dc3342532f989e76ca7540832b7c4931d8ca33db55213c\r\nx-amz-meta-s3b-last-modified: 20231026T124629Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 75594\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":75594,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x687, components 3","md5":"63e2fd337fbf2929ce3fe246e90ba31a","sha1":"bf2750fce56ef9ad51e4a5d8a50abdc336c058c3","sha256":"2fb50a8c3ba54fbd84dc3342532f989e76ca7540832b7c4931d8ca33db55213c","sha512":"64a18a9024eba918294bf2bc6d7ba454fe08f1f1ce6dccf2b30f08dc6d2b0a81eb96f47bfbf99e0a74c50180b9c4b0ed4d657a38da176ba2106c81b49b808e01","ssdeep":"1536:Ub+La/D2TkPb7Jg4T9L9KLKTs2ZWvPA8UJIIZcbV2JUwgrDx1Gxz0:FW20Sgsys2YI87jMJUt1+o","tlshash":"867302b3fbb063b5d52498b121054e29bf939a38f8c09ab3a962873734e4ecc58c5595","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.329784Z","times_seen":2210,"resource_available":false,"data":null}},"time_used":662,"timings":{"blocked":539,"dns":0,"connect":0,"send":0,"wait":121,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/093d9f58-2c6d-425a-b3c9-1898b0aca760.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/093d9f58-2c6d-425a-b3c9-1898b0aca760.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: ezE2ZtPLAQsUWLrjfPMh7RVDaOUAJSouLDqo+Uly1EC4VXuqtDfnAfOx/1SBkGpTMt4avRNBqlQ=\r\nx-amz-request-id: 7RX22GSZCPQZ44H9\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 20:46:44 GMT\r\nETag: \"cfcc313a94dfb8530acb5ecfe5dc53af\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 132447\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":132447,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1500, components 3","md5":"cfcc313a94dfb8530acb5ecfe5dc53af","sha1":"4ce68057416501691588568831526f3f621377e1","sha256":"616cefa8fa49014d34e31d96d913620bf5252ad75654db3924f71a05834202c6","sha512":"fc051b5d6e2a87267ee275655fb446499cd4f41eca27a43c7e3666fedcb37364e65086055b0668434a8e8f0c9ca176c4f9570de51dedeb85e37304804be91846","ssdeep":"3072:ErQx7WJnVeTJWMRXz15rKYLbYeZu4G+gqg44O0wZfeN7yC:KQOnVMgeyH+Q4WWfeN7F","tlshash":"28d312c06b111bcbe5c83fb5227a928237e772399493fd323981d26e59d1c78a237d42","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.33961Z","times_seen":2337,"resource_available":false,"data":null}},"time_used":478,"timings":{"blocked":268,"dns":0,"connect":0,"send":0,"wait":114,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-0f135973.1a94a034.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:02.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-0f135973.1a94a034.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:02 GMT\r\ncontent-type: text/css\r\ncontent-length: 428\r\netag: W/\"428-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":428,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (428), with no line terminators","md5":"839113b3a06297a1185b208299520527","sha1":"df67e42e507fdf888b4f0b1706a0bd54e09763ff","sha256":"ae7439473b984cf35ac3a8199ea3a3ccd8c794d239d0e36fec25cd4a3f0222ac","sha512":"da16c62f7431636915bdfa092d4468b66770272aca96b2e4c27d1bf9cd36b044dc03acb199486e709a3a82c272c9ab6ffe79305e116376d596ec30e3523dbf6b","ssdeep":"","tlshash":"2de0a0a051072a3b2563f0b6a8c20427b655f7abe91291107be305092e7b38a68373e8","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.363745Z","times_seen":6807,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-82f5a9c0.61d5f87b.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-82f5a9c0.61d5f87b.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"4331-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4331,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4331), with no line terminators","md5":"7011ba16f26e8f68cb9121991c4f9ead","sha1":"bd69c0d7de05817a9bce551e43c4ba95a5cec3e3","sha256":"f6faeb4b2fde3871bb44476aa6b9bec1f16752b3859a7f7aba5f1b7b3d7f0857","sha512":"d07f2482426162fa8c5f7193e51082e8ff59a7d480e989ccb2be1906bdcf91a11a785bac510762bebb80de0dbf1fa6639c79969cd7347f75a2ea36db350713be","ssdeep":"48:YL+LhEzjG1CkaOK/cove7eaeg23c0qjWQjNnRRcUM4ZjNne0FkZmHD+BbwJgwVAp:LEzy4OWv4z92ijWkNnZJn7r+Z1RRAlA","tlshash":"28914d3132a966297573e46961c055dc720ca327e3e2ceeede51801acdce3e71634b59","first_seen":"2026-01-17T01:19:00.807574Z","last_seen":"2026-05-27T20:53:28.204149Z","times_seen":11,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":427,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-f9e6af42.28c4179c.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-f9e6af42.28c4179c.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"1594-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1594,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1594), with no line terminators","md5":"2ca529f586a240299f0fe2404ae0be30","sha1":"d23fe00d6f8cbdd72fbd8481bfab66daabb6d16c","sha256":"d8060f1299dcf149dcb7623be20761d8a23814f55832c649cba6f895d9b6a25d","sha512":"bf8dddfefa3bedad92fa3935a55ed4fed084385bb099754e717741aa4e9d554cfefa3e43427122de236cd791456bf5f57b9a87c9d03cfcf819f845de414e9614","ssdeep":"","tlshash":"7531851a3e6d9d295833f31923c7485e7900eb7b8557821f7841a52b8fb70837eb3286","first_seen":"2026-01-17T01:19:00.684219Z","last_seen":"2026-05-27T20:53:28.245127Z","times_seen":11,"resource_available":false,"data":null}},"time_used":468,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":468,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-0492056c.49ace7d6.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-0492056c.49ace7d6.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:06 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"3896-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3896,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3896), with no line terminators","md5":"99fa911493b2954e9402bfeeb0bc065b","sha1":"4e961e31c6dd1770b819a1b015b192044ca7aa17","sha256":"e6801dfe5cba34371de3ac54e409aa67866f41798e30059d3802bde20c741e9b","sha512":"d2bca7fd1da13f0fe1d1d09663d7512f0be887b967b824dbeeb8b29f31d109104cb015cf3840907258f3b24b579a7af1f83e190e5ad3bdf62fd995f4ee00a0d1","ssdeep":"","tlshash":"d781706ea497e4bccd5ad052300f6234e1723fd69404c9aa7338dea89298d65332f37d","first_seen":"2025-04-07T10:59:20.403759Z","last_seen":"2026-05-30T03:35:54.813041Z","times_seen":338,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":483,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/d2355e87-0f42-48d3-9924-966b9fd8d2e0.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/d2355e87-0f42-48d3-9924-966b9fd8d2e0.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: TnMLiLhYXqHe6xsDgYxxoAHYXxMI8GnmBNbJO1GRjLwYJ2dozA3r7T8cXJHsjGDHcs65oVaiQhjH82TP9v6gmA==\r\nx-amz-request-id: JWRZCMZPDAQP9CEG\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"3fb702f913ff64c272d67742c3fade6d\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 28164\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":28164,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"3fb702f913ff64c272d67742c3fade6d","sha1":"9d59af9b1418caaf57ed3f938074958affbdbf5c","sha256":"effe7b76be1c47da3ab9aaf81e6542743506dc40affd341687094417a4feea49","sha512":"1be15380d11c4c57f3ac922aa8d945afa256b4fda813b5254fe3ec2fd8b01fc242c8f9faf79a25245626438240e63d8c68bc1e3dc6c8ae1569b363e28f99c817","ssdeep":"768:GkLEEqGMducsX2FbPZlrPr0YFveH2fzquxgfI:GZXvducmObPZlrPoYkH27hl","tlshash":"3bc2278b59484ed3a46d93e5be970e9c6f453b4ce88229ff10924fd77f202664c4d02b","first_seen":"2023-11-07T02:37:44Z","last_seen":"2026-06-06T14:40:04.300167Z","times_seen":9833,"resource_available":false,"data":null}},"time_used":1013,"timings":{"blocked":898,"dns":0,"connect":0,"send":0,"wait":114,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/e06b455c-8412-4866-b1b3-653027bd1c10.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/e06b455c-8412-4866-b1b3-653027bd1c10.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: uq1JSzLLrUie5YASAmFrxYFPdbc8QydPlaBgQ2t7KLx7SXhM0262ybZZKZ6py4FD5IHOU4Za6zA=\r\nx-amz-request-id: 7RXFQSNJGJZ7H1YQ\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 20:54:36 GMT\r\nETag: \"c204487a7d3a52dd08d0cb8bd82d4383\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 116417\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":116417,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1500, components 3","md5":"c204487a7d3a52dd08d0cb8bd82d4383","sha1":"0d1d0939727c3ce06382233272c124b3e0d023e8","sha256":"522ae93f5824674a9d56c6bd1e7973d5b98b171fbf00cd8e36369a842d416b6e","sha512":"c22785e439d2531161a142ac57571ad5d611562164b20454af4dd5e655c0e36b33d7e3331f77d5d9a7261a70ca92b3f1d5f34bd11eda38aebb5b0af30b1716b4","ssdeep":"1536:Vs2stZYxtS5hzAjXqCSe9lMKHKoyqBxglgPqUN0OWw2axsLUUNIBorXcQxs8ASz1:q2ssmhWXqCSclqoJvOTw2fLTN0EX08VT","tlshash":"8db312936325991bc7ed04734ab352bc6f719903775c5324bb01a42e59399c8ecccb5e","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.478207Z","times_seen":7442,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":1,"connect":92,"send":0,"wait":126,"receive":187,"ssl":103},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/img/right1.57c427fc.jpeg","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/right1.57c427fc.jpeg HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:01 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\netag: W/\"4805-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4805,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"57c427fca0d84bc0a092d9034deed77f","sha1":"e47ba5c89f052526d7eda2aad1a86336b3319aa8","sha256":"913d611036152ecabefb26e4ef79c198a2779ea1e5fca384f6a6b159d0babca6","sha512":"df3edf66df0741f19114843d93cea243ad98efb17a75f4a9d07f7ad80b006b110010eb0feb96f84f6ae57d9e5408096812fc528468f6a7b42c1ead3e8595d171","ssdeep":"96:WhC4SzAFMLFwDLyk6KPTLPwrAO824idlifhcL1qYIwEfRHNRXb9z:EJFMJiOklLLGvG83ELRXF","tlshash":"e3a18e4f67b66c5febba8bbc04184f942512dc1159321f7905a05c195d2fcfad9603d1","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-05-30T03:35:54.915489Z","times_seen":4638,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/img/right3.9c862538.jpeg","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/right3.9c862538.jpeg HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:01 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\netag: W/\"5499-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5499,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"9c86253815081c0c34036ff07d755cb5","sha1":"c76c8077affbb0a17ef370150dfb718db290a455","sha256":"29f7b8a55109e9ad235762ef2edf7523357ac563202f2ef931aa3099685c9e8a","sha512":"cd0ee09be0e8c939646c3e72e32a70a37017bb27f5bf23e3167776e8aaf81c0ff3868ecc1eb12df37341088e1aeba54cc1605c88aaf44a89000a8eb5b53b65a5","ssdeep":"96:Wh4J1bDl2qrFHk8A3CrwfOIngvJlMde582vqxe2CjEploBUs3:ESxPFHk8A39QhDQVoBX","tlshash":"04b18e9fb6cb7d90f776043be0c61d5522d67b0615e0a7fc8098aa4f98bbc714d10879","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-05-30T03:35:54.906512Z","times_seen":4690,"resource_available":false,"data":null}},"time_used":581,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":581,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/208bfce2-9f5e-4564-9ff0-3f42b091c6e1.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/208bfce2-9f5e-4564-9ff0-3f42b091c6e1.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 8QhRU208gYdylRV/3jlJqCOgS9GW83gtw5dNHOxQKoLQZcJlc2kBXC6IpiSMbIpZWpLJ3uFjFAg=\r\nx-amz-request-id: JWRGW03PQ36FNYQB\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:47:36 GMT\r\nETag: \"1994307f8b89af5cfce1809d993ccd77\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 70775\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":70775,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1419x1500, components 3","md5":"1994307f8b89af5cfce1809d993ccd77","sha1":"18a1e5b438175e9c250289af987baf9737f6eef3","sha256":"6fcf1c0fd9d63f09ab28bb88303bf4a07948cf20d7f2ada3b98d61b1c72c58b0","sha512":"44130d3baa426c9c78b487f7afc1be7a2aadcead85221802a975bcafa48cf828ea9269b51fdcd1c738e0a7fc03138f3e25317668713641cd8e24bae3648ecdb4","ssdeep":"1536:T+d12/duTA94befwkF/rN77EpdChj5oBzirrX6cRg3AF0:yfLTAueIkF/rN0pdCYRerqcRg3Aa","tlshash":"f76302f370c11441cc64d5b2b68d32b423769356fc2fd30c469e7b5b628983566e3ca9","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-03T23:39:34.518678Z","times_seen":7198,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":97,"dns":0,"connect":0,"send":0,"wait":161,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-0492056c.0f4ddcd1.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:02.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-0492056c.0f4ddcd1.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:02 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"6113-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6113,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6113), with no line terminators","md5":"9788f5c1eb6e47bac79ab36acc495817","sha1":"32907ce10bd8edfa4ffb56ee347d853b9a5faf7e","sha256":"e2807614374572930715fe74e5222b8fd8193aa83529b9e7fd7477057b0223af","sha512":"c1b35b2041203f68190891e96b7e6d4e95b817976b8c327208c713336d95abb284895bd5d912cbe45de3a373337e216fd071b1b11e789f5745e2939a34b79227","ssdeep":"96:VTdRiowyLNQRLCQz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGV1:VTdoJaQwQz5sbKYxgCtCowY2duLGm7Aj","tlshash":"44c11c763414a83996fef56998763acbf006f813d00991edb740a76cc8e3bc62db4359","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-05-30T03:35:54.900478Z","times_seen":999,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/vendors~app.a22a35f0.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:49.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/vendors~app.a22a35f0.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:49 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"248557-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":248557,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d5c894cc6efa67c7eca5596aa1ccc542","sha1":"e0fc9733e2a3b679f8dcf18137b3136f052179ad","sha256":"74feebb11d09f4d9d582f394de470f0f8750c0218d8d509379c921e66506c717","sha512":"b6ab3757f3c0df9b86707d53ee65c0eab3b8a484832541a859f14c2f487fb235842cdf4ec3b72751fef02556661e1e2fc5129dcb5b3b83be5493daea146d255b","ssdeep":"1536:nQ28Y7SrW3YeWXA1u9w4HCe/l4JrgW9cMERw4B78O6iZkJgYu8e210kSDDvIc/eU:ptKw/27eDLL6ob6v7f65WCXkb","tlshash":"7b34b6109b17203bb22bda6d74d0ba892f25c313d8334b7afe95790cc6d64991263e5f","first_seen":"2025-07-22T13:04:23.275055Z","last_seen":"2026-06-04T02:59:27.247637Z","times_seen":151,"resource_available":false,"data":null}},"time_used":964,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":964,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/97f3899d-51d4-4cd2-9720-0af99206dabb.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/97f3899d-51d4-4cd2-9720-0af99206dabb.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: SW4sCZ0PmTYRC0JmR6TuQu4D2Ak5Hv5rSTnoVbOgTerNdX6L2t7Tcr/o4fpTDtS/51ABTutQserUxbUeIoJbPg==\r\nx-amz-request-id: 7RX0A92781MGTTTE\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"74ce2539c3d1d018eb92f94dd3b9bd23\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 40407\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":40407,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"74ce2539c3d1d018eb92f94dd3b9bd23","sha1":"1ed07808d60d8ff4965899591136f4f1ccc880e3","sha256":"5a3f2be7dd8069790a3bb5098aa704996a51c1c689459abf286b29a0a99a3d26","sha512":"2b962643ae9c9c3aec2caae066500f422473d23eab84cd3dbf14dab1b1bcd25fa0cbf8914f6a540b724b78fef89f4c952873cc2de3e733886f9fe03a57aa3fec","ssdeep":"768:G26vbkDR8P2NFi0uyoJ6TlcoZVJixSS/+Q1irAGMk8P2x9rzcXyz:G2kQM8Fi1yZTlZVMxSmwXM5gcCz","tlshash":"a203e027dd508ec7b10dd3fc7faa7db8839d5a01a58473de20f51c96332584a4e6b458","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-06-06T14:40:04.369715Z","times_seen":9825,"resource_available":false,"data":null}},"time_used":563,"timings":{"blocked":446,"dns":0,"connect":0,"send":0,"wait":115,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pachong/gaoqing/B0BMQ8WCNF/91fTDjI24bL._AC_SL1500_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pachong/gaoqing/B0BMQ8WCNF/91fTDjI24bL._AC_SL1500_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: bvwl1w+Bkn/19nL3gPw16xv9l+1q90EEyNwjB9og8etPw/dZGH99tICQHZcaXrJLX1MHnmzNAks=\r\nx-amz-request-id: 7RX3XE4BBMC962YV\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Tue, 21 May 2024 22:38:25 GMT\r\nETag: \"d97df150aeb10281fef09028e4d07108\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 720fe80f1335b908e06827689e13021992f6c937ea3d4677e68ba28730e529c2\r\nx-amz-meta-s3b-last-modified: 20230414T110922Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 414495\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":414495,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1229, components 3","md5":"d97df150aeb10281fef09028e4d07108","sha1":"a7606a2e5b733d842b2af8379dfdbd82c216311b","sha256":"720fe80f1335b908e06827689e13021992f6c937ea3d4677e68ba28730e529c2","sha512":"878e28a4eb570611bf54e4287cb7ff3cf5a039ec4459d4364bb632410fc0e182941f7120f2a9b6852732a68d31748fcebf9a948e656b87eed226b8f9cb4d284a","ssdeep":"12288:S5A9jNzghSx78Ew0WXf/sJStZ50HN2kYH6aXvFhI9:S5+0ynWXnsJYzo2kYTXvTY","tlshash":"db94238d1f8ec82ce01f6db3bc6134d0112d2fd97659dad5dae56f46005e2a49ccf2a8","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.394107Z","times_seen":2390,"resource_available":false,"data":null}},"time_used":721,"timings":{"blocked":512,"dns":0,"connect":0,"send":0,"wait":110,"receive":99,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/d26d36b6-6435-4071-a1ed-647cf4e9214b.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-04-14/d26d36b6-6435-4071-a1ed-647cf4e9214b.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: GOmSbocdwjw78WOpmzKfuoQJARm6eIc/lSUpXkWNw+qKaNsvr7fiXemxKBajFZberSZv07wFWIAsRlgDHh2UKA==\r\nx-amz-request-id: 7RX7TD4W2FRCYEJJ\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"60e10d77ebe5877fc1c9385748e2cf72\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 180465\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":180465,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"60e10d77ebe5877fc1c9385748e2cf72","sha1":"77082da3f7af090dbcf9ac692bf2ba4e0d699aec","sha256":"f1343ddaa389f3aca6568d15637793f510925e7f88d13a6ff93591a326a66c48","sha512":"1a4999d20713081b41425f1f82ed3e7b5003e8f7024b18986a6f1e759e0cc797f7a0003c2d0e208d14261df253681ebe2795836541ff4ebb82b8763fbe5ce182","ssdeep":"3072:TrvxlqyFWPMUAy9v42Jxd3BDRnD748ezoCrW4rlfBoKamBYuWhNJwhi1nkx:Tr5AxXZvDJH3bnn7etB5fxzYhJb1nu","tlshash":"ca041269530c763929af82bccfdac921eff0210d0a74d75911cbf8e90a7a0bb91f2515","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.514674Z","times_seen":9593,"resource_available":false,"data":null}},"time_used":945,"timings":{"blocked":-1,"dns":15,"connect":101,"send":0,"wait":114,"receive":287,"ssl":428},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/f70eeeb1-a83c-4724-bd3e-7c6dc72637c1.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/f70eeeb1-a83c-4724-bd3e-7c6dc72637c1.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 51Hl3031wpLV2Y/s+cyNd6RDGwVJIE7DdUmmNUlPm0kw+fZ56I1gUiPDpzHQvxX4T6sSXOnDItw=\r\nx-amz-request-id: 7RX23K028NTHZETC\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 20:55:25 GMT\r\nETag: \"c37d660217f7d4c257006d2042c09e5e\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 53094\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":53094,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1326x1393, components 3","md5":"c37d660217f7d4c257006d2042c09e5e","sha1":"ea529657eb74db371f9a05e1c3d720cfd06c11ac","sha256":"ffe20fabb47fca3b0a55a877370f03f6168625efb804473ba88443d0e0513a38","sha512":"e7dea1d699abd674bf433eb4a6896fa8965b448b59361912ed8d587cfe4064471572162570a9080ecf0c20c21161b10507e386fc543116bd3a58e99b788f7a21","ssdeep":"1536:UYC4y9UKjX6lny922L7cDHc93ykbqdhVSbnm:U+kNwy9xfwcskyVInm","tlshash":"f933f18383a0e8d1f1cf6370402c9726e5cae52193f7c3939a1ece057575f997e52494","first_seen":"2024-02-11T04:26:45Z","last_seen":"2026-06-03T23:39:34.640323Z","times_seen":7663,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":-1,"dns":1,"connect":92,"send":0,"wait":114,"receive":93,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-00cedfd2.8f150f8d.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:02.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-00cedfd2.8f150f8d.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:02 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"15265-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15265,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15265), with no line terminators","md5":"11f60147d8796f6436c06308647b75fc","sha1":"522ef36c32786be1c3c88b83af4e5913b6b67f8d","sha256":"7bfe35715295721a15f555752a9f763dd55c7958d90ef07f990fabd089dc5684","sha512":"dc91ab2d155be7bb692870dce4214f4e67d674e3921155b72a19a6fa92e02b3d2b02bb55222701188039e83e0b1e21a0259aa679ea9c22da43fabe79e15934ab","ssdeep":"384:i5s8CkC2caII41+qFkV0vD5rw/CVFcjTK:i5sVGUI4EFaDm0Fc/K","tlshash":"5462d87375a0a63ab6b7967931d4a4ce7063e923c15782bdbb49e13cc8c7293163134e","first_seen":"2024-07-21T11:30:50Z","last_seen":"2026-05-30T03:35:54.794726Z","times_seen":641,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/vendors~app.073d0a83.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:49.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/vendors~app.073d0a83.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:49 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"3532217-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3532217,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37841)","md5":"a200e8386a79d9c4a1f7615dcce7a0d0","sha1":"3f8288a7d1f0752b98e7ee53f2799d66c14a9a3e","sha256":"726ca65331c1a60e0ac1b82592031a96745c8bf16267b7dca854933b6614d3d8","sha512":"557b58c12723094d2273518a59c65ec78778f0a424b86efa4403237bb6c9d9ad017c5b7a1536a6da4d277613f961fb59e9fe45da22b7cdc93fda4bf892b755f2","ssdeep":"12288:cakzke9PY9NpsaAdVISWE7f+7nIdLqltabWD9RdOsE7pUhJT:cakr69gaaV17f+7IdL+npOsE9o","tlshash":"9d3519cd7285b42253a37074407f250bb33a2959680e8458f665e8dabc7da5e633bf3c","first_seen":"2026-02-26T14:59:42.019278Z","last_seen":"2026-04-04T17:06:19.310457Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1736,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1736,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/syspara!getSyspara.action?code=show_video\u0026lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"POST /wap/api/syspara!getSyspara.action?code=show_video\u0026lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://diwkr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:58 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":52,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"33878fb83944a3d98e0ae8fbb3688401","sha1":"95cddb60c569b28c039a3982e1a593a9c9b75411","sha256":"05ed22d88cd80fb42cb476b3e2826110e2d9c377c9104929b9b5ee381971db57","sha512":"91c65dedfad117e4715750c3696fe2a76e51de20406b1314da92f025f323586806c7467c01ff03e092e4cf9bba824e57487f9cc9608feb66018c29f5aea10dcc","ssdeep":"","tlshash":"2790220000080832000380283c0c3200808c0003008083088c080a2000ec0a00220028","first_seen":"2025-07-21T20:07:50.133523Z","last_seen":"2026-05-31T13:48:58.261741Z","times_seen":63,"resource_available":false,"data":null}},"time_used":629,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":629,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/83ac7d5d-fa38-4678-af79-63b4066ea171.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/83ac7d5d-fa38-4678-af79-63b4066ea171.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: xMJXdXAUYWNy0zxKcWED/Vs4YO+xVApK581NxGGS8Ssbij6nRuhVT7LR/6jkf+FlRc40UiFHwSA=\r\nx-amz-request-id: JWRWHDR4YH3T3A9E\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:51:12 GMT\r\nETag: \"7fac67ccc5152addd1ee354754ded6f8\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 138263\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":138263,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1448, components 3","md5":"7fac67ccc5152addd1ee354754ded6f8","sha1":"76a721dd33cbe5db8b2b88cec77411504ecac3a8","sha256":"793dc1d79d43111b0d0f51a97639335a2e3b9e183fccf7f9977d4ee211f0abab","sha512":"5838f6f3db5cf29c41bea30d3ffa90a3fcb6621bf31b7ced36bfe2a5e7e9b73c1e3ea4704eb410a18d7ff851d63732f9946f8b5731599ec4ca99842cc5b0b944","ssdeep":"3072:/P49i9HHzuA3rNAKsr+2cStuOt/IaQnNuq01y8e6eJwfNNJaJT:/aixukN6Clst/IFNzP0NNJWT","tlshash":"c7d312fd4380ccd9e222a971610f53ace81735f209889d815b6df9a6f6512b4ffc9a12","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.536767Z","times_seen":7551,"resource_available":false,"data":null}},"time_used":917,"timings":{"blocked":799,"dns":0,"connect":0,"send":0,"wait":114,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-07/02a275d6-f6e2-4a03-863b-4f4a8e5553a2.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-07/02a275d6-f6e2-4a03-863b-4f4a8e5553a2.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: FWr778qAuOZ/65arMPGtPuJQYfUqERNH3IrHBot+dompvQ1TT7+pL8hu9Ex9tS8N5uwnWfHWcHtwhElyhzFI3Q==\r\nx-amz-request-id: JWRM8Z6AFRWMQ2FV\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:45:35 GMT\r\nETag: \"5a1dff9153a77d8a9378efd305a31020\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 224131\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":224131,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1220x1500, components 3","md5":"5a1dff9153a77d8a9378efd305a31020","sha1":"b280f6a2970151e339afd5e73361e0c6a734744e","sha256":"8ee4ccfa0296fd6e5c7ca878aa83aa308acc4699ede63a1cabc0be5af3798602","sha512":"abeb0d6350b6e478258e33713708899eff0b9a58db05b3137d5f869ae78214493b0829a025a3d5ffee54038c62d08ff38f0ae26a011960c0e5a08ed2ebd2e24e","ssdeep":"3072:/Oktuw2ZB4RVrrrV2GlegkDtLvyrA+PmwLiixr10oAIC1yQFMQLNXNP7g+UB2qDa:mktT2TCOGeLvIf/2IUyKb62qnGj","tlshash":"bc2412a0e302057ac0fd497d1cca4627eeaef7ba61eef102c42768103957736b574a67","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.551318Z","times_seen":7463,"resource_available":false,"data":null}},"time_used":1013,"timings":{"blocked":803,"dns":0,"connect":0,"send":0,"wait":113,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-0ba2916e.5e054202.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:02.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-0ba2916e.5e054202.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:02 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"6183-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6183,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6183), with no line terminators","md5":"c3834eba2f7c2b4f7707bacacc0db634","sha1":"25d67692af8f59f12bd604d611cb265cf462ef70","sha256":"defef8d75ca2611f5dcb60bf2b8a13db5192ec166bfd78ebb1ce8043e5c092fc","sha512":"931e37fff99cf8420241fb883c70f36bfd686c257e7138419f5382c9355c570a2ad850f225994b3c6e66cf811798ae640d8d1dfdce1e5f0ee578d42f4d887091","ssdeep":"96:V7sCqeuFe8vEzIYOlmpxjq37qkl+/iwZno+BfiL72SIlq:VANqMABfiL72SI8","tlshash":"0ed187133a666534fcfbd81e7a64ba8e3f5cf047d5862eb9f8586a61c4c38237b10185","first_seen":"2026-02-26T14:59:42.021612Z","last_seen":"2026-04-29T13:38:41.789156Z","times_seen":13,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-fe46833a.f2bd8913.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-fe46833a.f2bd8913.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\ncontent-length: 731\r\netag: W/\"731-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":731,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (731), with no line terminators","md5":"04fddaebcf220f89065a61a8972e9ff6","sha1":"a72aaad63f69552c1bfc2ce529d0934877a151a5","sha256":"fde628e3bf1d28a032a27b15fb82ee652f593c2de925664d244ef73294ca3002","sha512":"91283184ba4be03fc8613a4cb7476f38560ea9ce179e380e14c783b1dbd2a7b001596670057aca7a28aa80f63ff390a69ddada5e8730d7ec4ab353382952985b","ssdeep":"","tlshash":"b30128f3d1100422c1f7e617e1826898ff95ccb2e753c0afad92551d82caad70ba7b15","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-06-06T14:40:04.35256Z","times_seen":8466,"resource_available":false,"data":null}},"time_used":468,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":468,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-2b19c21c.9360a703.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-2b19c21c.9360a703.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:07 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"7998-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7998,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7974), with no line terminators","md5":"6885b2f2a0e647d5d34aee7678e6af81","sha1":"60a57b59a7d3d42e872a1d4e67c65a08370aea5f","sha256":"6782506b89444940e18b5390cb28cdb2f8bec52ce610caf4b3e83472fbd51d2d","sha512":"5647c610eddd596de69abf3c9b826bfe6f0d625f901bbb66ba0da662b2a3ea8c688d52c999342a271dade6428eda2fe2ba223690a9751d9e4a0b5d1f57d97c6c","ssdeep":"96:rfx+E6Ee08/8dv73tO2y5/Ifv6EE1RbWVu0aAfHZsALbYiG++T2GZG0/McEaeUUz:1w//w73UlIfy3AVraEGgr1bn","tlshash":"18f1fa4690036868cf5e508160297e34f4b53ed1b952dccaf7bcccf891a5aa5334e67d","first_seen":"2025-04-08T11:46:55.789599Z","last_seen":"2026-05-30T03:35:54.857069Z","times_seen":349,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/matashop2.svg","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:53.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /matashop2.svg HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:53 GMT\r\ncontent-type: text/html;charset=utf-8\r\ncontent-length: 764\r\ncontent-language: en\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":764,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (760), with no line terminators","md5":"69f9eeff8ff8c26a8602efe25136b391","sha1":"0e1a331738a6ce2fcbbe986377e29b4683f4a5c1","sha256":"51e65909d5d59a35b8e5d260ac636f7f405fdf4b146193057fc11aea164adf39","sha512":"e0ce38446201ee40cdf9f0cae8c07a682c42c071b7658a09ef75dee06df6b5ed5bdfd065bf649f3211ce0fd98510eb1c273325ce273de8db650b1e3b3e82a7f0","ssdeep":"","tlshash":"8901203ec20a1117fcb6487b36913ea8395d8c8392720734e8548af4d2865f8a76178d","first_seen":"2024-05-04T04:46:04Z","last_seen":"2026-06-06T14:40:04.492197Z","times_seen":2273,"resource_available":false,"data":null}},"time_used":2579,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2129,"receive":450,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"zhuzi-tk-mall.s3.amazonaws.com/type/2025-12-05/6a78496c-bf11-4ad0-bc22-f1c21d0ff89b.png","fqdn":"zhuzi-tk-mall.s3.amazonaws.com","domain":"zhuzi-tk-mall.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"52.219.184.49","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3-ap-southeast-1.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Sun, 01 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E2:2C:8D:84:29:A7:85:5C:5A:25:EF:75:23:F1:7F:09:73:A6:95:89","sha256":"B2:03:A8:4C:C0:84:F7:98:2E:76:5B:2E:DA:61:EE:81:14:BE:97:B6:D6:E3:81:4F:88:56:AA:E5:68:30:06:3D"}}},"request":{"raw":"GET /type/2025-12-05/6a78496c-bf11-4ad0-bc22-f1c21d0ff89b.png HTTP/1.1\r\nHost: zhuzi-tk-mall.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 2Fh7nUr9fJaoufGqRjOlLulMtr5xfAFrnj3uL0G8FbC04szRCM0ZHlLLbnwrH0rADBbwLMZ6zsU=\r\nx-amz-request-id: JWRXE3SC5FF3S999\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Fri, 05 Dec 2025 07:59:15 GMT\r\nETag: \"fe338c9b5d010848cb21a1db76fadf7e\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-myval: test\r\nAccept-Ranges: bytes\r\nContent-Type: application/octet-stream\r\nContent-Length: 227074\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":227074,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 704 x 314, 8-bit/color RGBA, non-interlaced","md5":"fe338c9b5d010848cb21a1db76fadf7e","sha1":"45eb4551bb82a4993dbc63c4bbc236b89b52fe61","sha256":"eac06e949524de896c14555b703c2a7c6e63c573083b7544a336f8c027fdde81","sha512":"e12280cde3ef9eb88c6ce4af8447dd342bfda378d30776541085a725f5624aef98c048e18e724f704b821de16afd3ff424fc4ad6649908c6885410f616111936","ssdeep":"6144:vIwTgSDMGq8hLz6R+CxH/SNXquhJbgcqnHNo3mznP8:gfSQGq8hO5/EDhZa23mD8","tlshash":"582422ae161261137fd59cb23cd193ac335797989d8dc1deeec305603eb802794eb886","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-07T01:37:39.205007Z","times_seen":5114,"resource_available":false,"data":null}},"time_used":3374,"timings":{"blocked":989,"dns":92,"connect":340,"send":0,"wait":369,"receive":1025,"ssl":555},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/445c45cc-a9b2-4753-8903-eb823436e494.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/445c45cc-a9b2-4753-8903-eb823436e494.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: zBdVL8bzXYRr2EOmkY28QV8V7Yd9dVdhleb5E/IB6NQFW3uO+VjU6Gh5KRqaCYplwu9F0P3Q0Cg=\r\nx-amz-request-id: JWRVFNENR6CXG3WJ\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:48:54 GMT\r\nETag: \"07f95e174804bff3d97c5b13f915cf7d\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 157447\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":157447,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1261x1459, components 3","md5":"07f95e174804bff3d97c5b13f915cf7d","sha1":"fd90a34dd34b37bf7d1c3f62c563c35d2ac8b82a","sha256":"872dcd22912f0f77f949b0642a505d3955f616d070da19c652f4312243eee5c4","sha512":"33010f75dbb816564d931260fb29a588407a9367f82140ccc3bfc33472a049cc8015a5a955832192affe139118dae18a3d5d2a4395227feb2cb0223b7dbc705d","ssdeep":"3072:UUwHcs93dkA8nkSsanKc4hUm1wyHhJ0qmz2WBJBrDymn8hKB1HoT:hs9tkXbsanKJOqCq85D58MB1IT","tlshash":"a0f312537850ac65dd7a4332a3266918bcc0e364dcbdc988417b9d4b87a811b6dbfbcc","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.516636Z","times_seen":2417,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-2343ec85.03c5e968.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-2343ec85.03c5e968.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:03 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"1224-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1224,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1224), with no line terminators","md5":"efff8542cb73c85ee85efd24535a5d2a","sha1":"d349fea54dd16de6874a420f79388407e2fd05cf","sha256":"0198f6533d83bd348a16ef7735fb444e4f4dab419e638d85ac95a4b700e44f50","sha512":"c78053b870e87027849f1478ef04aba055e91e98ce7d26c66b53cd7a58b8fda7bfadf4c9bf4612f0e0ba808029b2525045ec13059fdcd9c7d318d184ab60f126","ssdeep":"","tlshash":"d821c041719b32361477f8aa50a00275b811f3e79c1f4262fddbe2104bcb6273861e9e","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.423608Z","times_seen":974,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":590,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-2849664a.b30d78dd.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-2849664a.b30d78dd.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:03 GMT\r\ncontent-type: text/css\r\ncontent-length: 340\r\netag: W/\"340-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":340,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (340), with no line terminators","md5":"7de78efe8bf09e10f280567a395d6b1b","sha1":"a84403256fb9c265c757c632def2bf3681d921e3","sha256":"3c64df4c1120ae8af09b2670ec78de64165c17cfe281e9fd19d9a55277f38b77","sha512":"575e2e01d3b715fc66a4de91cbe6cde658c2d3953445a92f711f396196fe921f1ff198fa691271c8670688cac8b445a52076248bc01382ffdd4b6956c1137eb5","ssdeep":"","tlshash":"f6e020708b561089952be1438b034cda2af9e663d16395855fa3d03dd46704f2e2a785","first_seen":"2024-02-11T04:26:48Z","last_seen":"2026-06-06T14:40:04.395716Z","times_seen":7633,"resource_available":false,"data":null}},"time_used":591,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-50d79b30.0f594967.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-50d79b30.0f594967.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"2488-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2488,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2488), with no line terminators","md5":"4890366680b9e8d4c468a8489db5d4ac","sha1":"d23b2634a28b365388c81e06d4489149c75500a7","sha256":"0b9eaa9bf0012af1f82493c9cf550761f87f87c3a793be2c3c5484aa44cab4ba","sha512":"98d5ae88c2f3052aab4a1139d61329c29395cb24e33e9cb8313ecf136874191df1c32ee68db83dc7d28029a49c8a0c25cd49f02e27e4c6fdb368628d782af404","ssdeep":"","tlshash":"235158712490297457fefa2a9c8676ab3103fd93e61150cd7847871e8cdafd228e1768","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.501354Z","times_seen":2074,"resource_available":false,"data":null}},"time_used":448,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":448,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/img/shoplogo.50274c6e.png","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/shoplogo.50274c6e.png HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"35334-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35334,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 4541 x 1500, 8-bit colormap, non-interlaced","md5":"50274c6ec03bdd29860ba1738485ac22","sha1":"2bbb553cb082664359269d11d1cf11712b2ad939","sha256":"1d513ce23ff8b99b35295de7b2ae9a016185efbe2d71d9ef3f9055a2203f7ce3","sha512":"0fff81ba754363fd949cbb19afcaec59099fcd7b360ddeb82dcf88123df81090ba876427ca86b67d4a3e0b1ba27be92bd6682635f2abc3aff4940bae46b23e74","ssdeep":"768:S9GMWYt0TzyZATuKVZZqKDLtpPRrfGI+6YBOnavJSIeLvaI22M:SoNYtUe3AyK/XZrfGI+6YO0JBMvaI22M","tlshash":"56f2d0aeda09cd47f6223e304285519df1f97cad5346f8fba922c1177a5731c232272a","first_seen":"2026-02-26T14:59:42.006444Z","last_seen":"2026-04-08T00:27:57.164442Z","times_seen":8,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":607,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=1\u0026lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:59.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"POST /wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=1\u0026lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://diwkr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":844,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"23b6f608e90a8b330e43393b9e47bd01","sha1":"2953423ea70806d4a997748d5b14f7a55c42cd0c","sha256":"ace607a13475713b52f4638b8358ab1ec48e4a22a528503dfc39a136075e5042","sha512":"083eb156fe2b4f67a497864cc36191b45ca9c32838beaa891747cfc5fc24a92d3af63dcbcb97a9fab794f3e8fa6f8731283a9ce28381e53f3a1f7f3360a9bfbc","ssdeep":"","tlshash":"3401ef0a1388d464198abbc2c9ceb980d39c638b5ce44e96d59eee4c1625f38251d753","first_seen":"2026-02-26T14:59:42.026515Z","last_seen":"2026-02-26T23:43:04.836032Z","times_seen":2,"resource_available":false,"data":null}},"time_used":950,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":950,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp13/B072P17XY7/71XaaByITlL._AC_UL1500_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp13/B072P17XY7/71XaaByITlL._AC_UL1500_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: bNaMG4+60jfL9zQHEJdXo99KSj4eV077jTj7EiTHgKR9tfWQuca6GtAP0y79+hLRaslzQf87ZbI=\r\nx-amz-request-id: JWRHG25DQZRV9M5X\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 11:55:37 GMT\r\nETag: \"c07031c87ba3f296b2a29ebb53a76efd\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 0f0b3c3fd5b39cff700214dbb4d052faa05dd997f97c50e949ff2ff957d9a07a\r\nx-amz-meta-s3b-last-modified: 20230429T135853Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 50291\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":50291,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 546x1500, components 3","md5":"c07031c87ba3f296b2a29ebb53a76efd","sha1":"8797c19f69bbb48e4c42bd372747c9f72a59424f","sha256":"0f0b3c3fd5b39cff700214dbb4d052faa05dd997f97c50e949ff2ff957d9a07a","sha512":"65595c1eba2b03cf51675d61a3973bcf1237d19c85cefa96919172f3a54a7ed6dbd32877ccf384acc924349de486e770d07272aa2bf59eacbfdf8afa1d589ad0","ssdeep":"1536:+XiOB0fBqBhRvoS/ImRQ6o/Ka3yaegiBC:+SuvBTt7Jo/KW6C","tlshash":"0a330122c3c962f4f8011fbd0d03a1bb54991908570a9b3b376a6ab2c7641496fc7f6f","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.341579Z","times_seen":2385,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":98,"dns":0,"connect":0,"send":0,"wait":158,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-96625288.b488a9b3.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-96625288.b488a9b3.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\ncontent-length: 455\r\netag: W/\"455-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":455,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (455), with no line terminators","md5":"349139296c5738f2fbacd031343b6bff","sha1":"db2e6346f94985d180c7081db376465748e60841","sha256":"d7ce0fa60daadd138b9d842897feceaba382258f85832df2680ce83f43f0cf4d","sha512":"066cef44f8abb789338e33e9adfa7983344be69f276be860abeac2f458d3993eb3e6180547d19487e037f186631c9477d0cbe3c907371d9facfea31cbbf86fd0","ssdeep":"","tlshash":"ddf05c562b1a61baf8f3c02f20420aeb7117cb4f531bc07957a2e631c947a8b6f71460","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.480411Z","times_seen":2110,"resource_available":false,"data":null}},"time_used":441,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":441,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-00cedfd2.4003f8a3.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-00cedfd2.4003f8a3.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:06 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"33010-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33010,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32974), with no line terminators","md5":"f1829233d24683b188d21846049581a0","sha1":"e5f0526f630d8615a9646001f3c9d89e228ee460","sha256":"b698a01dad496ecec5b06cc40c3b7998d7a51c43f4b15e8ab0fe4fd56aef15d1","sha512":"2446788c7db2d046f8f7cf0d78026f2fced4ee7a897d892e4c3c565b407513158a302d5c3996114b03c019d453cb66597c3c9691055a1d5b81e3db5af5da1086","ssdeep":"384:qzsnfX8TCU86Zb2aMsJ0CnlDKalAeuMoPu/QWoYqWvztrhYO1B8c:XMT6sJznlD4W/QYHdYbc","tlshash":"74e21a4794816c3d8f57625a341b1298fa362b85d442cc96b53cfdf9e2aae30331b76c","first_seen":"2026-02-26T14:59:42.028332Z","last_seen":"2026-04-08T00:27:57.216528Z","times_seen":8,"resource_available":true,"data":null}},"time_used":481,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":481,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-26T14:58:47.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:49 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"5607-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5607,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (5607), with no line terminators","md5":"3897ac598f6dcb39c825c72577e95f6b","sha1":"23a125245ff700b41b8ab9ba07447e0022636f4e","sha256":"c73d82981bd9f9a5e5b45bd75ac952df6989cde3a52a7e62c0795ba49d2c5c3c","sha512":"d0bfce944503556ba4ed29edf17b52adc070ba7c3d76721d365296ca00cab5f27c29b754c4772d7b79f7bec7def065cf1f010c2927f4bdc3388727a33c0a7ce3","ssdeep":"48:/x0PMuZ+JQdS0WH8kLGSRhtmEIdUAqNfphBzHIAq6Ib7iA81u:/xAv2QO8S/GmBzoN7oc","tlshash":"41c127b9da00618fa9f0de879e28f72be9cb8c7b1530e0409158d85fc868fd5552bc83","first_seen":"2026-02-26T14:59:42.029375Z","last_seen":"2026-04-08T00:27:57.229429Z","times_seen":9,"resource_available":false,"data":null}},"time_used":2801,"timings":{"blocked":1140,"dns":49,"connect":521,"send":0,"wait":522,"receive":0,"ssl":567},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-00cedfd2.4003f8a3.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-00cedfd2.4003f8a3.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:58 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"33010-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33010,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32974), with no line terminators","md5":"f1829233d24683b188d21846049581a0","sha1":"e5f0526f630d8615a9646001f3c9d89e228ee460","sha256":"b698a01dad496ecec5b06cc40c3b7998d7a51c43f4b15e8ab0fe4fd56aef15d1","sha512":"2446788c7db2d046f8f7cf0d78026f2fced4ee7a897d892e4c3c565b407513158a302d5c3996114b03c019d453cb66597c3c9691055a1d5b81e3db5af5da1086","ssdeep":"384:qzsnfX8TCU86Zb2aMsJ0CnlDKalAeuMoPu/QWoYqWvztrhYO1B8c:XMT6sJznlD4W/QYHdYbc","tlshash":"74e21a4794816c3d8f57625a341b1298fa362b85d442cc96b53cfdf9e2aae30331b76c","first_seen":"2026-02-26T14:59:42.028332Z","last_seen":"2026-04-08T00:27:57.216528Z","times_seen":8,"resource_available":true,"data":null}},"time_used":634,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":634,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:59.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"6e1a35fb2d546ea9abd621cbb5d4f0f8","sha1":"6f59e7019e497c2599fec9e12d75a7881b323202","sha256":"acc150811afe0691ce1d1d0ae9287a9375b34c88f26cad6cd2dea551eb8ef700","sha512":"972a5ff54af1bad790a031976f27b590fae1b6d9bc95cd19db5cba9bcfb502317c95568b21102bc8cf7c79a975fee424a48547da6efafaa65ad5bb090e349125","ssdeep":"","tlshash":"5da01203164c0436015390843c1d3804895e306348d09a10eb446a5000a90680400c25","first_seen":"2026-02-26T14:59:42.030265Z","last_seen":"2026-04-08T00:27:57.135019Z","times_seen":8,"resource_available":false,"data":null}},"time_used":943,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":943,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/60a1fbda-8b7a-4e10-8330-6b90300f8177.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/60a1fbda-8b7a-4e10-8330-6b90300f8177.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: ZTkrLurxPMcrUZQQJgM3eEcB9wb+8/19fqRGPqE+hOF0db++YeATwF/GV/pEbXe0W+4FBsibbZQ=\r\nx-amz-request-id: 7RXEYTTQ44V92PWC\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 20:49:55 GMT\r\nETag: \"6c940aad2dc2544cd2897468bb9fd97e\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 68214\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":68214,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1402, components 3","md5":"6c940aad2dc2544cd2897468bb9fd97e","sha1":"f72f714028b0db42c1ceadeb3bc0778347189736","sha256":"830c5b0169830cac824ae8d0298c5072a7c9c3e1ee9842303d5999480581c0c7","sha512":"e72e299e873c5e0388d40d8d18826cf5ebe692ba77e5b690e971d83a9b09a19bfb971c15f340e0aa723d50348c1dec3fd3ba62e25d0d4391192a3021244ea183","ssdeep":"1536:0o2PzgSD6MwWin41mI5QZahL+96BlxtYjTa0Kb0of:WD6BV4xuaI92YjTZKQof","tlshash":"80630291e1b0c897e821c7ba60407063f565cfa9f550dacbf36a49a4b2a1f450f2ddd1","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.580458Z","times_seen":7514,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":210,"dns":4,"connect":92,"send":0,"wait":115,"receive":95,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/09f4347f-2277-4985-9f28-668a55470136.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/09f4347f-2277-4985-9f28-668a55470136.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: yv9bJueloaoNIu5dX6yLPORaO7Q2UlEsJOauzTSD3OAlCmcRA7B6wZwLcBBMr1GRazkcVnP+nPU=\r\nx-amz-request-id: 7RX137W237ETVD3S\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 20:46:46 GMT\r\nETag: \"6c0d8870785f0488d0b7142263a15170\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 117525\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":117525,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1417x1500, components 3","md5":"6c0d8870785f0488d0b7142263a15170","sha1":"aba57b51e93b5fd1a624f84850eadbaa1c110bad","sha256":"3a90f757acc9d4e5d3088beb21be69f9542bd7e056d6a936d4b920ed7286b665","sha512":"04e4da2f923f15b3c32d6329c9e2f1cbe4ce58f8f09fd03823529da74504d1fedf8317083b1ed370ae9917cb5fade27933d50d4506c1b1e22f373e6d421c7551","ssdeep":"3072:FpBFO7JLZw6p1LoD9WiupE9nfmQXdxt+jm9p033qF:FpBFO7brLoD9WiUEFmELtZp06","tlshash":"f0b312f876a8e373cb7a3e3801d9e95e9c62d16e653ed4524c79144d30100f6c9ce9ae","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.377911Z","times_seen":2399,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":344,"dns":0,"connect":0,"send":0,"wait":116,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/74320950-831e-4dbb-887e-09fbc2c1b501.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/74320950-831e-4dbb-887e-09fbc2c1b501.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: aHFHVBI/FfkwIxRsXX67VF/+wo5QBWOeAsiw8fpxaZINNB7MamtTcFcfrxQf6CSgiHgi9TcpNts=\r\nx-amz-request-id: JWRX8JV5J6X1RTQS\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:50:38 GMT\r\nETag: \"755beb0acc47fd21e538c3b25359b060\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 138697\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":138697,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1500, components 3","md5":"755beb0acc47fd21e538c3b25359b060","sha1":"3ea9d8c04dc9f72448f2b72802065cca80a98b53","sha256":"9636ca3c7079d5e57d692b66104fd9c53854c54b9c074dc79c974d52fab6fc82","sha512":"9239457347dd2cc3f21401f59280fa233cf0f74d4d47415112e3666210e07410fabee8fd06346880890d5a0fa1211e3d2754bf6c7b83e7fd23e83d8af70cf2d6","ssdeep":"3072:EYIZstVjQOeoAYzeufLqX99sd9JGjY96eDdlswyo102lnkS:ELuBkoAYaKqX99sd9JDQeDd+wPnB","tlshash":"4ad3120e32b8b5bdeded11f0b19970bbbef5e15a4a830e4e1e8b650a57358457c4320e","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.503554Z","times_seen":2287,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":102,"dns":0,"connect":0,"send":0,"wait":159,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/d80b2606-3bc7-47a2-bee9-d040619a34a6.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/d80b2606-3bc7-47a2-bee9-d040619a34a6.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Dsd7AwvdAwzv/pjsuXxrtDD+2JYIe6nf8x9MSgOyuZn7y91s7UtQm9OUjKG+XKvjxjXSKCGsj3RNhLR+95wihi9baxU2qlcO\r\nx-amz-request-id: 7RX66TQSHN3WEN98\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"ad3bb72e6cf979df37c56cc70e70710c\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 46207\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":46207,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"ad3bb72e6cf979df37c56cc70e70710c","sha1":"f0bff01c9d923ad55250ef7de41afae41cbe3f90","sha256":"50294b071e29cc9e8afdac176dd2fbc62f4c36265d5f494d96a7ab2908c1a643","sha512":"1fc3e1b07a86c34fb8c9720f8ff8c2a584cfb6dfe7b4e34d53f2f0555e558fe95f5a62bad4a6874a64e081cddae0defe530870d76dcf1551ca45ee570b582ce8","ssdeep":"768:GOSu2YQp+gujkfsasYaYtu/tgiE/c1tcDkV2FynHs5d4RX3S6cqUrolLoDzT6S51:GOt2YQVujkfTJaYg/wU1SYSJ4JcrsLo/","tlshash":"4f23e09b86804fdbf03acbc53f272d985b41fa0944d0b4fbd1e986af1f65622285c48c","first_seen":"2023-11-07T02:37:44Z","last_seen":"2026-06-06T14:40:04.514115Z","times_seen":9823,"resource_available":false,"data":null}},"time_used":1303,"timings":{"blocked":545,"dns":17,"connect":101,"send":0,"wait":117,"receive":94,"ssl":422},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/e1158c3f-a786-4374-aab7-3f4dac76589d.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/e1158c3f-a786-4374-aab7-3f4dac76589d.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: ueqbxGF+XUwReHzREa68RY2cdDM00sO4+OdnA9aJrrTEs9K5jleK0vlY/GLoTtwSMWdAjmpHVQU/WWf6VN9Vog==\r\nx-amz-request-id: JWRJYRRKWN34WZ3D\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"dbb5460537325e381060d6a696bdabba\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 66319\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":66319,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"dbb5460537325e381060d6a696bdabba","sha1":"852c6ea174a0fcdd7e7351b5bc5c1ddc309d87a1","sha256":"3ff029feb7f2d1b0a7bffa8d5060030474f569524abd014585f373a17fc09695","sha512":"404f949ebbad69f94ae8b173c2c1d8807599df69c51675e3b0e06bc0953f94f95a51914abd77bf684dc3c5ff42249defe6152bf148f4aa8c1515fb8d29879374","ssdeep":"1536:Gi+tPxNX6ucnz4Zw7vPYpNuirA5gmQGo1CISuKbKNiI:F+tHKucnz4Zw7vPYxUpPHIS7KNh","tlshash":"cc53d0a31a450fd35629e3e67f0799284fc65b8d94e039ee11d358e37ba13b3680e11e","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-06-06T14:40:04.308172Z","times_seen":9841,"resource_available":false,"data":null}},"time_used":1055,"timings":{"blocked":937,"dns":0,"connect":0,"send":0,"wait":115,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/img/right6.b8bac159.jpeg","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/right6.b8bac159.jpeg HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:01 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\netag: W/\"5087-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5087,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x152, components 3","md5":"b8bac1593a48bc443848bb3a683a551d","sha1":"308b1b03b09b9865605a8210d0829847ae0d27e0","sha256":"10a746b60bfa7ffee5b3cb5d7b628ef08774e826d869a9418ae618da09219b61","sha512":"b4728b8792aab88c835d7058e7ae673c20e2d421d0e23d57b7b3b5fc69b00dde745ba47586721c3f5d05fa36f914aca9b483570011e03ed6e90b9772de3cbdce","ssdeep":"96:WhxxYqBhBnFMEKYhu/hCbjftpvzaHZx+RxXP+1VHaWccmRAi5Hx:EPdn2E2+nba5uZ+1VHatNl","tlshash":"6ca15c81f553fa1bdb8293b099a43f100f217c332be267bea602581c1847ef21479b96","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-03T23:39:34.542414Z","times_seen":4713,"resource_available":false,"data":null}},"time_used":594,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":594,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-356c00b0.3a3fd33a.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-356c00b0.3a3fd33a.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"5717-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5717,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5717), with no line terminators","md5":"e79c00cb7ca8983a851123ba2995282b","sha1":"d6439cbac31440161232b30bde84f72dace6f3f3","sha256":"1f395dbf216fac976c28ad9a5d7310f5fa0a4a58d6465be836fe493c7d9cda06","sha512":"96f881d710f575d2d4f87a2610d16c2b87fb5874dc4afda800ba5f175e57498e791ff40889a3e3bb4998df8738bab4f65f3f790ba6fe077954a434d181ee9d17","ssdeep":"96:GXz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGVk7AtWA2WyUfsXR:Iz5sbKYxgCtCowY2duLGm7AtmIfsXR","tlshash":"3ac14c7be839f03eb52615b9317819ceb814d806e1cd8775f748772cc4c30932b2925a","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-05T08:23:29.909974Z","times_seen":3235,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"zhuzi-tk-mall.s3.amazonaws.com/type/2025-12-05/fcf41c00-20f7-4629-b552-f455c74e7cfc.png","fqdn":"zhuzi-tk-mall.s3.amazonaws.com","domain":"zhuzi-tk-mall.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"52.219.184.49","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3-ap-southeast-1.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Sun, 01 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E2:2C:8D:84:29:A7:85:5C:5A:25:EF:75:23:F1:7F:09:73:A6:95:89","sha256":"B2:03:A8:4C:C0:84:F7:98:2E:76:5B:2E:DA:61:EE:81:14:BE:97:B6:D6:E3:81:4F:88:56:AA:E5:68:30:06:3D"}}},"request":{"raw":"GET /type/2025-12-05/fcf41c00-20f7-4629-b552-f455c74e7cfc.png HTTP/1.1\r\nHost: zhuzi-tk-mall.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: CAIdyU9qSq6O1lZonhRhjE4KYX3+xXjrqKlhZuYTGXUlp2ZWrqHpC73ijA9wU7tUWpuO8/I5rio=\r\nx-amz-request-id: JWRXHHTB4SZECQYT\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Fri, 05 Dec 2025 07:59:43 GMT\r\nETag: \"9f38d77d904f502b512c9ec5b8ea5906\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-myval: test\r\nAccept-Ranges: bytes\r\nContent-Type: application/octet-stream\r\nContent-Length: 167342\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":167342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 704 x 314, 8-bit/color RGBA, non-interlaced","md5":"9f38d77d904f502b512c9ec5b8ea5906","sha1":"1bebdca8e525a4c016780265cf05ba2e0621f652","sha256":"7be1f4180d586218d352c2e46603c046fbacdf908313b987becca84e09bbcc2d","sha512":"cbbae2f0cee0235b23fdf99e7e006101c9a6d7001a5c43cd2aec059fe207ceb0b17a6f51754406e006a7d3b78221ac572aa3db6e2efa58c36a7f1baa466d305b","ssdeep":"3072:2zHXQyGpimL+GdP+1wNE2AneMrUhkhYEHuxS2Sd4EbgdNSoDejQT8:2zHgzc4+Cm2AeMXZ2SdFCmjD","tlshash":"92f323e5cb37e0a3826f6a210d5da645e507a04727113fea532a8f53c38d3d75687ec8","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-07T01:37:39.254411Z","times_seen":5381,"resource_available":false,"data":null}},"time_used":3023,"timings":{"blocked":804,"dns":90,"connect":345,"send":0,"wait":376,"receive":1036,"ssl":368},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/fd370537-bc59-4d31-a9c8-e7bbfebb9c9f.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/fd370537-bc59-4d31-a9c8-e7bbfebb9c9f.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: nSPLT6pO9dHyqXzMpcZSk0GMaSUHncma+nIRch6uwS89bDatmPVI3pLfR9tFAOYy25skSv7txMDn1gxea6brGA==\r\nx-amz-request-id: 7RX4TZCKSNR6RKH5\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"87706f749b341f09c0d4f313a08fc43e\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 29992\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":29992,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"87706f749b341f09c0d4f313a08fc43e","sha1":"1509845938ec37024267488237d11e718cde9f13","sha256":"b7fe2721d939005c3d167ba39f1512ee5ba880a08fe370ab93dab990ff0a914f","sha512":"862ad1c48221a29e8fbeeef1be46b06d77617afd44de9e63598e0f746aa0277ef3c79366454df627aa6c12f465440d729d9157ba768922c90a574439df2d195c","ssdeep":"768:Gv6RenUljXtCiU+uKMHNDBp56HJJg0+Fz7P:GVnUlJFiuJ6FfP","tlshash":"67d2ad27aa50afd7b448d7a2ff030d862fda522c41d439de81d76b436b18b77480d1ad","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-06-06T14:40:04.347007Z","times_seen":9858,"resource_available":false,"data":null}},"time_used":674,"timings":{"blocked":555,"dns":0,"connect":0,"send":0,"wait":117,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-11-01/b1365176-2126-4b52-893a-d823ba7fa752.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-11-01/b1365176-2126-4b52-893a-d823ba7fa752.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: VOUVinMeagsfGWVfO07c9Q76tY136bSuys5hRjVjHlkcfnc2H28+f5WiS+10wCFZ0WxYxpkrRKTHPHPoFxb7Cg==\r\nx-amz-request-id: JWRJ174EJN0X7NWF\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:36 GMT\r\nETag: \"57fc8f526d4275ea03d2bdbdc5576892\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 170933\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":170933,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"57fc8f526d4275ea03d2bdbdc5576892","sha1":"648d7e45b5f40cefb1d18bb9c726fa2194627313","sha256":"5b08dd67e7ff0eb29804f686a825a0607fcfad5e509780a30adfea265bc26d6d","sha512":"046bbf2c489dd817458bb078c2a21eee87949f983e0924087800414acb782c41e1e777873e9bf43ad90c456a764044b9a142646b88ca61a2589c90e0a31b860b","ssdeep":"3072:uZZZCa4TScGLIk8FhGOovWdjezklGcjjltrXy2zm423z7LOOCAr:u3knH9GOusjezklGGltri2zm3fLNr","tlshash":"a1f31238ed7ef755a4fad15f910cada0a0f877204832a5813e37d7d437c98a192eb249","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-06T14:40:04.309449Z","times_seen":2454,"resource_available":false,"data":null}},"time_used":1260,"timings":{"blocked":1049,"dns":0,"connect":0,"send":0,"wait":115,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp/B082Q6RMD4/51LNp4aSxDL._AC_SL1340_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp/B082Q6RMD4/51LNp4aSxDL._AC_SL1340_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 0Ir2LYBAVxjT266FKgf0BEqogULjpi+BgUUo/rTrhrnCHSmjXJ3BFpeMdVF5R1GSfKxhddKp+9U=\r\nx-amz-request-id: 7RX3GS2PBXCP2CRR\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 02:54:04 GMT\r\nETag: \"8827b56e1c75a8cfd6be59a5b6d760eb\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: f63ce9701ef5941dd9ce6ac432a09e5636f1e0685ede2c4aebb39f96638eec8c\r\nx-amz-meta-s3b-last-modified: 20231026T124940Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 32549\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":32549,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 431x1340, components 3","md5":"8827b56e1c75a8cfd6be59a5b6d760eb","sha1":"24f3ff786d1c9fe9e787bd9d1977b90aa1d9c3f1","sha256":"f63ce9701ef5941dd9ce6ac432a09e5636f1e0685ede2c4aebb39f96638eec8c","sha512":"233fbb69169772f8a86abc5ea61ae787e1d9b003148430041b7d3e38adf1257e53f1bbb07f31f7893dbda96679864f8d78d9587298deb69013ec2612f7a02d49","ssdeep":"768:dx2GWbs6oBwPJj88PBuMQmJOcjEiKyquTxPOKIjktU:Oe6zPJQ84vcjEinTxGKIjSU","tlshash":"7fe2f10582cbd7d1ed521c7225fb3336df24eb0ea5fad05d3b202b86951ba652683c51","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.522869Z","times_seen":2370,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":122,"dns":0,"connect":95,"send":0,"wait":120,"receive":93,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/5a905e1d-1756-453e-bc49-baabb5267acb.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/5a905e1d-1756-453e-bc49-baabb5267acb.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: ASSBZgzDT7n67i/z+tYTKjEdTAzMjhygNQC4c3NQGmUUVKIgXOd5hBjPvJcN0/DOw0pfMfviASY=\r\nx-amz-request-id: 7RX57YMYAKMC338H\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 20:49:42 GMT\r\nETag: \"d65489337eec1ccd7aa3b7d4e85cce6f\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 47706\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":47706,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1500, components 3","md5":"d65489337eec1ccd7aa3b7d4e85cce6f","sha1":"363ebd6574ea0eef5bd9fa6ea4245988329dbe21","sha256":"9e10a358d6e01dd67c6fb8668c84cf319256fd3e31e95a65fcce29f090c43baa","sha512":"b4854060269a85c9f2f15c2f8c31144f09d1b29b3d68849886ad40ea128e8e3f86ef2546b42e19afe271bf97b66ddb135c3c52027f73ad7dfae5f87786160a23","ssdeep":"768:19SyEOYqddNLA4oD7z2lkXynB4d2ABlYO2yENr38m1BwZX5plmQQctt9QUMRyqQ6:uyfRddNLpNlWyud9lPiAm1+ZhmBA2U6","tlshash":"a32301427fa5aa8bd238af3157c3e749b86f8289d2a61d01f175ac128d41712fd6cad0","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.602933Z","times_seen":7694,"resource_available":false,"data":null}},"time_used":529,"timings":{"blocked":119,"dns":0,"connect":92,"send":0,"wait":120,"receive":93,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-13770fec.e35687e5.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:02.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-13770fec.e35687e5.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:02 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"2934-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2934,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2934), with no line terminators","md5":"6c9c06504aeaa44eceb02b42501b4d05","sha1":"f44d6b5f35027749a0816164f09b9bed1890ddfa","sha256":"f00be6b0aedab8ac5e7de13774b195a7ea74e9ebb240a077a80f953ce6ee868e","sha512":"915e73c6db5b1607e430494b9064be658f02e64a04af9de8f3c615fc034bcd7fb8dd609a3df2f40ee8f652f430d94fe31e6ae3080ed2c7242c3bb72f6073c923","ssdeep":"","tlshash":"df511fa139392a7c4837e067b1d5d5af70a8f25bc0b786cd8ca1335e9cc32422d126ce","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.330347Z","times_seen":964,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-051db46c.db17aa09.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-051db46c.db17aa09.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:06 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"22340-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22340,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22270), with no line terminators","md5":"c18ace9302de44d5649119209aa6ff0e","sha1":"19f0f9ae30888f41094224e87aeed14ef85a314e","sha256":"5cb2c0b02b820a5d62ca764561596607b513561ad36fe2012e327fbcb9a61577","sha512":"d75736edcdd8d9d5a3e8b1786518079d75c7ca2678657b91215a64920e83bc772be94c229c1b6cd9d38ce0d68e9f621296bfc565618d1d9f3196ee8a18192462","ssdeep":"192:KxthRrXBrjBcEiUtB73GKmQQBNgtTkzsuQ4y1wTYDLihd15pa0L9IeuuyWwQmcuA:EXJBEo72SJlU9AH9GPWq69IvxdR+4Y2","tlshash":"06a2c40ea145fc9b0fa272a5701f301160568444680a9e56f778cdfab6ffd257a23b3b","first_seen":"2026-02-26T14:59:42.03909Z","last_seen":"2026-04-08T00:27:57.152734Z","times_seen":8,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":483,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-07/78b9c29f-800a-499a-a640-a12d95b6cc7c.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-07/78b9c29f-800a-499a-a640-a12d95b6cc7c.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: fDBi1x+mlcu2plnKpiwZvPGm9kvxoaG+oBA4aeFQ81yUUfwcRIhqsiGjtjxo5d947JSNNy0UUFuArtr+xIHcJw==\r\nx-amz-request-id: 7RX55QPKC8RR4C3E\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Thu, 23 May 2024 01:47:07 GMT\r\nETag: \"013fe4aba3bf16f7e54fc87414f2fcc9\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 48075\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":48075,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 857x1050, components 3","md5":"013fe4aba3bf16f7e54fc87414f2fcc9","sha1":"78d37fb3e926e07ff603a0e1d2246523301dbf9c","sha256":"0ea676e6317e0aa668ec454888b2f5a28b97008372616a9b73246ea783643b4c","sha512":"aa8e69c89fad117f57c1d46dedba44e56721d6d8fb70b89b67e51e1ccdb5a8f3398c3ec85fe0d5f69827c0624bd1918b92b21e99f65801e1397232e705f3e881","ssdeep":"768:1cS2+ioGBA89RGlxoPquyl4Y2RKMmjbTai8u6JZfHRAQTGyGsp7+i/27pUi:45tBA8uH2RfmjbTTH6JZfHR79pzuei","tlshash":"8223f12856424859d5a1c1ba507e4def23c2b132bfc692c770cbf2481bea7a9f254e61","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.596531Z","times_seen":7380,"resource_available":false,"data":null}},"time_used":888,"timings":{"blocked":680,"dns":0,"connect":0,"send":0,"wait":115,"receive":93,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/a7892ec6-7c9a-4017-92d9-5d88ec058706.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/a7892ec6-7c9a-4017-92d9-5d88ec058706.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: NaCV00AQs8IfTZG7+LHqX4kMPhh4nVglttH/7qa0t48J/l+UX8fG2RLTUHOrePy/0n1ktCHa6GI=\r\nx-amz-request-id: JWRYKADQTA1MVYWE\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:52:31 GMT\r\nETag: \"4733341abffafac1a80a87d73b929a0e\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 46462\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":46462,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x816, components 3","md5":"4733341abffafac1a80a87d73b929a0e","sha1":"2ed57cdd64866e32ea7315eab53f957943fe7535","sha256":"488b95a8657fe774d74f2c2b03f858888868a277580ae75cd4c45796bccd447c","sha512":"e1db1ff22f5f486ba861cbf7e2e6cd4c701fb2610f9049bae3e4112f7e359d8073e7ada5c955122817689e00b314a5bbd465b325c264c277ce73c2ee61a67c48","ssdeep":"768:1Z94x5KIpQt3/N64yyRimzuVWddwpQairYmoxTWHoJvtBy9ZsdVj9hLvRH/pVexD:n943DuRLyWisu75iRYTLRQsdVj/LJH/G","tlshash":"032301f73328b9a2cbda05741372f6a03265f93716fcb6024450fa70b16c552f598b6e","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.553203Z","times_seen":7565,"resource_available":false,"data":null}},"time_used":943,"timings":{"blocked":829,"dns":0,"connect":0,"send":0,"wait":113,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pachong/gaoqing/B083TRDV5R/51n3W0JxmfL._AC_SL1500_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pachong/gaoqing/B083TRDV5R/51n3W0JxmfL._AC_SL1500_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: m6z/nmLeqkNKvllCiXEUfjpg6MHfAxang0mDYwgBWz+TA2kxXPKQqAz6fFaMlbezDewa6p3AV2g=\r\nx-amz-request-id: JWRG8NEGSE7Q803C\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Tue, 21 May 2024 20:30:08 GMT\r\nETag: \"024f3ba30a6e5258147db3fc66755883\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 25549193484395a6960481470b9eb8284a667b3fa147a766f9e725717aba24f3\r\nx-amz-meta-s3b-last-modified: 20230415T142456Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 60364\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":60364,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 914x1500, components 3","md5":"024f3ba30a6e5258147db3fc66755883","sha1":"37d404ba13429e44bcba4d4a9a49aba6215e93b9","sha256":"25549193484395a6960481470b9eb8284a667b3fa147a766f9e725717aba24f3","sha512":"b02ed30d00443ac85d31bb467ee41c6efd3d395fd164a84b37ad5d9f4837a2415b2f9d04935d31665231dc776ee72aed285a73d16b0260957b5ef19d3928c905","ssdeep":"768:1R7PirN6neLXjYLRvqhOJdGEN9J+RhC0VRAs7BROG/bQXj9sNNIyMtSp7JN0/hcz:jrQtL4shcdG6JUC0P7rBbUSN6ggY+8","tlshash":"c643f29707a7489ac8f4343a5e12e1d4dd58ee5b259b6fca78f06f4d33060c326b0297","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-05-31T17:27:36.631912Z","times_seen":7461,"resource_available":false,"data":null}},"time_used":954,"timings":{"blocked":835,"dns":0,"connect":0,"send":0,"wait":115,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-07/f204d4bc-b984-45d8-b4c0-c64cd323a50b.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-07/f204d4bc-b984-45d8-b4c0-c64cd323a50b.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 2QcQRkG9TTtlSnfqhtH5wUyv3b+lZFDQSp9/54LuO/NLnq/ep5kamkkfDB5ePNyyqbeoWkPEtnw2iqAL+I3LNQ==\r\nx-amz-request-id: JWRXE52D0XW8TKJH\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:48:42 GMT\r\nETag: \"eb5830f9537ac75127130551276084ef\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 96209\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":96209,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 552x1500, components 3","md5":"eb5830f9537ac75127130551276084ef","sha1":"79cd82c86181ee69f0202b0817623ed0ddcd9753","sha256":"4c513da923d6affb6789d80dc2193fdec698edf2269ee75adcca490a8104b007","sha512":"267cc959d96d988a6ad817851bd3e5407e41bc18c4a8e8a46179bd78795059e6712136967e43df45ed73723bf5aaa0bbd1163bbf848ef613acb19d2705fbd3a1","ssdeep":"1536:vukkjh8CymhA1P3GeueP0JoPu2cJ6fMjnBMauEQohjoK/9kOLSDCkp:vdkdTIP3wvF9UOMau4OOLSBp","tlshash":"f493120be0874b5ef89f06b843592a17a6fb51dc294b0891f3b68dd08652a50dccf2e7","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-03T23:39:34.497506Z","times_seen":7047,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/4d106467-e1bb-4199-91a3-14c09c397800.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/4d106467-e1bb-4199-91a3-14c09c397800.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: WEh41A7ZHkYsNoT6tZQWj0sCiMdJfyDLn7hHxh6A76OqCiUzxTmrkmIlT2Bt6IZ+M7U6erQSqJI=\r\nx-amz-request-id: JWRNQZANK5D568F1\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:49:13 GMT\r\nETag: \"14d9f42f2c63b1613cc542428d426122\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 82584\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":82584,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1470x1500, components 3","md5":"14d9f42f2c63b1613cc542428d426122","sha1":"00e4462aa838f47df6791daf815e8eb0a5cd4bdb","sha256":"755dcfb51fca83949bf37ee825b678dab8b0cdd28d284dc614d367e147e6464f","sha512":"f306d811d90201f184c9381f938e563403ccdea51be8dcaa96f6a040424410bb313194077dbb6431ded01deeed1b7fd7d0698b962ffd3c6c2b04d3f886619cb8","ssdeep":"1536:GnQEa9MqP9A4s7zP1m7+PpzKo0Rm6c2/DJfjgo48h58th4WsEP208:7EadHUj07+PENRmLmlf94AetuWN8","tlshash":"e78302ed3bcea846f6ff59bc185ff48469120935eb324643e31274d8c6b86328f25465","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-03T23:39:34.474531Z","times_seen":7154,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":97,"dns":0,"connect":0,"send":0,"wait":147,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/9f9c23cc-7abd-41ee-a116-01eed9d588a5.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-04-14/9f9c23cc-7abd-41ee-a116-01eed9d588a5.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: QMavQviTTKG1gSnPpyWXfsGV6toC2YmFLQw+eAhnwY/Jeb7Xn/A6D3hAm8zYSTJ62Mk+eiDgo/d3/gNgZPnYgA==\r\nx-amz-request-id: JWRMXGFQNCQ5NMQK\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"8d6323e7fdd7e06d404af122b2c85f3f\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 22652\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":22652,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"8d6323e7fdd7e06d404af122b2c85f3f","sha1":"a5d01f7b4ad71db23c48fa3f117f7cfcc444e189","sha256":"8e2b0eddf8d540aaa3b2076eefe4ba494c7acabed1f15431bafffe5bd3513f72","sha512":"6fc93fb49c82210ca205c6d6dd0831f9016eb24e3a5fbd5072106d5f2b44adb98d39c7df922da930f53d2cbfc28176810e7f2692011d556155f4785c8b314c19","ssdeep":"384:g1oAebo8+5LM5Y3W9rtPwKbJO5Uq6/ECRgQPifCiN:g1o39+dMmKrtPwUqSyQPmCq","tlshash":"eea2be61f8803733c585636c4cbea112585584f288f9e8aba674cee9f2d4c879c49ce6","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-06T14:40:04.31611Z","times_seen":9774,"resource_available":false,"data":null}},"time_used":1121,"timings":{"blocked":1006,"dns":0,"connect":0,"send":0,"wait":113,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-2ca3e678.cdeb2caa.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-2ca3e678.cdeb2caa.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:03 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"11988-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11988,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11988), with no line terminators","md5":"24239fc2953d2a22d7cd5c5632dcd4a6","sha1":"f33b1a460541a32ed04732f26cc49d070b656e2a","sha256":"d31737889dd96d092a914e02a996629ee1097ba471cf1b3bda901d48dcc6a855","sha512":"40de2fde9884d94a6d6196f6b6e39cba8f36a05f289451d7b20e1a6fc82b32cd8ca02c47207a67b77769ee3d72c59ed7250232661a7269b26a92006ec8f56b68","ssdeep":"192:Iz5sbKYxgCtCowY2duLGm7AtmIfOxoi7k2Xer4p412QRAelWklFbaiWsAXU:i5s8CkC2caIIWxoi7kGerMscKYtsIU","tlshash":"a1320a72a072a33da927f1a574a8a8e83440d526dd9383edf654713cccc62e32672f5d","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-30T03:35:54.792083Z","times_seen":829,"resource_available":false,"data":null}},"time_used":599,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":599,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-66a957e8.8fe95911.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-66a957e8.8fe95911.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"1118-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1118,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1118), with no line terminators","md5":"51469bb71eb3ad53d091813383d59f9f","sha1":"2dc9da09668fefdab35ccfe6c6a3ec5485ceea3d","sha256":"d9daa1e1faf153cb40d02fe3294adfbf28aeb622797e00cf94c101ccfcf0e073","sha512":"aba105e77a63de395ba92e7d7557d7b7ae209f72dfd735132a2b4d234f8ac75e09d4acbeee7b2cd6e25307285d4d3a4988e9b8b8758761b595c96d20994bfffa","ssdeep":"","tlshash":"d221cef1906510385aabe6b430f0a9b9705df145ea63199c5d6533ad49d378f02e02ce","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.435641Z","times_seen":5604,"resource_available":false,"data":null}},"time_used":428,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":428,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/img/lottery.ff791ef3.png","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:59.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/lottery.ff791ef3.png HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"19432-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19432,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 260 x 208, 8-bit colormap, non-interlaced","md5":"ff791ef38e8d7d32429ebeb24df9de10","sha1":"e4b23870cfb39ba9659138f2461fd384b88c25d4","sha256":"0f0f5e4177dd02cca9f1f4fde394271a85f4dcafeba25e5e80c3c0666a03465b","sha512":"6ad90536a6c7b0e7f541a84aa11d7d7bc4f1748ca952e48fcb4acf8b6eaa8e27bb19d1ab2dbfa6d48a7e99beeb7959f577a4a53dc9b09fc9adf92461aa2a7659","ssdeep":"384:1pzyVxAXE9hJC77WnBvmiT4dW1rGc2k39T1ALVJVYNR8qGk:1pOAXE9hJC7CFmiYorGc2sAR/YNRbGk","tlshash":"8192e156ce6be369f21ba41809dd02dc7025bcf3778fdbbac4bd33e5624a4105289356","first_seen":"2024-07-21T11:30:49Z","last_seen":"2026-05-15T19:22:42.511432Z","times_seen":140,"resource_available":false,"data":null}},"time_used":727,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":727,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp/B07XGP7HTW/81fwoaIeEOL._AC_SL1500_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp/B07XGP7HTW/81fwoaIeEOL._AC_SL1500_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: ogXWAyWPrLjE5IwWoTnMOG2FnsNFTc+WvoJhvv1VluwIRNeI0gtNsPPkXcWdVR10OSB5DluFlRg=\r\nx-amz-request-id: 7RX7W44X8DWAZ53R\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 02:33:56 GMT\r\nETag: \"ddcaef2c6aac08fffa6008f8116d4863\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 805c8fc4de4d9c9903f475acad7422ecf82ac2ccf5bf0a442a1686d1f3fa2026\r\nx-amz-meta-s3b-last-modified: 20231026T130616Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 237068\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":237068,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 910x1500, components 3","md5":"ddcaef2c6aac08fffa6008f8116d4863","sha1":"5dfd62507f633aa81445a44811bb63809316c059","sha256":"805c8fc4de4d9c9903f475acad7422ecf82ac2ccf5bf0a442a1686d1f3fa2026","sha512":"95bef3e1700d32e6085d333d6564db07c4e9d6ca15f68db74153bfd184d8742022929332333565410ac220335e3cc373033aaedecbd28c5f7e9ac7fccc528d7e","ssdeep":"6144:p+zpCBaXboUhv83vTJMuOeo4q0l/l0yBsiaDkKhPbqTswCTh:p+pXboUhv8oe3lBBZcWoxh","tlshash":"933423f5eea10b8adb466b3489c02f21507e42e18d4dacb643f2e76245dd0d8d3ad672","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.317144Z","times_seen":2305,"resource_available":false,"data":null}},"time_used":716,"timings":{"blocked":121,"dns":0,"connect":93,"send":0,"wait":120,"receive":281,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/img/right2.23d3e322.jpeg","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/right2.23d3e322.jpeg HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:01 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\netag: W/\"6978-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6978,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"23d3e322bf2a163abb5e4331580d3d7c","sha1":"dc9cc27e86b9ab385f24a1ebcacc102b8fee6d12","sha256":"e71173feb88bfac5f997753ceac015ca23f31f9f2234a8083be8a5a4d4e6bc20","sha512":"072c55f9d2a58fab3e13393b1f401d1302aa3269b405f85fdf99a86e9e8860bbc4182db36bf5acbfc6aaa9cf492dd69d194e70513d0f28b4fa287cf6b8b1d0d3","ssdeep":"192:E87ECyhHACQc4X2g7B0WiYHgv+YLX8RrI9GMftmR:fECKHACQcBg7BUYHgv/Qt","tlshash":"9ce19d5cef89ba61df29a13b062535093b23560a7fd297ff754c6c10e956c3056d8051","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-30T03:35:54.82406Z","times_seen":4660,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":568,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp910/B08GDC6BXT/51nqa1O5NVL._AC_UL1000_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp910/B08GDC6BXT/51nqa1O5NVL._AC_UL1000_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Jjsw38pN4yNKvOaCrmgWHQKR8xQUBoukWddCeXF2EYUM6ANnl7RfmgRwN2jSv5y4nUuIHiaQZ2g=\r\nx-amz-request-id: JWRYYKHD9Q8K99ZS\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 13:50:55 GMT\r\nETag: \"cb24f33cb4ff359a439a0d73bb6d2752\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 35067\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":35067,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 650x1000, components 3","md5":"cb24f33cb4ff359a439a0d73bb6d2752","sha1":"c2cd25233de083ef231ecb1e99144800c46e6d02","sha256":"e0c66d00c9f5ac611d2f61f078eb40db018df1c3af4046bca89a51d4d4088a86","sha512":"d0ae7b1278b28519a69abd0b69d83bf426d16ef8e87f2008c2c3eeb5ec0c32dcd725f968a87a6285abeff6e855ecf59a4cf4891eb12abb14a2f62dc74fb90ef6","ssdeep":"768:1K+IIdonHnMKYMvOjEXpdfUbHHOXMG5NUnLlRFdHLebFEPslsnQrqXU2:IPI2sBM22obHHFacR+ZxsnQEb","tlshash":"97f201b39248d715c8684bfe18bf1ae7fa8c90e00daf594245300c52be5ff902a1b5f9","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.37868Z","times_seen":2239,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":99,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-051db46c.86f03d90.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:02.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-051db46c.86f03d90.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:02 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"3807-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3807,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3807), with no line terminators","md5":"d5c5cf21c0ac8cf32937fd5577eba50b","sha1":"49b8872bf19a1f9c7f9e78b19497e8b89ca2ccfb","sha256":"4531f24949afa7812c1f59876406ea88233df11ccaa72f9a7f559e55416dcc6d","sha512":"bd7965d44b3c3d8fe1e112a9097b029319ea0eb7bd67e9a52912b44344edf8f28493123a0ac5bfdca0181a551d03990a1ce84044abd3abace820f386e04ba5f8","ssdeep":"","tlshash":"04710e60ba22231f6a72f6fa55c0a1dc370aa21be19345dfdd49c40ec6df3a79174b60","first_seen":"2024-02-19T23:01:30Z","last_seen":"2026-06-06T14:40:04.519006Z","times_seen":1117,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-20642326.0daa9b11.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-20642326.0daa9b11.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:03 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"1374-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1374,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1374), with no line terminators","md5":"7a0ea81bab09a5e259ac1884d3f72012","sha1":"d87441160241af9deea25169e8fb52a8537929e3","sha256":"b2217a779e1c0810181c9c1cc122bbd3ff1ce69d94164bf7b1e308cceb93e2c6","sha512":"a0d4c2bd68e73bc95ebe419ae4fa1a9210de9ff9e75bb7c3694bffa92fffb77dd7373bc7c3585ba1a9a67b9a3d0207afd87e34d630ba821177a70512c061bb98","ssdeep":"","tlshash":"e3215b00355e673edd37e67e64805abd6900e26bc453e227b9889405cecaa572813ed3","first_seen":"2024-02-19T23:01:30Z","last_seen":"2026-06-06T14:40:04.393299Z","times_seen":5043,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":590,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-24e95abb.b2e5197a.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-24e95abb.b2e5197a.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:03 GMT\r\ncontent-type: text/css\r\ncontent-length: 447\r\netag: W/\"447-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":447,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (447), with no line terminators","md5":"921bce4f483b1f08e93b4216d27b47de","sha1":"b4a29f334d7440c5b2f40841216224b72c6fcde9","sha256":"66b6628c502e0ea0445dc0ae31e229f358bd8a58aaf06e4eb525757fea64d439","sha512":"44e70871a7b43d640237f9f6f070c10a7bed3b3256e548f42488214ac6cd1421ae2209822abbb46e4940081e816f71e92ba2e6a658d1118cf5e3a9f8e7537240","ssdeep":"","tlshash":"f6f0ec012cbd95a15837c53df1c233b42e20369f0206c7a2ac44ac54c68ba613a14201","first_seen":"2024-02-11T04:26:47Z","last_seen":"2026-06-06T14:40:04.334237Z","times_seen":7244,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":590,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-7c52e852.c70dd4a7.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-7c52e852.c70dd4a7.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\ncontent-length: 111\r\netag: W/\"111-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"6fa0ecf4147c8ce0222c50c699e3807a","sha1":"a77f07547a33f9b6ec67e6eed37629f508f97a6b","sha256":"6943a6d74dcebdb81ed9b48152a94e537946bd452b87590c4179c966722f5719","sha512":"8cc93fbb80c2bbce59ed5c2bf12fbe7ca0c49da27fa32ef1bbaafbf84aace700d4e60931ad95010ae4f7a5405b3e6f475e9ebf8431beb768ddf5d95ac4efb1ef","ssdeep":"","tlshash":"66b0123a734b04fc8c2ff0203f5988b87ec13322e11924035f9c8024451e7027c30210","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.445601Z","times_seen":8474,"resource_available":false,"data":null}},"time_used":418,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":418,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/2df406e9-dc70-492e-a7d5-4db89889fe58.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/2df406e9-dc70-492e-a7d5-4db89889fe58.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Y+4Ap/J5KM1upqPgZahI4NUPxBJcpwc4Nbl0k7NmhdU5X+etFl29v/SsuPRBhVTF9HDLwVRMgWAre7l9t9aX+g==\r\nx-amz-request-id: 7RXF0B4KJ8QW7ZC5\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"882acb8a590986400f716b14ce87dbd7\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 27557\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":27557,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"882acb8a590986400f716b14ce87dbd7","sha1":"69d9585cebff24ca05746278353d9723ac581960","sha256":"1c488a620a2342179fea9b5325ea4b5e0e450de64f3bc3383c67e3040242d1e0","sha512":"21cc314fbc6d011adc782475102dcc061e67ed01e1162a9046700b1375b1841701831af77286cc0fead58c997eeba79f5e1d141cdb124ed7881fbe71315c65a6","ssdeep":"768:GG5AJy9ToRwVbgiqHgdBAe9u4p58OsHIE7W6lWG:GGis9sRwVbgiBdieWHTlWG","tlshash":"40c27c039c854ad3b575c391ff468f6d3b8aaf08fc5672e710e11eda37a01424c9da6a","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.326285Z","times_seen":9985,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":440,"dns":0,"connect":0,"send":0,"wait":118,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/bfa34439-cd8b-4b7c-b849-8cd85c7b6a33.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/bfa34439-cd8b-4b7c-b849-8cd85c7b6a33.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: vmjLHdTqKizb4zeZx63CEr1dcmE+kbuuWPDKpWLfDGun/HkTGp204pwAxFslr1rAfA1ZvrSyBRLJGE6jfbO6QA==\r\nx-amz-request-id: 7RX0T1DK87Q9BA81\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"46155632d481869cb9c3e853c7832bea\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 39527\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":39527,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"46155632d481869cb9c3e853c7832bea","sha1":"988a2fdc538ca57eadd8730f028800f736e1ee86","sha256":"1e4dba5d9d5fae2a3aafe91ae59ff2f9f938229ee17b6af825d3d7ae78a93913","sha512":"6a93dfe70a2ee1089d7a1137043494795f98bab7533792b6e736c25439b4c871437a83103e1f02c58b32e7af94aa20e67db51929d945869cff4485b6840c2255","ssdeep":"768:G2faHY+HPhvSyz/eZculI+Pl9UTnIbrimLDGEFK6hbrysiU1JL4:GogPUGkymLDGExSsiE4","tlshash":"af03d0472804ef4b762ce2727e9b1f681f819b4ca8c672cc4a530dafaf657b9491c41c","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.377189Z","times_seen":9887,"resource_available":false,"data":null}},"time_used":460,"timings":{"blocked":-1,"dns":9,"connect":92,"send":0,"wait":117,"receive":93,"ssl":145},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp/B07V3DF1QP/51G8uW4FLLL._AC_SL1010_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp/B07V3DF1QP/51G8uW4FLLL._AC_SL1010_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: TAmKTd7xnuDfLWRXWaRFcLX5P4ajF396yq91BzICVHWr/9Mh0WIlnKpvEIvwmjUuG8Tb73g2AsY=\r\nx-amz-request-id: JWRWZJ2W0W2PD1CD\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 02:20:51 GMT\r\nETag: \"933feffc6f87b5e835ebcefde5c5c67c\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 8680fdf2f0e12092efe3d61a6df35efeeb6658f49e10a7397687c7f378021bd3\r\nx-amz-meta-s3b-last-modified: 20231029T132225Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 45111\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":45111,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 499x956, components 3","md5":"933feffc6f87b5e835ebcefde5c5c67c","sha1":"b4961dc6b0b61aaf05cc9e4ffc4318eaaedd60a7","sha256":"8680fdf2f0e12092efe3d61a6df35efeeb6658f49e10a7397687c7f378021bd3","sha512":"1fe7f9b5dcfa651626616464fe7b1c25946eb77d2fb4d6739bb2cd9e9c5012feef50e8928dbc6ee5a125570949760b702b647bd4ed73ea7cde3b4cb853a45bf6","ssdeep":"768:ygg6D3BnJNDyRk1XT3cR1EHhRToTNw8sDd+TnRrJq/TEdjBxT1:y383hPSk53cRiraNw8sDy5dFx5","tlshash":"0113f1cb2eac3597f1ae313bf24150414b9aebd1a8b0da71752380441435b7f6de746e","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.44464Z","times_seen":2374,"resource_available":false,"data":null}},"time_used":882,"timings":{"blocked":768,"dns":0,"connect":0,"send":0,"wait":112,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-91f4e7e8.054674a3.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-91f4e7e8.054674a3.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"4173-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4173,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4173), with no line terminators","md5":"d26838e6fc6c5713d841649b06a47e9c","sha1":"7681e0887d8b3957920c84e07fe95a1f8a22bca7","sha256":"5d0e36aa6715f146ee4979217b130ba8e86c334c02758895220835a2366d5a01","sha512":"d01fe57c48c7685b7f14f29a50d61418040c66ed4c756276c25108e74dde577d4c79841b9d3690f94799cb30a1ea691dba49e71870b97018d2d57291026f90d3","ssdeep":"48:jMxKHcoeYHjMBgquTy/ra6oYkAryBxzYpUfRmua+IzvtTm5rx2/6iYrxXfZsfZyK:CKHco56gNTwm+yNfZsfZyZZK+8p5","tlshash":"cd81ee91712c94266c73e07b309e455e6e54ef63c012a3589c56bf3e8c932e32e707c9","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-05T08:23:29.931375Z","times_seen":5300,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":431,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-24e95abb.9b81f7f4.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-24e95abb.9b81f7f4.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:07 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 766\r\netag: W/\"766-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":766,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (766), with no line terminators","md5":"c3c5be8817bb2cb91e4d50280d085896","sha1":"6fe69d461cf3f7ed9cc9bf2d65ff8b0242eb0646","sha256":"56d1a1a4b1fa5415f633a791cff5094192fc83a3e7ddf5baa180c5a71afa4c50","sha512":"a2c74a621363bbd07582ac0e04ef8ebaf9257898fc108d98f26f090e5fd9b9490b177b11b1b9bc1abebfe3ec4ba3113356a21bc91b1341210da3f9dd403bef4d","ssdeep":"","tlshash":"6601bd9cbae1b40b4d0e38b1412f11d5612f28e819efbc51e6e081c85e3087e151eecc","first_seen":"2024-09-28T13:40:03Z","last_seen":"2026-05-30T03:35:54.90293Z","times_seen":871,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":565,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-2849664a.d3c1f34e.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-2849664a.d3c1f34e.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:07 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"1142-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1142,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1134), with no line terminators","md5":"2902c12fd2ae30588abd41b043263fc1","sha1":"d75b0f7d416ad157d74ca9454862fb66064087a8","sha256":"02d3bf9b81f50e62b0e722b29964c4483f3f940ecbe24f0da76255b8fdb86537","sha512":"df551adf93a9d855a1b1e4208959e4a0fb36dc9d3c717923c25760b51591a097e0570ec8d35592033b685d4948ed1f40c03a416d5395839698c2a764a6968568","ssdeep":"","tlshash":"5b21ce136092794d586ea501210f2134f4f09d964c0bece16378c8fae2b2d5a7a9f27d","first_seen":"2025-04-10T12:19:43.541107Z","last_seen":"2026-05-22T07:03:22.734802Z","times_seen":27,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/img/BankCard.915c01e7.png","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/BankCard.915c01e7.png HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"21369-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21369,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 237 x 152, 8-bit colormap, non-interlaced","md5":"915c01e780c3570e792c2f37f2890069","sha1":"470ba5d1124700ad3563ef97773106b365ba9e9f","sha256":"7d9a26a24612d89ee6a130d9c7d13b8a9e61def83e43061d9087c060858ac7a6","sha512":"8521827f0ac72aef6a3aa718f503640fa8bd114258a78a4276fa591c9ba47f7377f7da84465559551bd1eed5c95cd57ba65a28a3df1ff79dfff2eb8346cf0400","ssdeep":"384:2qqHrBkzsYwbh0fdYV8qp2B3BVye4WpO+wQZJbyVu9fbhlKYpe5gyOXlaRLMhkfI:iLBusYTeV8E2NJf4yzKCxUdMuA","tlshash":"40a2e0f808179f255a97365d4efef60c9c5af7189037e453f902e4e645dc0c90aeb618","first_seen":"2024-03-15T18:45:44Z","last_seen":"2026-05-29T12:23:37.041183Z","times_seen":616,"resource_available":false,"data":null}},"time_used":623,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":623,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/d29f0843-33ad-4b3f-8a90-b56fc21b0e77.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/d29f0843-33ad-4b3f-8a90-b56fc21b0e77.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: ANW+8XldCgnz0aczVtIi6bJs5Wv6vKvd1GmWL/kp6iTw2GR/bK0gqEib4GCotLTqEBX5CW16GKokjPYPBbx5zQ==\r\nx-amz-request-id: 7RXBDGZQB6ZF2W1S\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"6a85f34af56b3c034d5137d4ec807895\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 49034\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":49034,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"6a85f34af56b3c034d5137d4ec807895","sha1":"75fd4cec7f44e8b8f20655dfdb165720d7223bd6","sha256":"67488643bc9d3ae11bd5cababff694c1f7a131c289d81eb79e25576f78dd4fa8","sha512":"d827fa0cf605ede5b060c72333d4552c1a930b0d8eec8052ba78949ea5e54a58bf0addbef05e024159a196589abbadef866f8c4d5f3c34722ebe1d9757563f9c","ssdeep":"768:G6O88eZQudaEcS6tJCXfvmmxmxwc3ndr/8wP/x49gE3bjt1Txv7ZJ:G6OYAESJCnm2IF3t/8wB49giPdFJ","tlshash":"5523e18725805ee3352fe3f6ff065ae80f088f64d1263edb21e54f98b312a238595428","first_seen":"2023-11-07T02:37:44Z","last_seen":"2026-06-06T14:40:04.515648Z","times_seen":9968,"resource_available":false,"data":null}},"time_used":872,"timings":{"blocked":663,"dns":0,"connect":0,"send":0,"wait":114,"receive":95,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-07/b36d2777-fff7-4cec-b168-5b68c3d256b6.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-07/b36d2777-fff7-4cec-b168-5b68c3d256b6.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Iv439FWYIzFzOAuhZHNS7A+8I37yKaOtRjdRhOwWb6P7+QuITgXd379w0BIq2rEHBKTdqxvLpukXrE/LlKpgQg==\r\nx-amz-request-id: 7RXCGGJ2W4R2CN3R\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Thu, 23 May 2024 01:47:52 GMT\r\nETag: \"2cc7debe43917ab58c294485e5c478d5\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 235022\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":235022,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 981x1500, components 3","md5":"2cc7debe43917ab58c294485e5c478d5","sha1":"1dcb28255d99596d828673da4d474ff999c98905","sha256":"590d7d4cd7f3fa7833565c83bbae73b56e3fc935cfec091c542e28de866d7d5c","sha512":"71f23f15d8d9054cfce9632c25b2f60aa724b043c2a1d3d4e2032123ba89c99e6c404072d0b2baf3ea13240ff17cbb10942be64ebfd0c5499bdcd82f8eefe381","ssdeep":"6144:kPr1Ds5uJHQbwgOYbprdGn0CUmmqtHFCmH:21DDJHQsgR9pw0CUmFCmH","tlshash":"3134239d3608364dc7685bba017bba565e6cf58048cb7bfa197f3e07199311e61e2430","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.489925Z","times_seen":7586,"resource_available":false,"data":null}},"time_used":929,"timings":{"blocked":621,"dns":0,"connect":0,"send":0,"wait":116,"receive":192,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/pc/gp/B0BBN3YQNK/71JmApgdVAL._AC_SL1500_.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /pc/gp/B0BBN3YQNK/71JmApgdVAL._AC_SL1500_.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Y6qzq24Y01Y/7uNrKB2zh+IzC65AEayUyHi9WL+FFQ66fAKYW+VMJWG2jrFBCCDSsNWrKRp9gw0=\r\nx-amz-request-id: JWRVA4790RS38ZKG\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 08:38:38 GMT\r\nETag: \"0f4cce1cc723e9f925010640e9160383\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-sha256: 9169e20d3f597bd917dcf828b53045e7c31ce2687d137880cdf7aaee623271e5\r\nx-amz-meta-s3b-last-modified: 20230915T060118Z\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 107843\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":107843,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1082x1500, components 3","md5":"0f4cce1cc723e9f925010640e9160383","sha1":"26061d213f8afae16359eae39d295f69758aa915","sha256":"9169e20d3f597bd917dcf828b53045e7c31ce2687d137880cdf7aaee623271e5","sha512":"985da409670855669c845a9f36826cdcf2d6f2762cedfe49f907d6e77fa4e728da769069143411ad59dd98428f8082e391d9c473b50d3efef73adf76c82d1e05","ssdeep":"1536:U2R6KEPTEqfuefyBue/Ja4VCT1AXZyWGOsvv+9TPany3/2pzM1UoR/R0cNRz4mTE:vME5BuqAN4Zlcw/UUx/RRNSmT8rb","tlshash":"53b312f92c292e8bf94ad2fd28f213024245e5b8050f35f84ca45615c6cfebc9f62936","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.521689Z","times_seen":2351,"resource_available":false,"data":null}},"time_used":669,"timings":{"blocked":538,"dns":0,"connect":0,"send":0,"wait":128,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/ba21b1de-1bd6-41cf-993d-cbf59051931d.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/ba21b1de-1bd6-41cf-993d-cbf59051931d.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: VScHlqkwzE+1cNjDm/xzwZ8o6qVTH/Yvgkin9Bh0xi4yo7CvpltbP5C1697exj33ZhMBn5cmky8=\r\nx-amz-request-id: JWRWNV1E8ZT662RJ\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:53:12 GMT\r\nETag: \"bb218f576009cd83b9417c5a229c3203\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 47710\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":47710,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1468x1500, components 3","md5":"bb218f576009cd83b9417c5a229c3203","sha1":"77dff04586788827f80934d71f78f4c88f8356df","sha256":"d0855f819cdc09557f7e383dfbc5e6165e09a50668d15dfd0210949bbdaaa17f","sha512":"7f485bcdf0998dc22d4c9737db92c707975451d3f002fd09c92f23261204700dc22f93182ebb67e07f99d78358027eaf008a78bf02935f590589defab99e918a","ssdeep":"768:1gD/OoEUQEXCRL2xwGC5fTS16JO8Rb5fu5BPqETeaHdQ1DIzwOhLTKh:yEUl+SGGCJTSYJHb4BxTeanxhTa","tlshash":"0923f1d3174348cbff782937b4a153a3677ba5ae219594b3a70078275a423386ec42d7","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-03T23:39:34.644447Z","times_seen":7154,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":96,"dns":0,"connect":0,"send":0,"wait":153,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-0ba2916e.bdd45de3.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-0ba2916e.bdd45de3.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:06 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"59807-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59807,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (59807), with no line terminators","md5":"44d5d75d1ef7aaa17bbeb854524f04f3","sha1":"1aefb83418d50a239fb699a0fddcd8f618330344","sha256":"66d93b68900d4d00cccf139afadb4bdd76e429d8ad83a5baa97ed8afda207c2f","sha512":"a47c06df3cd68b4404d84405b2f3962dcf4fa3c5d12e3dd2963f633c0fdb25029c094c69868abe335b5641a6e6e8a8372ee39525407df427bedbbee5852f312f","ssdeep":"1536:xDaeK86yPqHJtaEa+BZtUnzYcXbKc7rfqtbZGHv1f+yOmv14:xDLlqHdBZtUzxrKc7sNGHsK4","tlshash":"6443d03720d3a4935f2ac122334ba84d8d769b9dd182d5c3f278b889ec5fe74635e098","first_seen":"2026-02-26T14:59:42.056751Z","last_seen":"2026-04-08T00:27:57.280374Z","times_seen":8,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-4c07d914.5c3b585c.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-4c07d914.5c3b585c.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"4695-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4695,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4695), with no line terminators","md5":"2abfc31d2a6752d6d66f5fa21c7fa262","sha1":"63116607f3b72d74be9d1bdd5050ac15859f7243","sha256":"9159959031e6a701bd2e9e5baaa03c4f14d6c2530977a9e013c8af24c4838a37","sha512":"ec6bd33bd4a69b9e93485dfa272e08170ac3c17b0aec5f291b716c1e370435f6bf26fd7b2139aa75790defcf2223f4deeec07818a549334ba069f8a307201127","ssdeep":"96:VQrF215xix1yXSl6nS65EaOYIj8MRSLRsR7S6m0Z8u/j/20RO5sR5WFs5E:VQKM8F9","tlshash":"77a1b050b15e162b687bfad9187cdd4cb0d6fe2ac1324b76ed9f24148882e733622235","first_seen":"2024-02-11T04:26:48Z","last_seen":"2026-06-06T14:40:04.500613Z","times_seen":5224,"resource_available":false,"data":null}},"time_used":459,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":459,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/sellerGoods!recommend_new.action?type=0\u0026pageSize=24\u0026pageNum=1\u0026lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:59.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"POST /wap/api/sellerGoods!recommend_new.action?type=0\u0026pageSize=24\u0026pageNum=1\u0026lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://diwkr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":97760,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"8b8291713a92d07d12eafdc13e22ea07","sha1":"0d57a3ffbd23469d7d2426d374046afef50197ce","sha256":"456644a1403a6fa7605630cb9a30157bad121d08b5ac8146173e91124571eaf1","sha512":"e82c9eb6a26ca4d00d648f57060737a9fe28c30df56ea8b1263dfd17449438d2d2cb6c830e2f29feb89dc88b32be51df2c82b127480793b3d2b4796220753c57","ssdeep":"1536:ruyLkTDC3wnqg/UPHRKui+k49qAbnzxTImCyASax6XRjS+0JRo:rjQTG3qf/4HRxi+k49qAbnzxTImCPSay","tlshash":"eea3e853c79841350b6401e548573b6e94fd821baf734f99ab3cde383aac4f67a6608c","first_seen":"2026-02-26T14:59:42.058751Z","last_seen":"2026-02-26T23:43:04.797109Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1028,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1028,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-08-14/29e5a33a-f02d-43f6-b4ce-5edb8be1577a.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-08-14/29e5a33a-f02d-43f6-b4ce-5edb8be1577a.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: xcSCEPy0pUmSQT9G8SPWMliX5hngCXjT0pfjjz1SKxVPQoi56ulwvkG8kD6Dm0by717MK9vyAXZMNIj6Ux10xg==\r\nx-amz-request-id: JWRQB1YVN3EV5VVD\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"a7d470fbe103fb9a6784c6e3bd450ccc\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 96012\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":96012,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 500x500, components 3","md5":"a7d470fbe103fb9a6784c6e3bd450ccc","sha1":"cef53fa7fec6b069bc298b96adc02886d48a2bd6","sha256":"4529834992120ae959682d5dfc40e76a46db199fdbe4b20fd77e5d1ce92accd0","sha512":"e429d8efffecef5f79cbdab092f84a5054126fb33ee4b22d8e50861cba8d10edc49b41b5d0b8d02d997428b0f661816cca586b58f15d10cab9629375de8ff737","ssdeep":"1536:Kvlkpltm3DoZ3IUr1vvliVOHylrocmmIqeWJ6BHlCJsSEBT+qScNiHoDqlSBvP:Kvl2tm3DotIUrxtiVaylroc0dPHQJlsZ","tlshash":"1f93f19fdd0acc318b46e0ea7a85c1a364b9c25354d0f97f5739d8b6c09c7b99802cc9","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-06T14:40:04.367777Z","times_seen":9563,"resource_available":false,"data":null}},"time_used":1222,"timings":{"blocked":1006,"dns":0,"connect":0,"send":0,"wait":115,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-428b830a.c6474aa1.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-428b830a.c6474aa1.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 242\r\netag: W/\"242-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"207b8b759b262464712f92d1ae1e37eb","sha1":"7029c92363ea630f095754daf11add091fcb57dd","sha256":"83e8578a1c454c2177dc7c70879f3a2e5e917cb457b060909784e71ddaec84cb","sha512":"7ec9d45d68a15b191ab0ec850c159b6a09cdedeecaa33c45bec5870115ae5717ee8cbdd1c020cdec12987d0705e88b487287e93e72bb2ced89b80fb446516a1b","ssdeep":"","tlshash":"45d0a731b39c5824b527c0dbe6c568c5b6043bb2984974b6edd31f68c887453716834a","first_seen":"2024-02-19T23:01:30Z","last_seen":"2026-06-06T14:40:04.482686Z","times_seen":1462,"resource_available":false,"data":null}},"time_used":460,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":460,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/ce21709d-d03a-485c-bd1a-0ca3c11840fd.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/ce21709d-d03a-485c-bd1a-0ca3c11840fd.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: foKtkQnMCAYuWe+AoH0SLe0yUhO5jnHDtadBL6m8BMdGXMgVlCMUOWgWE+5OXszXh0+JAczrmRk=\r\nx-amz-request-id: 7RX9PXDSATXNQV71\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 20:53:55 GMT\r\nETag: \"4d6bad8f76dccb096768ff49cc7cf445\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 117061\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":117061,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1410x1423, components 3","md5":"4d6bad8f76dccb096768ff49cc7cf445","sha1":"de7037cff667ef30de1bfd8e6b7ceec7c69dfc42","sha256":"0d98b6495a5e33454e197017e474fc8e00ea09e9d3e72d6bdb54ee943ed1fb40","sha512":"8bd3d378f9633511746f337bfc2cca32278fdbb5458cb2f7d23d9f3167a6372a172196821b864488d9f30f326785276baa112893754bad58dfd10b15ad0a2cc1","ssdeep":"3072:iypv8tQzm4aYSV7OHP76tr4EbClnokN48XL:iyp0SApOHPsrfbbX8XL","tlshash":"1fb3121b9b295d27e3c7537156210310963cce652895ee3678457f8e3caf3aee88c98c","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.521114Z","times_seen":2378,"resource_available":false,"data":null}},"time_used":630,"timings":{"blocked":509,"dns":0,"connect":0,"send":0,"wait":114,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-2d3b15cc.1065e47b.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-2d3b15cc.1065e47b.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"8220-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8220,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8220), with no line terminators","md5":"15af1d3c26e82f554e22d4b92989e50c","sha1":"21febdbf6c09940131326c18d6c6b5881074b618","sha256":"330f77708473892fcf35599941ab374c7dc73f4e2d71923161330537dfbb637f","sha512":"2752f6891792617b5a6e0e7aef54d792861597683c59ffa9a44525ae90d438a03e2bbe7c31a106dcebdf686e409edc822af50910d2aa3f54004a8ba1f929bd69","ssdeep":"192:Iz5sbKYxgCtCowY2duLGm7AtmIfP5iFxWXo:i5s8CkC2caIIsFko","tlshash":"ab02d5b7a0b2e029666bf0a9757495f87444da12ecd783e5f6847238ccc32e31666b0d","first_seen":"2024-03-24T18:07:05Z","last_seen":"2026-05-30T03:35:54.884855Z","times_seen":1196,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":545,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-0f135973.b15e0a3b.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-0f135973.b15e0a3b.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:06 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"11375-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11375,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11345), with no line terminators","md5":"d1c544054fc1a82bdad55a9bb3369e66","sha1":"5436e4213f564b68fd880bd37abf540b101ee4b5","sha256":"5c355d60bb20440e7c6d4bcca516468f76c447988527a3a9af4b44ebb43cab08","sha512":"f03d2d0bf9b1f99808b3d3eaac1648baf4a955402b4a7a3411b5a554d35b90cd66d8f47996d7a9590844f05ad981ff5a661cebe51fd2f7a57e37e46733c7767b","ssdeep":"192:olxthRrXBr3nev/Vnwk43i2gv419Ii15QtwyO/3a3O56QY3tO/sC4X/5Dup5Dhiu:odXReXVw1gvg9Iat/156f3tO/sC4X/h0","tlshash":"a432e8883695bc950a27b0f1b0af745670958e82640d0541faf488be7dbbd6a6703737","first_seen":"2025-06-09T11:20:07.99249Z","last_seen":"2026-05-30T03:35:54.881996Z","times_seen":97,"resource_available":false,"data":null}},"time_used":628,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":628,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/app.5ec9074d.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:49.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/app.5ec9074d.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:49 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"1443649-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1443649,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64370), with no line terminators","md5":"f7916bb344b249c21c9f27858bedad8a","sha1":"79485175973ab0c23b01c93a98ba3c376ef7ced7","sha256":"b988709ff89d98f59d816d00c2cc4e3435256849a3a67f065232212671acffbd","sha512":"70343c98f0c7f4b6911b184993741011c8e6d9e090ebea0bc94c7af38db78cf369ce6606d54d7438d0c7dcc92c9b872a608d6d5ff9cc67f261983dd692f3a0fc","ssdeep":"24576:a2O3ExsVuhFWMU9PnP9PUAtLz29HxNUCOE3Nkxp5R+FXF9s1B9Lfbz0vVXe:XO3ExsVuhFWMU9dPBtm9Hb59dWf+1T2l","tlshash":"29656d5a97c2e3a80fd476e12417377122b848fafbfeb1da07a9e1d021f9d40511ea71","first_seen":"2026-02-26T14:59:42.063497Z","last_seen":"2026-02-26T14:59:42.063497Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1736,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1736,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/img/facebook.3e764f0f.png","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/facebook.3e764f0f.png HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"5430-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5430,"size_decoded":0,"mime_type":"image/png","magic":"MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"3e764f0f737767b30a692fab1de3ce49","sha1":"58fa0755a8ee455819769ee0e77c23829bf488dd","sha256":"88ae5454a7c32c630703440849d35c58f570d8eecc23c071dbe68d63ce6a40d7","sha512":"2831536a2ca9a2562b7be1053df21c2ed51807c9d332878cf349dc0b718d09eeb587423b488c415672c89e42d98d9a9218face1fcf8e773492535cb5bd67e278","ssdeep":"24:Es5ed8vZa+/kffJTyN5J5iXSvjDxatgFFjiZq1MJUikeVgl2fwFfBaTzh4mpCbak:2fq3OqXAzh4jaJV9HxG8Q","tlshash":"efb1ce80b3432744f4fc11b0c357b44ebbad2d5348964f57a6ab3a8e5dfc16892672d2","first_seen":"2023-09-21T20:02:42Z","last_seen":"2026-06-06T22:28:27.898393Z","times_seen":21972,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":568,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/img/argos.5de82920.png","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/argos.5de82920.png HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"14014-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14014,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced","md5":"5de82920b5a7fcb28d08995465a5c8a7","sha1":"80dceebdabdc936c6baf4f01a8d6f6f176789bcd","sha256":"bc6b09c4de29fd733f38748884c176f21f19d3bb449481b9c8236ed8b50afa4c","sha512":"e9e8efee550f08da413be218d4d7d3340dc35bdcae60151bec4e84aa78d6fb66636e44f64b7b9195c3f4210b9f17dc1bc4f2534e71b645f7afd96c2ade3ee8fd","ssdeep":"384:m+DWfH5CT5ZpxKxAMVjKiqbIpQDGMNlBijBy5c:mJfHU5xEAMVjKiqbIPMNlIjBy5c","tlshash":"9b52ad56d3714076eb88453c250b17263b352073a5b7520f2abb26ca5cb2ba23b71fb5","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-05-29T12:23:36.983873Z","times_seen":503,"resource_available":false,"data":null}},"time_used":720,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":720,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/sellerGoods!recommend_new.action?type=1\u0026pageSize=24\u0026pageNum=1\u0026lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:59.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"POST /wap/api/sellerGoods!recommend_new.action?type=1\u0026pageSize=24\u0026pageNum=1\u0026lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://diwkr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":71530,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d47c0e333d5a7632b4d453e8ceafd1cf","sha1":"247d64bd69cc30b9614a14a22ed6950ba1691e3d","sha256":"7176cc126627741564ca4373fd3b268f194f6f341fa0f0c759c750b7707294af","sha512":"b210bb1dca24c5e6e0d6f8724c70c661130b63f0ffdf5acb6af76c405691753bcfbb1cd4a6624d8bb0552afb6d7fce5254752dad8cae9efdaa027b1ff0c59ea0","ssdeep":"1536:LO6PhInsvPIJgwkWHXhlhHjNHlU4ZMmTDPyoG9z:LO6KnsvPIJgwkmXhlhHjNlU4Z5TryN9z","tlshash":"4a632a52c7a852350f6801a544533b9fe4fe821baf734f95aa2cee346bbc8f6761504c","first_seen":"2026-02-26T14:59:42.067075Z","last_seen":"2026-02-26T23:43:04.872774Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1077,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1077,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/seller!list.action?isRec=1\u0026lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:59.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"POST /wap/api/seller!list.action?isRec=1\u0026lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://diwkr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5930,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"a1c4e1f05a1b37e1fc5f481dcf21ae48","sha1":"4883f88241f26e09bb936761e1f99094218b7e08","sha256":"ab01f802f618b2939b8ecd5762a3668bb8ae008b7f6ac17159ef7eec20cc9176","sha512":"d0bd43b1b5d0dbc514e763b534c4dfb1f0337e7b9588191709d5b0b00323f9bbebcefda412db9e6f2be44f87bdb97739bfbf0b6d640d15d5dcfe4d0307831079","ssdeep":"96:5qgK+9uLEdTqKxYuMAIqsxrv31eBpiKLqsE74IfEdzkCqQ5G:5qg9uYcfuDIX318fLdIfEdzPG","tlshash":"ddc16255299c3eb2579e0e536c473e8ac1bc169f5d834eb1eacccf1509f9ab0970a120","first_seen":"2026-02-26T14:59:42.068906Z","last_seen":"2026-02-26T23:43:04.909975Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1082,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1082,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-28/b95dc824-0d77-4013-a5b6-73fab1c9e4c5.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-28/b95dc824-0d77-4013-a5b6-73fab1c9e4c5.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: kexvoEpcojG86rx+Gzj0CPVOMcAbcPFxqT+6afSgN3nviwOmqvkB0FY1zyR6sDg+/fsxssXv5E9H+S8svox6MA==\r\nx-amz-request-id: 7RX7R69E228V08WK\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:17 GMT\r\nETag: \"0527d1653d7ad2d9fce0c6e3e6ff3f8d\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 17300\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":17300,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"0527d1653d7ad2d9fce0c6e3e6ff3f8d","sha1":"96f83c2be0860f8d33bda1e5955d2f69e1947cce","sha256":"91d6492646ed09c0cd914e6d6b5756d5e5ce01c44334b1e4fe035ead232a3f00","sha512":"a52945f8f23f05aedb2288cf6da590d9cacdeb9c07cda2e165f751c8f5eab3a752061e605e778f3c374481c4b1661d99be9d5fd8962d30e5cc3e4f5f007f2a61","ssdeep":"192:Gdel8vIA3KMvActt7vDzEu/L38lmmDOTORDpUcQws5kXMwAjdMubITDpgO67jTf:GdSnq/tt7vTLAnyO5skTAjGJTt67","tlshash":"ce7216179d089dd3616cc3e5bf060eec7f9a5758e8063def90a10fd93b206878d8946a","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.520388Z","times_seen":9854,"resource_available":false,"data":null}},"time_used":669,"timings":{"blocked":554,"dns":0,"connect":0,"send":0,"wait":114,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/c568cc14-8506-4b6e-85dd-bfd46f7a8607.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/c568cc14-8506-4b6e-85dd-bfd46f7a8607.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Nc7YXlcBLaZuiJBSGreMQdUoCYBiTSvQaysMeUI58jy1ZCvQsCmUHUC7G8r2TzqYfMNztjL2wf4=\r\nx-amz-request-id: 7RX01GBH2QWFN2YW\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 20:53:37 GMT\r\nETag: \"69ea9ab0655294c4e81cb9123f9b84ed\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 117788\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":117788,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x1500, components 3","md5":"69ea9ab0655294c4e81cb9123f9b84ed","sha1":"249e0e3b9f9c8ebb9d3c2b0e8f96db0bbbb96233","sha256":"49bd15612e8028f820eea86b82dafa4d5e439225445e527cf5a3232ed060d942","sha512":"4e05f275f9d9ccecc1ff61aaf45278811f0062aced05aac2d3d4c7648c4be9e1130cda1ec819a3a4503006a7c49b87fe94e1bc71657c2ad2708080425857f71e","ssdeep":"1536:3edS0foEyCuEPL1TVLKPXCTmcgFbbLmWEDBygAcq5qtlDRVtU+e+aPZl6ejI9li5:zCAEP/ICIbCWEBHAcq5ylFVBIuNuV/lr","tlshash":"18b31204277e7cc1c2f9a176c8b1567a57b5c74ee2dd9714ab5a3401cfe3a202e10aab","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.448726Z","times_seen":2353,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":345,"dns":0,"connect":0,"send":0,"wait":119,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/sellerGoods!recommend_new.action?type=2\u0026pageSize=24\u0026lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"POST /wap/api/sellerGoods!recommend_new.action?type=2\u0026pageSize=24\u0026lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://diwkr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:01 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":88874,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"a0336075d5e60ddc39d71c3ac25a9d57","sha1":"b6ad2a0deb4a46daa796967c83dd0aaae6ea259d","sha256":"e3bdbd154dfa903d7f9bc5b7f591e79e79a6c1066546212fd4d6dfaa1a61f275","sha512":"08f08a989daf6299f64da5430ac177be780c1dcfa3c02a334a890ab1eb788092859c483bf2707f68fbe48c1f96ea1292ce3ca5881ba452cc384f3a8d8ad3d17a","ssdeep":"1536:42XE1u1EdghW1NN1RCU4ZMsjIrZu1b7qDHrw0:4mcuedgg1j1RCU4Z1jaZu1b7wHrw0","tlshash":"4a93f852c7a8922a1f68019544237bae94fdc227df734f98ed2cde34ae58cf6761508c","first_seen":"2026-02-26T14:59:42.072831Z","last_seen":"2026-02-26T14:59:42.072831Z","times_seen":1,"resource_available":false,"data":null}},"time_used":669,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":669,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/47934c11-34a0-4990-9c8e-834a82f5b701.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/47934c11-34a0-4990-9c8e-834a82f5b701.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: yjjXs1Xj5f+IXkPvvR3FIOJvSOEuegQZOW3+fJVWcmyjoUv1rZDUWcbc0NDYzwShiXbJvzQVCyw=\r\nx-amz-request-id: JWRZSKWVXAC1EV36\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:49:02 GMT\r\nETag: \"8c00ff5e70d17f3ad0a9b1b85f0ca0d1\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 41631\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":41631,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 647x1500, components 3","md5":"8c00ff5e70d17f3ad0a9b1b85f0ca0d1","sha1":"821b82e6b725f4a90aa36d51efc1a362e33b53cf","sha256":"41d72946e6b8fde800f2bb6b1ce9f6be2b286f437f1abdd23595a144bd5d1427","sha512":"7bbf0279cc137f96fd2c7a6976af80334de90ceda385bdd26da2215dc52f96f5fee9a68428c5883c7a2bf21755b6c01597c8aa9e40e971de13d550c31027793e","ssdeep":"768:1qE70EERqK41pSmdbAENaZKhNwJ/qdLbSY11ip73BTkEyF06n:770FNGQcbrMZGgCdVip73wB","tlshash":"f813f11b3b62a61ed1dbad36d45b72018ce0fb1b33c1848f6e62346135c6fd40b97695","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.502548Z","times_seen":2305,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-41aebf37.c3acef98.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-41aebf37.c3acef98.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:58 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"6834-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6834,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6834), with no line terminators","md5":"f7b1de25905c81c373dba149d03c31f9","sha1":"862e37406535632dfb53a15f6a89c16efb3c94df","sha256":"e75dbd8d3fa49fec96c2b893018aed78a616974cb812b015636553d832881751","sha512":"5a2f0034e39196a38ce44b9d9cc46301069bf252b4f092c46db65bcd45a55ed05a6b53bc8241f14a5f5390b530394bcfb0ffea60b21c9262d0b669e07fd1707d","ssdeep":"96:Zsivfdy8lOFD1vq80WV/LPxDmvo6SOwUu50NJj9MC2:Zz33lSD1v30I/LPxDWrhxuuz+","tlshash":"56e10ff2f231112f7426953be18389e8bc86b10dd3ffc656ff84b514daa9182063518e","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-06-06T14:40:04.448067Z","times_seen":1977,"resource_available":false,"data":null}},"time_used":594,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":594,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/index!download-url.action?lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:59.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"POST /wap/api/index!download-url.action?lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://diwkr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"ee9b70c9443f70379ec2bc27c2ed3e84","sha1":"98f6d951971e74a017b0aeaa15d9645f4b2efb13","sha256":"78519e6fce32195a8ef66068c10588149971771c1ca335b86260786c804f3245","sha512":"162eac4f0326e48dd25c201518b94efad1751cb9b258ca7cb918b760e50c353c3a4fed66c020da9f07b5b1c0e7b298df701e43c64d7bed839df38ce05968c0af","ssdeep":"","tlshash":"5e800000282e2c0b880320c8b88c3a8002ac23a308c0cb200e8cab3080ae2b22000830","first_seen":"2024-09-26T14:29:38Z","last_seen":"2026-06-06T14:40:04.454563Z","times_seen":1899,"resource_available":false,"data":null}},"time_used":989,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":989,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/newOnlinechat!unread.action?lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:59.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /wap/api/newOnlinechat!unread.action?lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"472e9a7530675f76d965067fcba6278d","sha1":"e1fdae764ba06c37792e7b2a2549c88cf3350b09","sha256":"26de7e215697f7b90d77581633fd7fe0b379ba230d1a9c1a0b502ed862b3f5bd","sha512":"7f765b18a1b6f5818daf3905ed24ae9f4283248ac7a41bfcca65dd1be696c9a741d510629b6134940784b3cb832fe3be7fa76881cb2d01f226e1246a70039e7a","ssdeep":"","tlshash":"47800000280e2c0b08032088a88c3a0080ae22a308c0cb308e8cab3080ae2b22000830","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-06T14:40:04.385417Z","times_seen":8677,"resource_available":false,"data":null}},"time_used":988,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":988,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/f638f5c6-610e-4035-8a7d-1b49bd18a6ea.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/f638f5c6-610e-4035-8a7d-1b49bd18a6ea.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: gmoBLUsJFi6gBZX0CranJzi/CUGOUOlLizxehoOydFSN2/HWnNsuID2ThQ+LqKsq1sFBBEva2osN5TpFxUeP9g==\r\nx-amz-request-id: 7RX9PNF6NKGXX483\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:19 GMT\r\nETag: \"b367a1a2939abed5721ba1cf5fd272ac\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 43151\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":43151,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"b367a1a2939abed5721ba1cf5fd272ac","sha1":"14494a7fe1017a29f9fed7421f7d652257490203","sha256":"46d322495677c8a7c5394e265b4ff29491e138ca470aa1ca2d8abf364db9cd21","sha512":"2952940e26d548ef1b5caaff6ed0f6226a5fe3333be792544289621e428353943df8b2c80303329041e0b0308b6fd4961d0805110e5d74bf4bfd3808f3c71117","ssdeep":"768:GAnBvnXpOznCDoX5cNyXgGjFLhpx12yVa6+kZL/4FIpV8xoeKzHMkLFr3:GAnBvZOzCe5cNAgGjFNpb2R+4gixovLF","tlshash":"4b13bf87ad198f936454dbb87f530c396bcc1e1ce8463af910a52ed72f582094caf52a","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.324197Z","times_seen":9475,"resource_available":false,"data":null}},"time_used":1376,"timings":{"blocked":583,"dns":28,"connect":93,"send":0,"wait":115,"receive":93,"ssl":461},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/b07acf47-c478-464b-b17a-ba9226a7e00e.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/b07acf47-c478-464b-b17a-ba9226a7e00e.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: tPkR9VvWjxn4hsyfUxpBOS89/VGNZmFc1cxlVMFo8Pbk4k+E8OpH+qspmmXMdHtFpuHFBUx6vRR+3GQrtch7AA==\r\nx-amz-request-id: JWRYFX241KN4BENB\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"3cadf1789eb8f8d80a12e5ad0e19ea67\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 26582\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":26582,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"3cadf1789eb8f8d80a12e5ad0e19ea67","sha1":"90a7bb2b2bf9588a95f5895d19564e8e0d7a1b01","sha256":"4a1e05ded030983d325fa2a293dffeb39ce70d4948634927f6752dfc6d2f1dbe","sha512":"9236112d6c6dad19ae6b463f258f73caf2470a6f375251a68b7a2f36df53573861a75fe032c86ce6494978e164f514ffcc85e2b20fd04896b014b9a038397a06","ssdeep":"384:G0IuovjpguMrZYtx3ebUIAN+sXub/t4fgq0i9Iun1k2ij4i71P68:G5uoLubd4Ub0AM24ecIGBiHc8","tlshash":"cfc2bf834a448f837859d3ab7f631c408fce49ad85d5b8df11e74243bba673a008e96d","first_seen":"2023-11-07T02:37:41Z","last_seen":"2026-06-06T14:40:04.517269Z","times_seen":9827,"resource_available":false,"data":null}},"time_used":1012,"timings":{"blocked":893,"dns":0,"connect":0,"send":0,"wait":118,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/1fe3d3fd-05fc-4b1d-a8fc-364e9d33fcc4.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/1fe3d3fd-05fc-4b1d-a8fc-364e9d33fcc4.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: DRNCDg2ndGPw5p9qAaBFTZVVzzog0FkjeM61zbMBhtefMvpiO9G4mt7V6mWEUYGHDO1X1DVQUK8=\r\nx-amz-request-id: JWRRHPY6ZMZ9Y72V\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:47:35 GMT\r\nETag: \"ccff69006dcd3e1ecc8e139bfe9c5a9c\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 12326\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":12326,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1060x507, components 3","md5":"ccff69006dcd3e1ecc8e139bfe9c5a9c","sha1":"723f319128c6d63041259ce5725aaf670ef7f890","sha256":"d3e206d3a678978521738381d06e6fdd5e0371d55a6429cbf8f526c66cde11aa","sha512":"67a316dfe938235480a09e76e0bc23d4555ac73edafa80ad8ba860e9f4dbaf96cbbad1c4d5df1316ed77be2e41e943f336e9e1815bd2f7c834e6d64fd87358e8","ssdeep":"384:1K1hYtA+jmAI17ZItgLQWG1y5p/RDp8Wq:1tDjG9LXGstDaWq","tlshash":"e142ae55ed8640e4c938bff4463b42245a1aee3cafb0b1d60b964ca7ea126401f4ddbd","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.492043Z","times_seen":7690,"resource_available":false,"data":null}},"time_used":871,"timings":{"blocked":754,"dns":0,"connect":0,"send":0,"wait":117,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/img/banner_01.183cb7e4.png","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/banner_01.183cb7e4.png HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:00 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"91050-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91050,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 352, 8-bit colormap, non-interlaced","md5":"183cb7e4e9c1e8e3a5a24e5979f2ea5b","sha1":"5496ab511a333e267732b6fefbb6013565b649fa","sha256":"45d681c6d681a965afd9f35944f61954983d9680514839acdc8311121971ecfe","sha512":"9792d41e1c6dc0b7dfa37263e77b860dd0d3834f5d7655499960c133454edc065e6349719c691507ceb7eb27c2ba5cc5d6291b2dcf5ce53bf703b2d1c19d86e7","ssdeep":"1536:rcn3lhNDAuFKUkblgDG8W+A2iIMbvUPi3qwQZbJPwinyW:rc/aHpbtmMbMPivO1winyW","tlshash":"53930280b679e85b98347db00f9daed77ea512593612e1e7c6f2986c704c0dca9083ca","first_seen":"2024-03-15T18:45:44Z","last_seen":"2026-05-30T03:35:54.842857Z","times_seen":3579,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":566,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/app.b6bf93d8.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:49.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/app.b6bf93d8.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:49 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"237339-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":237339,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9ad68447f5d20f41c154e23547758cc0","sha1":"2296155e9eca95167cfbe28ce49c2cc458889c79","sha256":"7076d80d9c3dcf81090085429d87ac8d535cdf14ebdeb270070a559f72f75ea4","sha512":"fb8b6de549361591761fef12a386aa21aff6414ba8d5dc1caba6093f61bafc17d5a571bac5f46706f28967374fcdd6070659b173568dc54f9f7c006e510c0b38","ssdeep":"1536:WSdgXC6l3028Y7SrW3YeWXA1u9w4HCe/l4RdgW9cMEcWAp7KO6iZkJgYu8e0r8k0:qdFJWTPL4Q+05q2pe","tlshash":"3534b610db17217b222be66d75c0ba886f28c323d9725b7bfd95741ccae64891163e0f","first_seen":"2026-01-17T01:19:00.844668Z","last_seen":"2026-05-27T20:53:28.288805Z","times_seen":19,"resource_available":false,"data":null}},"time_used":965,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":965,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/fb09769f-95b0-4418-bc5a-8f91952ddf75.png","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-04-14/fb09769f-95b0-4418-bc5a-8f91952ddf75.png HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: pAk1ET6qpbgk5vMv/wB1jfci6HgMqHoGeqE9edXQX0gs3lRmc5naOc+QyGFtL9/NZwdqK3MMa6mkhGBfVUlPXg==\r\nx-amz-request-id: 7RX75JMSPNF268D7\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:35 GMT\r\nETag: \"e1d0a17b2eb5865bccc7dff6330f6562\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 147078\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":147078,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"e1d0a17b2eb5865bccc7dff6330f6562","sha1":"c956ae8ac7dc2720241d709e92d963ce814550bb","sha256":"9d0495f4e08deab21e64eb8cbe00de00a937aba37d3ff7a3714f30e551f978e0","sha512":"a6c80898e0109f3b6887861ca36e8bcbad9e7091a24eb9d49e55051ebeacbff242ecf0b192cf45d318948b90d660b97dc520cf870d5d651af386a4cec7553456","ssdeep":"3072:0bomG8J7r42I27eo7oPi6T3gKWN4+ogF1Ejq76Cui8MuXK/vDJMKC:0brr425eo6WUgRuC98M7DJMKC","tlshash":"f4e322ddc9c8a380c8003df5fd1699599a347ea34db476461f637adc7b19648ae1bc0c","first_seen":"2024-02-11T04:26:45Z","last_seen":"2026-06-06T14:40:04.515165Z","times_seen":9325,"resource_available":false,"data":null}},"time_used":937,"timings":{"blocked":-1,"dns":12,"connect":92,"send":0,"wait":114,"receive":282,"ssl":430},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-11/2b1f361d-49af-4f07-99de-f8e65f804abb.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-11/2b1f361d-49af-4f07-99de-f8e65f804abb.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: c7NBCx9aKxfAB1Te+qFafBoek4o4f6D611Ku7kZQjoxW5lhhgIn/zvmsQS4kvh7WmInlHuWPN+NeDwcV9AUf5Q==\r\nx-amz-request-id: JWRK7X9YH06Y5V2M\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:49:09 GMT\r\nETag: \"8e45ef03c4d3d3f8338e907948eb5268\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 55668\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":55668,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 962x1031, components 3","md5":"8e45ef03c4d3d3f8338e907948eb5268","sha1":"6d8847195c0a42f8310bdcf575ea57a0bb889766","sha256":"de9af8571cfab6b7bdcee5e4fc038ff690fa02e497205a7136633e8fd284f600","sha512":"c14e594f7bd92be09f77d59496127622a20d24f54f2dc28cfc34c33e8f579d2a39d9308b82023403476d985722a30b6bdeae0f8ac97cb69fc9c2d0e466064da3","ssdeep":"1536:d0B/FwBZy6t1n07VqLvJ/qkz5HvEwW2Lto8y:qVFSZd11NpjWX","tlshash":"f84302ca57610c98e499afb2377f37079713a5ed493026a33de69aac110cf112876ef4","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.636763Z","times_seen":7318,"resource_available":false,"data":null}},"time_used":950,"timings":{"blocked":833,"dns":0,"connect":0,"send":0,"wait":114,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/img/right5.1ea7fcc6.jpeg","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/right5.1ea7fcc6.jpeg HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:01 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\netag: W/\"5524-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5524,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x154, components 3","md5":"1ea7fcc6e9b3100bffbe6b7f028ff17f","sha1":"61c58566bbc59e3f7eee8fd0ca827c00da52a17c","sha256":"a3b706331a70ffa493547d558a58857bfa2dcbe54f11b19745a8c0ec4692e045","sha512":"7c129d8b0f97c5c3645a966ea129cf352e53997c2caeb88d975a6774bb157808dec36999b766942663622fce8ce7ea387d4a2a5f4385cb68481e554b4dee4d05","ssdeep":"96:WhJUFeNHgld/rdM2oX1pfs1BBfcVq3CxmaiVFMbo9qJC1dwH2J34Rm1cum8lwoRY:E5NH+BqBl1kBBfc1xmnQ7U1dwH64AyuA","tlshash":"d6b17e19e62eb807cb2aadfb2d5c259661011ab47f1c0bf245b121ddbd42cb1af15314","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-30T03:35:54.939379Z","times_seen":4689,"resource_available":false,"data":null}},"time_used":591,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/20a7dcb0-4ecb-43d4-bfe4-e7b16a8d6d70.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:01.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/20a7dcb0-4ecb-43d4-bfe4-e7b16a8d6d70.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 4SeLr6STFuiL1Wifc39joRiWliJ6nh5WDdMIKqyqF55URX8Ymzh170BKtqnEaikid0hjs7iqgx4=\r\nx-amz-request-id: JWRHFST4PWYY60WR\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Wed, 22 May 2024 20:47:36 GMT\r\nETag: \"0cb226a4c24b62a8027c524333a66d1a\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 9972\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":9972,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x1500, components 3","md5":"0cb226a4c24b62a8027c524333a66d1a","sha1":"bcd930afabd37e41dbff70ff18d3164036810ea3","sha256":"cae70bc988ba3c3472e4161ca54422d0e54923f5b26ee7e7e34716c90c97c2aa","sha512":"0182b799ed0ad9230c5713f54e77dec912e6873d55c491d41e30db98575b93ece455e58effcf4b52a2f1e5ec5638fa27ac16d8319119f1aa3ff0f1fce499789f","ssdeep":"192:1I49RvIJWdElnZFHjjtCcYjtGDCRxXEZJHMcf:1IKRvAZFDj0cOt4CR9EZJf","tlshash":"3f221ae391d3585f9838efdb9b5886e7d82ac355df6a3102204b030677e9f50ce3945a","first_seen":"2024-03-15T18:45:46Z","last_seen":"2026-06-06T14:40:04.433865Z","times_seen":2466,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-39fb98b5.8dbf3dd6.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-39fb98b5.8dbf3dd6.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"7084-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7084,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7084), with no line terminators","md5":"0471f7d4229c51672e63f05b4fbb3f36","sha1":"89cc6f253e24fc1efd45b16c235212e5fb0ba72e","sha256":"d22f36a5f8ab1cac5caa44af2382d69262d5d5cf4d4b206eec8ddfa5184b8623","sha512":"b5090770f539ce82b9cd2bca9010611789c973b42ada52663797e7e268c2cd565d10adb5f242f3d802637caef6fb0dca0469f8c3269e38771e80644678ce9982","ssdeep":"96:cWUXz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGVk7AtWA2WyUfk:cXz5sbKYxgCtCowY2duLGm7AtmIfkXH","tlshash":"9fe119f7a036e129ba7ba2b930b065e97410e902ecd787e9b244762cc8c35931b5674d","first_seen":"2024-03-24T18:07:06Z","last_seen":"2026-05-30T03:35:54.954321Z","times_seen":1203,"resource_available":false,"data":null}},"time_used":644,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":644,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-3fd6aeb4.ba19ca45.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-3fd6aeb4.ba19ca45.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\ncontent-length: 922\r\netag: W/\"922-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":922,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (922), with no line terminators","md5":"3701036a35bcea856e89f00d36781e8f","sha1":"b63d63b209ccc2d1402c31a15d1d83edfe17d7c9","sha256":"a1e235f84b6314672b83a7044c2002663ee3a911f57b6d40232c5a0677b4bc32","sha512":"704ff416fa3d339a2677f78c0648d1991b282fd126cf410e760f7268dcdcadd45e77cc9fddd37352fbd6bfec16b25b97fa60c12c3a07bff3d1bca84c13f91903","ssdeep":"","tlshash":"04119e73a125d932e9332d77674494def19188e2e6428739bee7690cc08eb539621304","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.321503Z","times_seen":2105,"resource_available":false,"data":null}},"time_used":653,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":653,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-6ea8c126.3ecf88fe.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-6ea8c126.3ecf88fe.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"3338-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3338,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3338), with no line terminators","md5":"1bc5b8235f9e8d5bf3961279423cf630","sha1":"466627105df20f8e829d3db72a2617802b7b265a","sha256":"cc7c2d00d52891b7af0ae290785d54f087c4f61951893b7c7fd8c869f7a8047f","sha512":"a2c17506a8e46344978b7955c1c162a6fdb844d0ec51fce021c04aee33df5d44cae64f10a7a6bf5ec295a1210540e5b82c1f7e79b9d89aa14dc29e7531cd81ca","ssdeep":"","tlshash":"766110382130361c3b37922a25c8f54e2619a9e5f18995c9ba98c42f4edf769dcb0263","first_seen":"2024-02-11T04:26:48Z","last_seen":"2026-06-06T14:40:04.508224Z","times_seen":6672,"resource_available":false,"data":null}},"time_used":421,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":421,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/activity/lottery!getCurrentActivity.action?lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /wap/api/activity/lottery!getCurrentActivity.action?lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":224,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"78e5741d0f48875acfa60ce3abc5bd11","sha1":"7f688fc4e03cf5e526a364ce11df4e80a042624c","sha256":"5df3075bda3256e84e98933f2fbd7073a5cefbb21ad00554961b1bf8c239e869","sha512":"c53706584f99a1aa518c41c3a60cbf909aa6595ef9f6ca6460f3bdea6f7a7196433c714f417a025492da6e93e916ae81e56baf320333c5d748d48588199b44e4","ssdeep":"","tlshash":"b0d023e4165c7890c35f83c517ed71154d1db526446b163d2d1dde9481347a57d10c75","first_seen":"2025-04-07T10:59:20.436022Z","last_seen":"2026-06-06T14:40:04.295554Z","times_seen":197,"resource_available":false,"data":null}},"time_used":571,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":571,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/selle/2023-12-01/0b121c30-4d55-46df-92cd-e7e79fed7a83.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /selle/2023-12-01/0b121c30-4d55-46df-92cd-e7e79fed7a83.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: erNhDEDnkXScz7FlPI5G8MC2S38oHuX8ehPoQ2HHLuDrZKV7B1diiIAJfnLviqW069Fn1KWLotGJngEB+lyS1A==\r\nx-amz-request-id: JWRSEQT2J93BPP1D\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:44:49 GMT\r\nETag: \"097d83a8f1d7e6cddb5185b4a4ba2535\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 268274\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":268274,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 960x1280, components 3","md5":"097d83a8f1d7e6cddb5185b4a4ba2535","sha1":"ab81671e01e6eba67a4a834fa72186151180e0c5","sha256":"0ebd81023c36c931438eae38509e5b57f99193ae7b3441fc53f4001596980a4a","sha512":"c42e6a86e572eda0c00d6aa31142246d151b0e43748c4854f1cee9b6b492a38d5a982b841afde99c97dd641846fdb8333c355929821e5cd41cb4d62829f5c854","ssdeep":"6144:0AX0jPj12+Y21EFnxnB/NZZ85wy7z2pTEabsv:0AX0jb8r2mnxBVZZawy7zoTEabsv","tlshash":"7f44235a4bc2f0a0ee7eb221cc58d94d32c7f8bca05e985917461c6cfac90dc5a5366b","first_seen":"2024-05-25T22:56:10Z","last_seen":"2026-06-05T23:30:49.738896Z","times_seen":926,"resource_available":false,"data":null}},"time_used":680,"timings":{"blocked":460,"dns":0,"connect":0,"send":0,"wait":120,"receive":100,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-376ad29c.cf3ef494.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-376ad29c.cf3ef494.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"21435-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21435,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (21435), with no line terminators","md5":"347e7471c06e54b272c94be9c1ad23c2","sha1":"c861e89f40823ab23cd3f71a14bb2146b4848c63","sha256":"274d806042475f7c8c017e971f32194339ac1c74bcea70a23a2743af61b3b43f","sha512":"88b410b900b577eaa4f8c0b87fcd9408c26e9234b360c484a2fc205fe3438adb714a0b4a9a12a4af442be36799d6484a98e47a2ae41662c85bfa07730bbca22c","ssdeep":"384:3ZMkIQyEkkeX/pZ25ZC85s8CkC2caIdR2iW4YGrSLjhh+P5/e7R0N:jIZEheX/poF5sVGUqtLr+P5/eVy","tlshash":"e1a208b1b22d223cb937f2691a8156cdb460f263e4568396bedc7325c8c36e36d34265","first_seen":"2024-03-15T18:45:48Z","last_seen":"2026-05-30T03:35:54.799409Z","times_seen":900,"resource_available":false,"data":null}},"time_used":626,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":626,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-55a26a12.7840c12a.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-55a26a12.7840c12a.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:04 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"1392-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1392,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1392), with no line terminators","md5":"eddc635fcf3cb8f345a6c8bbcc9b6036","sha1":"7a3f2d798cb53dffe7cf6c52e071c865d5523bf9","sha256":"e77e73c25992fab28ae631f7d15520056b9106d43b95f0e07d73c49f5b89d984","sha512":"43c604de6411e0e4f6bc49e2bbd34338ebbb33d4b57be4b8f6707e35c5f31ec387c53308175d54075b64d61c6f10261c1b2ed4b4bda60af37255c2887cd02fdf","ssdeep":"","tlshash":"dc21f4f86136523660f3b437286142e67aa8faef51e1a10d6e8a504c9467f025f33c46","first_seen":"2024-02-19T23:01:29Z","last_seen":"2026-06-06T14:40:04.483586Z","times_seen":1365,"resource_available":false,"data":null}},"time_used":444,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":444,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-7c3eed5e.a5610556.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-7c3eed5e.a5610556.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"6412-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6412,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6412), with no line terminators","md5":"0633ee4661855b6bbe621c11916c84cc","sha1":"4c0a2a81e69522697b1cbaa7338158639c4aa12c","sha256":"fac6b26cf761221c13291fbb469530d8d6caecfc22f09faa1a9e562bf15ad127","sha512":"b2441da78e3cf4a5c847805eac6921d852bd2f17db15b012485357a438eb0d41d84c853e8ca0784803fefd8a7315d0426b19bc78f310cb23ca2a9818fa232830","ssdeep":"96:+jWBPlmQKmYqqxrnY1vfqQrFvniDypkpNhD93JlyIqdUPY8:+jGPlmQKd1b8vfqQZiepkpNhh+IqdUg8","tlshash":"90d161b2b5b5426a7d3fe3b822d4e4ac75049551e8629be6fed4d028cbc2ff35410b08","first_seen":"2024-02-11T04:26:50Z","last_seen":"2026-06-06T14:40:04.50503Z","times_seen":5236,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":419,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-83fd3762.bbf1f88d.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-83fd3762.bbf1f88d.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"2267-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2267,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2267), with no line terminators","md5":"8c6c2e32d246f43938c015ddcdeb69c0","sha1":"b6c0900796b2f918e95196d1deec6b6bb23de45c","sha256":"2286584045d499c3f6d7e0178051e8cee89b1e36412f7e91b095f677e1b46c73","sha512":"9bb9bf502e8cfe654b271eaa74dfbc90f633cc0ffc25cd2811f89643b603d79584fc1396ad80f23b84cf54beffa20f21ab81a34c3f799d0b7b6cda721418feab","ssdeep":"","tlshash":"5241c0737065617ad9b3e36972419ccc7a81f243e3b352f8fe95e43c89c2aa2193019d","first_seen":"2024-02-11T04:26:49Z","last_seen":"2026-06-06T14:40:04.440992Z","times_seen":6380,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":431,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-2d216994.5990b863.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-2d216994.5990b863.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:07 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 242\r\netag: W/\"242-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":242,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with no line terminators","md5":"1848a82b0051355113b7ba2c4c8c3a45","sha1":"3a828b0a984048ed553f470fe2e1c9915eb6a61e","sha256":"5576e076d5e45c201b5f124f80daf6f7120812f9a0d236389ec35252e09f56c7","sha512":"305eded87b4f006d446a1b1a97050189eeab13e19a9685b24e2438fe087f7a167d4494389ec80b96fb9430f654a7ad34611b554367760563a14506b7cc0ba7a2","ssdeep":"","tlshash":"f5d09566b0117c55cd27310543bb5323382f141b0ecc105013a046ec313671b4106dcd","first_seen":"2024-07-21T11:22:09Z","last_seen":"2026-06-04T08:04:17.095576Z","times_seen":1558,"resource_available":false,"data":null}},"time_used":556,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":556,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"zhuzi-tk-mall.s3.amazonaws.com/type/2025-12-05/c8c9ed18-4a3d-42e8-8839-e6aa30867d5f.png","fqdn":"zhuzi-tk-mall.s3.amazonaws.com","domain":"zhuzi-tk-mall.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"52.219.184.49","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3-ap-southeast-1.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 18 Nov 2025 00:00:00 GMT","end":"Sun, 01 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E2:2C:8D:84:29:A7:85:5C:5A:25:EF:75:23:F1:7F:09:73:A6:95:89","sha256":"B2:03:A8:4C:C0:84:F7:98:2E:76:5B:2E:DA:61:EE:81:14:BE:97:B6:D6:E3:81:4F:88:56:AA:E5:68:30:06:3D"}}},"request":{"raw":"GET /type/2025-12-05/c8c9ed18-4a3d-42e8-8839-e6aa30867d5f.png HTTP/1.1\r\nHost: zhuzi-tk-mall.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: SU7JSrdYJugckOU51QIoq7AvBTno2O6FiByIf0kgf9Cyal/U+m8kr8CHZQxuPA5ep3tJ3nDj3XE=\r\nx-amz-request-id: JWRX4NTXVVPFBREZ\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Fri, 05 Dec 2025 07:59:28 GMT\r\nETag: \"5a8141a1e3f9ae20e358558f847715f5\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-meta-myval: test\r\nAccept-Ranges: bytes\r\nContent-Type: application/octet-stream\r\nContent-Length: 204466\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":204466,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 704 x 314, 8-bit/color RGBA, non-interlaced","md5":"5a8141a1e3f9ae20e358558f847715f5","sha1":"f7be50d3868c793818255a6094e78053690db2e9","sha256":"620a101a1e114bcc50bddbec1e1bbc157276a7d86918c943589c479e1f824d24","sha512":"bebc62defc949b0295bbc48717a43e974dab98b90383e568eea78e58a503791c8c87473af26443e43eaf9154bdf4e4fa0ab7ec18b37b6d289ea454b3ece93a54","ssdeep":"6144:6n2eIy8lDUjZw6TiGDMkl8T4Ax0DSOyYl:6n2CjZnRi4AxeXy2","tlshash":"b61423bdb2efcc1a21695ad1d4719b7ce7b85db0d448343803714296cdca53a6ff0928","first_seen":"2024-02-11T04:26:45Z","last_seen":"2026-06-07T01:37:39.233148Z","times_seen":5012,"resource_available":false,"data":null}},"time_used":3096,"timings":{"blocked":823,"dns":91,"connect":354,"send":0,"wait":382,"receive":1066,"ssl":378},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-13770fec.f7ae6284.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-13770fec.f7ae6284.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:06 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"15210-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15210,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (15180), with no line terminators","md5":"dc743418f98bb0173a8452eae09ae232","sha1":"171143d5679ead1df6d18ea6fcdf80ceb510cd7c","sha256":"3a8caabacd13e98dca55687c0c57c2c375f66b71fd356f97df52de7045cf22ab","sha512":"6fa7fe168025286fb891e3cca2faa05bf95d8b0f6e24897b41c3cb5796808808041003a84e91f6c7f909a9fed3c3647808b6ccd5e19361262a23ea2b06a4d3ac","ssdeep":"384:eXe2CRNgwJ3INfAKA5kzqXbFk56MoswZRL:eXe2CRHIOk5kRL","tlshash":"706218122185b44e9b764172316621a171653ac6d40df0abb3b8edfe36d9c18372fb2f","first_seen":"2026-02-26T14:59:42.100946Z","last_seen":"2026-04-08T00:27:57.179488Z","times_seen":8,"resource_available":false,"data":null}},"time_used":644,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":644,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-20642326.d4dc374c.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-20642326.d4dc374c.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:06 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"28614-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28614,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28164), with no line terminators","md5":"227866702956209a8fac0d0b3460ac6d","sha1":"457c77a2ab9b8a3f46ada1d4d5f6114af5f2a509","sha256":"244b59808964b1f314f79e8879f856735bfb17a79dfb82e3b59d8a9fb746b560","sha512":"081d51c160a7cba36f5d547eadf8c24f832f772e47e5308c1a7002baca093b51ab49436ccba722c8278d9d33cb4bf041cf33423f02afff03ebb6a185d03916b2","ssdeep":"192:PhAyGEERrGbMOYdQlAybj2h1LyIvP4eR1X2mKNASDnyHB3VbXgPnD3TpLmV4b5OR:PGyZERslT32rRvFR1GNw3VrgPnk4QdH","tlshash":"9dd2d74e72a03c8a131b4261745f2651a21a6165740e90dbb7bdccfdfb9cd245832ffa","first_seen":"2026-02-26T14:59:42.103342Z","last_seen":"2026-04-08T00:27:57.26909Z","times_seen":8,"resource_available":false,"data":null}},"time_used":586,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-21ac68de.9bb1e14a.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-21ac68de.9bb1e14a.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:06 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"27323-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27323,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (27281), with no line terminators","md5":"217bb863bf1cfa93a794b0512ae21ee2","sha1":"89b299460b3ea2d5dd57624bdac744a0a4f33039","sha256":"b56a48d7bb672673e8d574f3d40dddd8922c3e9276b7d034e736af621fda40e1","sha512":"a09143b6ea8397ba84806e1adbf2b6cc45537f7dc723c687ac0c5ae710b29d354be78cafac3f0d74207bf531a888564db5e9dbab447d09b085b69f55d9fbaf5a","ssdeep":"384:9FJ1G5vS5oQ6FxwWajeIN6WwQDPQjug5BNK6lRgSmJ53vzLs:9FJ1G5vS3dWceM5p7wNK6lRgSmPs","tlshash":"cac2072a3246202859631fa453df0b09f33661c564264988f3ada5c76f6cd6e31bbb7c","first_seen":"2025-04-30T11:42:45.774152Z","last_seen":"2026-05-30T03:35:54.854172Z","times_seen":267,"resource_available":false,"data":null}},"time_used":606,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":606,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-2ca3e678.a6f8aa28.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-2ca3e678.a6f8aa28.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:07 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"31832-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31832,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (31832), with no line terminators","md5":"15abf177ef363fae3186b1fc0a83759a","sha1":"9c12fce55ed289d0198da04313e150dbe9ee34c3","sha256":"21647f13b7cee4cd97d9ce8bd32e5068bb6a21062d47c05aa276a43ce03ffbe6","sha512":"eff5973a155cc0140fd4d2b54c31b2d903fc04b540b15213629815473db985bc9950375ceda62650717d6e8ed02a8366d9d0b20da2650b333f82f2cf052c3b4a","ssdeep":"768:DuoZ5rMkR8Fkzhm0IxQJt0SXuq1je72VE2+5z:DuaCxQJtFXxjeSn+5z","tlshash":"00e22a4f60a9adb8c88e2021701962397475ab95f04688d8b7bcceac4498fb4735f77d","first_seen":"2026-02-26T14:59:42.106609Z","last_seen":"2026-04-08T00:27:57.274399Z","times_seen":8,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":584,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-41aebf37.08e724c5.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-41aebf37.08e724c5.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:58 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"14132-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14132,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14124), with no line terminators","md5":"7db22ec6ff7aa1608dbf6b1f41c86406","sha1":"5034b2ccde94a8f1592a4ec80c4ae95adc0a5eeb","sha256":"68ee420cbf18493f2da23bdf5e6b536f701cba369dfdc0e2c5f9a34fdbb2fc59","sha512":"5d1c0699ad6947fb5a7466860675da639bdad0b642c0d40743e8f1541542ab46d975e26bc61244002694433ae955aa26d8d615a95fa6c2ab9565ff3aeb75bc8c","ssdeep":"192:4zCjfAcMsHsuDmLDYRRHEX8bMuMOO0L5xq/cictjAfNeNF/BPsGC8jd:5fNMsHfkX8bMKdmmvPXB","tlshash":"d15283e6c470a4bd895a92722045f1e0fb643a28d006514ffa7cec9a72ed424332e77e","first_seen":"2026-02-26T14:59:42.10872Z","last_seen":"2026-04-08T00:27:57.203995Z","times_seen":8,"resource_available":true,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:59.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /wap/api/syspara!getSyspara.action?code=customer_service_url\u0026lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"6e1a35fb2d546ea9abd621cbb5d4f0f8","sha1":"6f59e7019e497c2599fec9e12d75a7881b323202","sha256":"acc150811afe0691ce1d1d0ae9287a9375b34c88f26cad6cd2dea551eb8ef700","sha512":"972a5ff54af1bad790a031976f27b590fae1b6d9bc95cd19db5cba9bcfb502317c95568b21102bc8cf7c79a975fee424a48547da6efafaa65ad5bb090e349125","ssdeep":"","tlshash":"5da01203164c0436015390843c1d3804895e306348d09a10eb446a5000a90680400c25","first_seen":"2026-02-26T14:59:42.030265Z","last_seen":"2026-04-08T00:27:57.135019Z","times_seen":8,"resource_available":false,"data":null}},"time_used":991,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":991,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/d8d17705-42b6-4aa5-ae9c-82d7e8cc7bdd.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-04-14/d8d17705-42b6-4aa5-ae9c-82d7e8cc7bdd.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: cp90Dv64MOvZ9ni5PUYxyParJOwk7FZhK6WBjkJCP9dzBfnWOEKWEOQPQ3qB6AyjZFoPUo04LWBoWEXKVoNlUmP5vx+a58UD\r\nx-amz-request-id: JWRJ8DGKXVNY14YG\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"1e463b0bfc58cbe93de38ad62f2ac7ee\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 21173\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":21173,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"1e463b0bfc58cbe93de38ad62f2ac7ee","sha1":"ae83334518cc12da8587ae98f78a5dd7de9b7a98","sha256":"de1fc345b3fe2ed5fbac321243e8814cd39a37a5554fa0d6b665284da90a6e28","sha512":"e29d51e79e7609dd12e1477a117b2af83259505557ba520681172019687275acc73b92129559a74a03b0f5fdd649c169f5301acbab3c599515ff1a89c1cc4afc","ssdeep":"384:ADUu/oKRfXu/25fNvZ4ZpZKbPzjApEZWZ7CJTa/kKfwu:96b9fNvZDfAEWjvou","tlshash":"0d92d01ded906352d745e472b7e7daae1d0c09d8a31c98286af1cc0b98363193f774c6","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-06T14:40:04.507733Z","times_seen":9401,"resource_available":false,"data":null}},"time_used":1148,"timings":{"blocked":1031,"dns":0,"connect":0,"send":0,"wait":116,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mall-test.s3.amazonaws.com/test/2023-03-28/3cba5c51-596c-43b4-bb0f-801b2551a36f.jpg","fqdn":"mall-test.s3.amazonaws.com","domain":"mall-test.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"16.182.34.17","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-28/3cba5c51-596c-43b4-bb0f-801b2551a36f.jpg HTTP/1.1\r\nHost: mall-test.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 9zReXNDSigKG9gtK5EoV4BW+jX1Yg9DhODevGaWANfgKGPPhZSQPZygdVzsfjsoDHTD6/tYn8Nc=\r\nx-amz-request-id: 7RXFF8AFZ6FXKRJJ\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Wed, 22 May 2024 20:48:38 GMT\r\nETag: \"d08309c8a906abec10902eb9239abe8c\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 96181\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":96181,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1339x726, components 3","md5":"d08309c8a906abec10902eb9239abe8c","sha1":"aeda5384b198a7af5ef2e0b674dee8b5c8e9cd19","sha256":"56c0b42a383410b485eea554fc8466494ff737bb0ba87173a3d96078572e767c","sha512":"4a5eed14cffc98e81ee7c0c244ecd0b818e296d0f91384b50f84f6eaba25c4e0d9377123d66cf882eac33ff1cba8abe1666fc2b9be26d2d36bb5f45176b44f66","ssdeep":"1536:8187L7QI5Bqn/gHbTCESOzFpIqtIhH5v9TKWs73I4m7dR34F9ncu:j7QISInlppItH5lu3Gx1WCu","tlshash":"229312964b888a58c07c2a7e84ce130fb9b1ff14b511724b9bc116b87fb74da98ddc51","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-06T14:40:04.374135Z","times_seen":2423,"resource_available":false,"data":null}},"time_used":577,"timings":{"blocked":466,"dns":0,"connect":0,"send":0,"wait":108,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"diwkr.com/img/right4.6d5f23ff.jpeg","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/right4.6d5f23ff.jpeg HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:01 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\netag: W/\"4704-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4704,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x152, components 3","md5":"6d5f23ff9ecb9724c07b2cd1541269f9","sha1":"5e750c426346b1fc8fb169ce8539ac98a13614b1","sha256":"52e08b3d2f52fb6b3ae31c2df98abd68fcc703e02f2fc21b68743f5f0f254d1c","sha512":"4a3cdf202ec25973c245ca77c96782ec1b6b9402dd6fe9d654dd3696b2929a1f0d2d3ad76d63a40998685fe0debf4ac2b66c742307b7f8a8040e386e64c72eb2","ssdeep":"96:Wh+tAiYHAua4Aqt9u4F3DRBfO18AB/x0qaZIPdwR3ODcpOfxukRbnCRTVMfn:E+tEgBvEwgRyHSIPmR3OD485hn66","tlshash":"43a16e9acffa688fff121f7ab124246975810e026a01aaf344014d7a7927c318743596","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-05-30T03:35:54.869006Z","times_seen":4712,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/img/right8.b1412bc5.jpeg","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/right8.b1412bc5.jpeg HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:01 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\netag: W/\"4948-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4948,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 242x152, components 3","md5":"b1412bc5ba0e763ff23aa08e3edfaedd","sha1":"d47b7b57f0147304de91e48497863d4bc90f2582","sha256":"a787935def85b5205fd886da2128855c877ab64a61755efee88d38c3f53d8b26","sha512":"d008c03d079a300f48904ce78873596b45e8d763f410e1707961ffdcd8786c57d2c78e9b191f42d50fba60009c78b843cdd0fd8cf4d3faac2c3d913c9cba0c5b","ssdeep":"96:Whjfa1ZcZcf9nqATAMmrGxCMpAdWWxzq/SVbFNXJakuuHcPL8z1UlmXexHgvMjH:Ej8Zbf9nXTYMpfWZbFNJuu8PYz1LOxHv","tlshash":"a4a17fcc3a345e7bff2491b3768b17391718092524bcc37921aa2e2c3e0ed704869d67","first_seen":"2024-03-15T18:45:45Z","last_seen":"2026-06-03T23:39:34.548481Z","times_seen":4716,"resource_available":false,"data":null}},"time_used":604,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-2b19c21c.0e701f5c.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:03.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-2b19c21c.0e701f5c.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:03 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"2911-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2911,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2911), with no line terminators","md5":"ccea655bea4bc170e3aaa0f2f26510ee","sha1":"1259c05c03dfc98dc7f24d470689316ce0bd9141","sha256":"0417838141e75f770427672acfbbaf935e495175cc8431d1a95ff1853902dcf7","sha512":"861aaec4e19464a7f373e1627ff2e2e21060a291d64b39290946344f1ddd72d89cbfcec2245f553ff1933023db5dc0d95c6374859c8eb768c69e9a3220c8afff","ssdeep":"","tlshash":"e851d0523a4d7619913bf2a8f5c1bd8c32a0b1679353d2079ecf5c199cabfc2352da48","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-06T14:40:04.504296Z","times_seen":1032,"resource_available":false,"data":null}},"time_used":591,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-7683130d.3c5f53b3.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:04.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-7683130d.3c5f53b3.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"16198-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16198,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (16198), with no line terminators","md5":"75983192dce0b51dec90da3b3fa32d0d","sha1":"3af0ef3661a45772a908035cb9ba9993fe802bea","sha256":"5f7232798bb2b19d1a1f24809955f50507a9e26f87e4de4d0af6babe518e3a65","sha512":"447e300d3c34082f8a828824acbeb6dbd53a9f4464832a6fbe41bcf95b34b6cd358f4a5fc983c65a1e69043c8e77d72e74fdb0041a83409fb54aea6323fa5cde","ssdeep":"384:Ox25s8CkC2caIMX5s8CkC2caIIsncjUdG:Ox25sVGU25sVGUIsncv","tlshash":"86720bf1f530a13eb897647931849ecf7844f909e1f696a6ee84b62dd0c65a3273834c","first_seen":"2024-03-15T18:45:47Z","last_seen":"2026-06-05T08:23:29.891509Z","times_seen":3235,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":427,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-00cedfd2.8f150f8d.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-00cedfd2.8f150f8d.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:58 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"15265-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15265,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15265), with no line terminators","md5":"11f60147d8796f6436c06308647b75fc","sha1":"522ef36c32786be1c3c88b83af4e5913b6b67f8d","sha256":"7bfe35715295721a15f555752a9f763dd55c7958d90ef07f990fabd089dc5684","sha512":"dc91ab2d155be7bb692870dce4214f4e67d674e3921155b72a19a6fa92e02b3d2b02bb55222701188039e83e0b1e21a0259aa679ea9c22da43fabe79e15934ab","ssdeep":"384:i5s8CkC2caII41+qFkV0vD5rw/CVFcjTK:i5sVGUI4EFaDm0Fc/K","tlshash":"5462d87375a0a63ab6b7967931d4a4ce7063e923c15782bdbb49e13cc8c7293163134e","first_seen":"2024-07-21T11:30:50Z","last_seen":"2026-05-30T03:35:54.794726Z","times_seen":641,"resource_available":false,"data":null}},"time_used":605,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":605,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/img/zd.06c37b29.png","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:58:58.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /img/zd.06c37b29.png HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:58:59 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"14815-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14815,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 656 x 500, 8-bit colormap, non-interlaced","md5":"06c37b2934ebf613a10a10d05bdc427a","sha1":"24365d9b433b3e5c56841ce9f9ee4f054a7f829f","sha256":"9f30277af966a7d3b4d80ebb5e842a764124b8c66da840be67a77ceb2ff377e5","sha512":"03e8f1da58f268023f87a951837d25f58cc1e9b5e81eb22abe08d7bbc6f13eee7e190b14178b81b4ae64741afcbf2fc05f96d4e131ede92408762a28622300ad","ssdeep":"384:u1tjDkG2Y0F9VaSfhgcd9HcdzVPbZRv5pRY8EXCu69/:ufPk9Zd98dzVP/lEXCv/","tlshash":"ad62d06aebb7fb0ae139307153808d26ea6d068b052f044f926cfc9cc639731bb55c95","first_seen":"2024-03-15T18:45:44Z","last_seen":"2026-06-03T20:19:56.589463Z","times_seen":1365,"resource_available":false,"data":null}},"time_used":1001,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1001,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=0\u0026lang=en","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"POST /wap/api/banner!bannerList.action?pageNum=1\u0026pageSize=8\u0026type=pc\u0026imgType=0\u0026lang=en HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nOrigin: https://diwkr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:00 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f2982955040e03da061e625bb0bf375c","sha1":"20181528c67d8f347372b93f90d96e7d6c3cfd0b","sha256":"aa16d955b045de5c2728a37653d3f51d5f24f6e43879c0214e7b015079356608","sha512":"503575abcbe6db127825c8225d96bc0142d885aa83f74e8b5558ede44b0668ea953ffe7d3087c4d55b98b8550f776ebce4c989e93d571590ed8aa03789e88bb0","ssdeep":"","tlshash":"b49004403c0d1c17040fd545f44c3540455c315307d4c7300d4c5730415f1753d04570","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-07T01:37:39.211997Z","times_seen":7298,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":570,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/css/chunk-a9f88638.585206f9.css","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:05.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /css/chunk-a9f88638.585206f9.css HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:05 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"7108-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7108,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7108), with no line terminators","md5":"a92df02183518f1335484a856a1bc3df","sha1":"86ecce3175020b4bc9dc98eaa7126ba5ad9e2e5b","sha256":"80bd4f236b99085bb88c4c1fb2767dc81df964cddb44e30ad9ee96038dc5f9cb","sha512":"052562933ff5a39c23cf2fbc2ead1c6b3c1b24b787ed4488f6ad1582e74996e56deb666c0ac4c7bd4db9562284ad4606ced305e8a3de936d414015d4b2954b20","ssdeep":"96:GXz4UsG8OOOOOOOOOOOONaHYUt0bgCusCoG5YNDwTsoQiEbLGVk7AtWA2WyUfSWd:Iz5sbKYxgCtCowY2duLGm7AtmIfSt5Xe","tlshash":"ebe11af6a036e129b67bd2b971b065e97410d912ecc783e9b644762cccc3293275274d","first_seen":"2024-03-15T18:45:48Z","last_seen":"2026-05-30T03:35:54.819696Z","times_seen":1201,"resource_available":false,"data":null}},"time_used":448,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":448,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-2343ec85.5ac0e092.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-2343ec85.5ac0e092.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:06 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"14652-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14652,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (14424), with no line terminators","md5":"fbcabe7b0be34ec20f79d422ebfded60","sha1":"0a71373e5c715c01cde09179b55c1d81f12fb365","sha256":"857182ad643a7d4fa9048bc0124e1cc7ea41216ed2156a0f0d4e36057db1a6fb","sha512":"3f6c8777987f6b5cd8d37289071175b9cb181a60a0101e0788eaddb2e018c22118d6f92dfbfa4667b58f78f4fdf4e2712a7777483e451b93520862d307fbf50f","ssdeep":"192:aGeqs1RPDWzU/q+1mruvgKHoBUsnyHZHJV6QXfZH+00Ma7YHNKnZ8H:js1gzUxArkHotuqQXf8OpHNKZq","tlshash":"8b62c88222ba385e5756214330eb2580a17296a5680e94eff13dddf6b3ccc247d27b77","first_seen":"2026-02-26T14:59:42.118099Z","last_seen":"2026-04-08T00:27:57.188105Z","times_seen":8,"resource_available":false,"data":null}},"time_used":612,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":612,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"diwkr.com/js/chunk-2d216070.874c7d25.js","fqdn":"diwkr.com","domain":"diwkr.com","tld":"com"},"ip":{"addr":"45.152.66.68","port":443,"asn":139659,"as":"LUCIDACLOUD LIMITED","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:06.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fa1ce1book.bhbwd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 12:21:39 GMT","end":"Sat, 23 May 2026 12:21:38 GMT"},"fingerprint":{"sha1":"0E:86:D5:A1:57:06:EA:1E:EF:8D:C1:46:7F:6C:F0:4D:CB:C5:70:10","sha256":"1E:11:A3:65:F3:91:A5:35:CC:8A:46:96:95:47:3B:A6:89:A9:1A:15:4B:97:C9:22:74:17:82:D6:3A:54:71:AD"}}},"request":{"raw":"GET /js/chunk-2d216070.874c7d25.js HTTP/1.1\r\nHost: diwkr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Thu, 26 Feb 2026 14:59:07 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 653\r\netag: W/\"653-1764918990000\"\r\nlast-modified: Fri, 05 Dec 2025 07:16:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":653,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (653), with no line terminators","md5":"4025de175fb75d10042b2942b60a724a","sha1":"2e1e0f9bc0799199f2a3113513a05c25dc3e3fbb","sha256":"d6e3dd1ecacffdfc085b9e2844282028831e26e4cba43d71002b73a90a4b9214","sha512":"90f3d94b27b7749efce6483c262f8a1549d519a39474732b30dd9fa8b1771d7716f711a49df4cbd57a88e6f0f0aaf70e046bcfd9d8e0529deadabdf136b74b55","ssdeep":"","tlshash":"a6f023be2052fc094a2c3185eb6613d352482c477b8ec8e87f21c4d1206da5b4060fce","first_seen":"2026-02-26T14:59:42.121519Z","last_seen":"2026-04-29T13:38:41.704141Z","times_seen":13,"resource_available":false,"data":null}},"time_used":557,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":556,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-26","alert":"Sinkholed","trigger":"diwkr.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-26","alert":"Phishing Block","trigger":"diwkr.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Facebook","verdict":"phishing","severity":"medium","comment":"Resource associated with Facebook phishing","tags":["meta","facebook","phishing","social"],"meta":null}]}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-03-29/40488675-237a-40d9-b2d3-e5d53b0e6455.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-03-29/40488675-237a-40d9-b2d3-e5d53b0e6455.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 90KosoPuv6L2E1skByJup8LnlV2aJOFspX/JqxNDNLY2d/rMVKru1US/emhU8ndo6/Kxl2SzkAs3C2AQZ8kSTA==\r\nx-amz-request-id: 7RX4SFDCGKCDWFZ7\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Sun, 01 Sep 2024 17:37:18 GMT\r\nETag: \"a5941f987a0fe015714bc8b8cde4baff\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 44216\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":44216,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 500x500, components 3","md5":"a5941f987a0fe015714bc8b8cde4baff","sha1":"88c88146f9813942943df5777e08d4486db3040a","sha256":"41da4ebe3b85b5ca006db2a633baa60593618feeb72f3db99e110d74e1cbd918","sha512":"937d3c4add07ef443e201c34e73eef5cf558a781c5112a81719a989e4ff4c2cc29f2bf35739cec929988409694a4518fe862820b2fb6c18d71b4195954700628","ssdeep":"768:GTRG9BPKCHP1oTrfNz7uVdkyQ5CmHjrYaBsDTtk9GbLf+H:GT8QgP1oTzB0dkyQ5Cm7Bs/u9+CH","tlshash":"52139d478e489f835014d3fd3e079e6d6b891b0c59893aef19b31eab3f216521c8e54e","first_seen":"2023-11-07T02:37:43Z","last_seen":"2026-06-06T14:40:04.325591Z","times_seen":9841,"resource_available":false,"data":null}},"time_used":707,"timings":{"blocked":245,"dns":0,"connect":102,"send":0,"wait":121,"receive":95,"ssl":134},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/type/2023-04-14/a8ed7145-c86e-4506-8da2-b8b27f610db4.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /type/2023-04-14/a8ed7145-c86e-4506-8da2-b8b27f610db4.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: KWrN4KRGPBQMflmyWUIeVlov8CvbdjTqFQnXwILraMq5Zb1IkaW1cmEb2bWMjBSDXCzhoUbRMbaz7De8OIY35A==\r\nx-amz-request-id: JWRPX2H9AB168CC8\r\nDate: Thu, 26 Feb 2026 14:59:02 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:34 GMT\r\nETag: \"d88ae54a30fed8843621233e2c13698c\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 20191\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":20191,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3","md5":"d88ae54a30fed8843621233e2c13698c","sha1":"9fa542e8677ab97712a7fdc7e1250e36536ec3a5","sha256":"dbe475f26aed9df934e9dca6ef2115b5d0968f312174dfecb9da3ddd3c9640bf","sha512":"606629525b62e056825a3dfbd8ca45e0f84740cad1cfa79ee8dc3e7a34658e951b3aa72bc8bdf276c294912a38d839dd6c2f864791c9038dc395b7d12d08385f","ssdeep":"384:EUsqD+1BG8DGQZl9Y4PyXpFmx82oEu1W3454xOKeq0ooJRImy+90lh:5V2G8RZHP9oEt3454heq0dRI1flh","tlshash":"fa92d1e1ad0a233de68685f6b7f6e2b304f412919bd19d3b53730c858d88261de396c4","first_seen":"2024-02-11T04:26:46Z","last_seen":"2026-06-06T14:40:04.34819Z","times_seen":9788,"resource_available":false,"data":null}},"time_used":1084,"timings":{"blocked":964,"dns":0,"connect":0,"send":0,"wait":117,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"imgtest1.s3.amazonaws.com/test/2023-03-11/c5a63bc0-28ed-4a64-9e72-b58af5897c43.jpg","fqdn":"imgtest1.s3.amazonaws.com","domain":"imgtest1.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"3.5.2.1","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://diwkr.com/","date":"2026-02-26T14:59:00.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Fri, 19 Sep 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"48:FD:CD:50:85:6A:51:E7:71:E4:CB:E0:03:81:E1:EC:4E:AD:9E:C7","sha256":"D7:11:81:F4:91:03:0D:C6:A5:DE:8A:EF:AA:58:14:BA:AD:33:B5:11:8B:D5:F0:33:53:8B:AF:49:82:E9:4B:A4"}}},"request":{"raw":"GET /test/2023-03-11/c5a63bc0-28ed-4a64-9e72-b58af5897c43.jpg HTTP/1.1\r\nHost: imgtest1.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: Cqz3+oC4Em1iwrs8gjTsTmlVDFGjndSEEpApxL0ZskWGKPdP2gMFOszqkp5jETvtozCd7jAPgJcfqaReimZ1veGyGwj1Ph7J\r\nx-amz-request-id: 7RX72T56T06K8NED\r\nDate: Thu, 26 Feb 2026 14:59:01 GMT\r\nLast-Modified: Thu, 23 May 2024 01:50:10 GMT\r\nETag: \"d85cdd88cbe7726f1f354bedbb0e0705\"\r\nx-amz-server-side-encryption: AES256\r\nAccept-Ranges: bytes\r\nContent-Type: image/jpeg\r\nContent-Length: 113686\r\nServer: AmazonS3\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":113686,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1258x1333, components 3","md5":"d85cdd88cbe7726f1f354bedbb0e0705","sha1":"99a01bf50cfb668fd087bf30fb597e44f542c8ad","sha256":"0dd206e3bf18b10a0aef408e1f7576894ea0e4b5a37098b3c13df3ca89622975","sha512":"15a88ef4e0751ba42bd64868162e830d7f7b37661438640dd9104ba9589f2595c531d4124d6f0bff37db1b0e44871eb91cc1f28dfd1f27975858bdb5bbb8d92f","ssdeep":"3072:6NE2h6L9TpBzUbO91POsKx/vQzh9wG3+V9BXEJ:6Nitd1PuxnQd9wsQ92J","tlshash":"43b312cadb8f23d1ed8b8179d60146b2735f27ea167863fa0b616d763a352c110cf458","first_seen":"2024-02-19T23:01:28Z","last_seen":"2026-06-03T23:39:34.513907Z","times_seen":7618,"resource_available":false,"data":null}},"time_used":874,"timings":{"blocked":662,"dns":0,"connect":0,"send":0,"wait":116,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}