{"report_id":"038838a7-381d-4c45-94b6-0eaed6bbcd7c","version":0,"status":"done","tags":[],"date":"2026-06-17T21:02:30Z","url":{"schema":"https","addr":"tenutaaurelia-fr.live/","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"104.21.91.108","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"title":"Default Web Site Page","dom":{"size":6946,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"432b0c18af536bcb5827481b72c35596","sha1":"ed400a95302169b44f2f7a2d249632e670abd74f","sha256":"de81319bc1e4de45e3f531d69af1bc4bd64272bb179f455db53c58218f68a48c","sha512":"60c1c3fd07c953d5d3560b26920f27f98d43a3627ec86a342b50f6db7a5ecf30d0c451c8bd094ab199d7060a9723619375cb9edf297e8e72b4e7eaa95ffcd571","ssdeep":"192:9lYHC+H1U7ydPJq5AtyhhuT9w3y4E9SyJzWl9VR8Q:t9Vlh8Q","tlshash":"bbe10d5b2af300276043a4b56bab7712ab24e043c21ecd543e1c5398df86992cde3b9d","dom_hash":"domhashf766092b73388dfad28e8ada2a02caa6","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"104.21.91.108","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T21:02:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"tenutaaurelia-fr.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"tenutaaurelia-fr.live","ip":{"addr":"172.67.215.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-17T17:12:31.751546Z","last_seen":"2026-06-17T17:12:31.751546Z","alert_count":9,"request_count":9,"received_data":48876,"sent_data":4925,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"172.67.215.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-07-01T10:19:21.054551Z","times_seen":383500,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"172.67.215.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T21:02:08.474Z","timestamp":1781730128474,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tenutaaurelia-fr.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Jun 2026 10:55:42 GMT","end":"Thu, 10 Sep 2026 11:54:24 GMT"},"fingerprint":{"sha1":"F3:8F:C2:B4:11:CB:01:6E:86:D2:F4:BA:1C:25:06:8F:D2:95:34:D6","sha256":"68:11:0A:D1:F7:EE:D9:0E:4A:30:C1:38:83:06:7E:4E:AB:DD:17:89:66:8E:72:5D:96:0A:25:2D:75:33:24:FB"}}},"request":{"raw":"GET /cgi-sys/defaultwebpage.cgi HTTP/1.1\r\nHost: tenutaaurelia-fr.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tenutaaurelia-fr.live/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Wed, 17 Jun 2026 21:02:09 GMT\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3TtZ%2FgWPbIeKTt8hHciJupbdjMg2M6x9vgj5ezl4TFkM2crIDRQnAO12zyp4e7meNYo%2FZhC%2FQ7P92cyjhxzJ%2BkakFAvzHnYHVnrB%2BznpUzCfgOKZiYsbgHhqG9DbIc6FKdOpQTk6T6A%3D\"}]}\r\ncontent-type: text/html\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\npriority: u=0,i\r\ncf-ray: a0d4fe56f9081525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7227,"size_decoded":2774,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"2ee0110b66c75ad7da57263d1236c6c8","sha1":"4becea3cdcbbecc253d8cb244f5ee399bd5ec2e9","sha256":"181ef899c2d3b0e4a83f0ff95fe627df3b998bd0ae982259e671d29c50f2eaa3","sha512":"fcb811a51fb189ce68dfad5a658c511e021af50009442ade1020a69f080b7212c6b9723ec12115b3b6deee627f7c1b5ab2b0da025b1badfdeefc70c8926ed457","ssdeep":"192:LlYHC+H1U7ydPJq5AtyhhuT9w3y4E9SyJ03c6296aS1i:/9LH2rS1i","tlshash":"e5e13e5b2af20167604394f56bab67127b64e043c21ecd543e1c53d8df86d92cda3b9c","first_seen":"2026-06-17T21:02:30.985962Z","last_seen":"2026-06-17T21:02:30.985962Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1480,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"tenutaaurelia-fr.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/img-sys/IP_changed.png","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"172.67.215.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi","date":"2026-06-17T21:02:09.996Z","timestamp":1781730129996,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tenutaaurelia-fr.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Jun 2026 10:55:42 GMT","end":"Thu, 10 Sep 2026 11:54:24 GMT"},"fingerprint":{"sha1":"F3:8F:C2:B4:11:CB:01:6E:86:D2:F4:BA:1C:25:06:8F:D2:95:34:D6","sha256":"68:11:0A:D1:F7:EE:D9:0E:4A:30:C1:38:83:06:7E:4E:AB:DD:17:89:66:8E:72:5D:96:0A:25:2D:75:33:24:FB"}}},"request":{"raw":"GET /img-sys/IP_changed.png HTTP/1.1\r\nHost: tenutaaurelia-fr.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Wed, 17 Jun 2026 21:02:10 GMT\r\nserver: cloudflare\r\nlast-modified: Tue, 11 Feb 2025 05:07:52 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i\r\ncontent-type: image/png\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nage: 4000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZSwbMxCZw1TeDH%2BvCcH0HauE4zgwTVKd8HFGBIupKVOejXuexQDgPz%2BDiykBHzzTVvNHEnNfM0UOyQrIxXuMYoF9ONy1%2FCh%2BOTm3wvoDuu%2Bh3SCVMetY189DtX5WuTSrhvcJKh9vm9I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 2939\r\ncf-ray: a0d4fe607c7d1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2939,"size_decoded":3699,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"ec081653bd4c836483e6d612588d18ec","sha1":"91c7e4cfa061808881575a875741773a949a9e0a","sha256":"b19da51b5e9c9b29cd8523d85d92e99e4812c891c394929c9bf67557f560672c","sha512":"b1cc98149afc9d9041bfc4e91a0990728f3f1a2c944e8819d4b131b60f8a2a03f831e855ce6efd478a651c2dce8fe715645bfe3d59699a442a4a6dc898bb406c","ssdeep":"","tlshash":"33513aaaf91e6c50834215dfa1e6402a2ed1e84e751430b326287afe53df8036a32f80","first_seen":"2023-04-13T09:27:24Z","last_seen":"2026-07-01T09:32:08.281612Z","times_seen":28335,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"tenutaaurelia-fr.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/img-sys/server_misconfigured.png","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"172.67.215.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi","date":"2026-06-17T21:02:09.997Z","timestamp":1781730129997,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tenutaaurelia-fr.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Jun 2026 10:55:42 GMT","end":"Thu, 10 Sep 2026 11:54:24 GMT"},"fingerprint":{"sha1":"F3:8F:C2:B4:11:CB:01:6E:86:D2:F4:BA:1C:25:06:8F:D2:95:34:D6","sha256":"68:11:0A:D1:F7:EE:D9:0E:4A:30:C1:38:83:06:7E:4E:AB:DD:17:89:66:8E:72:5D:96:0A:25:2D:75:33:24:FB"}}},"request":{"raw":"GET /img-sys/server_misconfigured.png HTTP/1.1\r\nHost: tenutaaurelia-fr.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Wed, 17 Jun 2026 21:02:10 GMT\r\nserver: cloudflare\r\nlast-modified: Tue, 11 Feb 2025 05:07:52 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i\r\ncontent-type: image/png\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nage: 4000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eiOQsv58Ph2tl%2F%2FhKPG7d3by3HEobSBjpJQnxiARrsJi%2F4dH3%2BW4l12F82ANz7xL7mSIMsXWZJlO5cSef4%2BqFDxW%2FPWq0A9pTbgNOGNgIuE41Cx6X3wUg2UTrYnn%2BddijqeqScfiT9o%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 3164\r\ncf-ray: a0d4fe607c801525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3164,"size_decoded":3928,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"f79adaf00f83dc9757086cdbe8645ff0","sha1":"82f37b8be7668eab8e1a06de828cb336799c8134","sha256":"944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f","sha512":"eb7db97a73d4fd8ff7acc027582a2564636ee9d92f19365da11ec4c80be62418450fd0b37ed1462d56489c52fa1ab69008b040fad7795151dc1d26ac59293f6a","ssdeep":"","tlshash":"54513b80a9156c08aed83aacb51d109b84003ce5a8372cc480728fffb61e8b36aa55dd","first_seen":"2023-04-05T04:59:52Z","last_seen":"2026-07-01T10:11:56.34588Z","times_seen":44026,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"tenutaaurelia-fr.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/img-sys/server_moved.png","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"172.67.215.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi","date":"2026-06-17T21:02:09.999Z","timestamp":1781730129999,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tenutaaurelia-fr.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Jun 2026 10:55:42 GMT","end":"Thu, 10 Sep 2026 11:54:24 GMT"},"fingerprint":{"sha1":"F3:8F:C2:B4:11:CB:01:6E:86:D2:F4:BA:1C:25:06:8F:D2:95:34:D6","sha256":"68:11:0A:D1:F7:EE:D9:0E:4A:30:C1:38:83:06:7E:4E:AB:DD:17:89:66:8E:72:5D:96:0A:25:2D:75:33:24:FB"}}},"request":{"raw":"GET /img-sys/server_moved.png HTTP/1.1\r\nHost: tenutaaurelia-fr.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Wed, 17 Jun 2026 21:02:10 GMT\r\nserver: cloudflare\r\nlast-modified: Tue, 11 Feb 2025 05:07:52 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i\r\ncontent-type: image/png\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nage: 4000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Gkk1K9KM%2BCRdXFj7U3haW9wRbH8Uo5%2BrhufGMn04LPvlITeFlqQYWEBl7Ep5wdoF%2FkJsf4JHunybJhlc9pWTO9sMz3wviv9A8Vj7d3nd9alSYv0s2DYNlOxHJPNR1%2FOQpwV1Qn4i7y0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 3327\r\ncf-ray: a0d4fe607c851525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3327,"size_decoded":4085,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"f6590a396da81a8e4cce7ca046874ffd","sha1":"7e68db322c32ca079b2c836812d3a25204ab93cc","sha256":"3a22057583d3e17bc94990d92a3425d5510dc5bdb60fe40fafeb405a38f8ed28","sha512":"cf4ae5e172feb6923bfd5ad4f302bf63250f4072774fb29efb0846167ea95d708299047cb18e4c72deffc5d24040a35049d778685f7cf96801ee8d4769a25fa1","ssdeep":"","tlshash":"486139d62986504a264a0c61eaf5ec963065301b28789a3e8527cbcc96c8a9e698c317","first_seen":"2023-04-07T07:55:56Z","last_seen":"2026-07-01T09:32:08.277362Z","times_seen":28326,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"tenutaaurelia-fr.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/favicon.ico","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"172.67.215.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi","date":"2026-06-17T21:02:10.024Z","timestamp":1781730130024,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tenutaaurelia-fr.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Jun 2026 10:55:42 GMT","end":"Thu, 10 Sep 2026 11:54:24 GMT"},"fingerprint":{"sha1":"F3:8F:C2:B4:11:CB:01:6E:86:D2:F4:BA:1C:25:06:8F:D2:95:34:D6","sha256":"68:11:0A:D1:F7:EE:D9:0E:4A:30:C1:38:83:06:7E:4E:AB:DD:17:89:66:8E:72:5D:96:0A:25:2D:75:33:24:FB"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: tenutaaurelia-fr.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ndate: Wed, 17 Jun 2026 21:02:10 GMT\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TRYfaXkb%2BeMUfauPdUG07yrwYwV%2FY4Qj80wOs3an6DresLPSZTaj9fATLWDS4EiwTc7beyyKsahUatYl1yRS0%2FtQEdJ2DWyXdbC%2FqeFzZrdasSt6WhIFzonA3AQ409yjDTwp4srVdg4%3D\"}]}\r\ncontent-type: text/html\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncf-cache-status: BYPASS\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d4fe60acac1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10703,"size_decoded":5865,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4070)","md5":"c8517f639c749f678892133bcef9aabd","sha1":"13df9a10206e903b895c058848bbae9b25d0c366","sha256":"49a7e6a5d0967f79201f5a5c288acb11b5cae4ff51a8cf7f1304267cf63f09be","sha512":"c2609522c2f8b049554ce89fb38d7750a647fd0c91bd662677e87fd4fe322972a35a7f953d7f8f43c90f9b93455de5719f72820547eff1cb7d031530ec66df79","ssdeep":"192:rlYHC0HNXGZkHQU7ydPJq5S2KqQVX/uTK3w3DK+tMy47R/Ga0kVhFuPwf8Pn93J5:FVGaRF8I8GA6+xGi","tlshash":"f922c79b2ae7010b740360b96bea2211ab69b543d12fcd607f0db3d4df465819c93b5e","first_seen":"2026-06-17T21:02:30.988906Z","last_seen":"2026-06-17T21:02:30.988906Z","times_seen":1,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"tenutaaurelia-fr.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"172.67.215.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi","date":"2026-06-17T21:02:09.993Z","timestamp":1781730129993,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tenutaaurelia-fr.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Jun 2026 10:55:42 GMT","end":"Thu, 10 Sep 2026 11:54:24 GMT"},"fingerprint":{"sha1":"F3:8F:C2:B4:11:CB:01:6E:86:D2:F4:BA:1C:25:06:8F:D2:95:34:D6","sha256":"68:11:0A:D1:F7:EE:D9:0E:4A:30:C1:38:83:06:7E:4E:AB:DD:17:89:66:8E:72:5D:96:0A:25:2D:75:33:24:FB"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: tenutaaurelia-fr.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: application/javascript\r\nexpires: Fri, 19 Jun 2026 21:02:09 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dfd8mgLTIEDIJNvRFBsn1eB%2FoyljeBj24dRF5Vxhoaq83fVrnJGPiCHyRwhW4ibD80ul5IjFtOpJsriN%2BXLsKWHr1wuGqat7lm6uOpQZ8wR3J5HPfCMfGGHcHmKF9icRdbJa6aouOP8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ndate: Wed, 17 Jun 2026 21:02:09 GMT\r\nserver: cloudflare\r\ncf-ray: a0d4fe607c791525-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":1296,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-07-01T10:19:21.054551Z","times_seen":383500,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"tenutaaurelia-fr.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/img-sys/powered_by_cpanel.svg","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"172.67.215.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi","date":"2026-06-17T21:02:10.000Z","timestamp":1781730130000,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tenutaaurelia-fr.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Jun 2026 10:55:42 GMT","end":"Thu, 10 Sep 2026 11:54:24 GMT"},"fingerprint":{"sha1":"F3:8F:C2:B4:11:CB:01:6E:86:D2:F4:BA:1C:25:06:8F:D2:95:34:D6","sha256":"68:11:0A:D1:F7:EE:D9:0E:4A:30:C1:38:83:06:7E:4E:AB:DD:17:89:66:8E:72:5D:96:0A:25:2D:75:33:24:FB"}}},"request":{"raw":"GET /img-sys/powered_by_cpanel.svg HTTP/1.1\r\nHost: tenutaaurelia-fr.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Wed, 17 Jun 2026 21:02:10 GMT\r\nserver: cloudflare\r\nlast-modified: Wed, 13 Apr 2016 18:55:24 GMT\r\npriority: u=4,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nk21rJfjMmn6wUtXLTSmuTxnUV2to1MSnDX%2BKh61I1Q9NKz9MvlRNXbWRU%2BeLdQf5BnEPAiRtteXAKM0%2BWZgtzGdiMNwQdmeEoW8yk8QmOHzJEb7Lu2oJs4aFdkBKUHNEg%2BMmix1yrg%3D\"}]}\r\ncontent-type: image/svg+xml\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nage: 4000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d4fe608c871525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5617,"size_decoded":3333,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c47b4b5200566a2a496a11ba472ec5da","sha1":"3bd0da9a6ffd62217d3e781fa1356f40d9f91d4c","sha256":"179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9","sha512":"b67659bfb2f94cc1124eb88f7582ae2ee1c983210577edc9aaf6fdb65f6b0e2b9fd786169a91fc72a1ac0e8556bc09c7cf35395c7a038a6f6419660b7b64545f","ssdeep":"96:BDol4IVL19t2mY5Ib0Va4FALs/k2eerILEKQhnEIsFGFB/aStUY0NuhHkzTUgCgM:BGjR19tU5Ib0tCY8jeSEptRPFESt70NW","tlshash":"77c174f9c7a053f47ac38f5deb2966d0b0ebf8bd1ea082c451759368c4c0ad9e948874","first_seen":"2023-04-05T04:59:52Z","last_seen":"2026-07-01T10:11:56.34734Z","times_seen":44441,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"tenutaaurelia-fr.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/img-sys/error-bg-left.png","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"172.67.215.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi","date":"2026-06-17T21:02:10.007Z","timestamp":1781730130007,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tenutaaurelia-fr.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Jun 2026 10:55:42 GMT","end":"Thu, 10 Sep 2026 11:54:24 GMT"},"fingerprint":{"sha1":"F3:8F:C2:B4:11:CB:01:6E:86:D2:F4:BA:1C:25:06:8F:D2:95:34:D6","sha256":"68:11:0A:D1:F7:EE:D9:0E:4A:30:C1:38:83:06:7E:4E:AB:DD:17:89:66:8E:72:5D:96:0A:25:2D:75:33:24:FB"}}},"request":{"raw":"GET /img-sys/error-bg-left.png HTTP/1.1\r\nHost: tenutaaurelia-fr.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tenutaaurelia-fr.live/cgi-sys/defaultwebpage.cgi\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Wed, 17 Jun 2026 21:02:10 GMT\r\nserver: cloudflare\r\nlast-modified: Tue, 11 Feb 2025 05:07:52 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i\r\ncontent-type: image/png\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nage: 4000\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MyHI5QCtJT9QSj2uGJ3RqkeeX%2BZdVY3mg8OjvQGTJfoRtq2YXMvtlH2GOyQdVpS6pWbmOl01DA3989pw65iXLZATNMA3wRgiEz3WbNqjHnMbKctZcOwiLc7hlwly4NJuVJyZGerhSos%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 8072\r\ncf-ray: a0d4fe608c8e1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8072,"size_decoded":8824,"mime_type":"image/png","magic":"PNG image data, 410 x 400, 8-bit/color RGBA, non-interlaced","md5":"cdbe46a0178886162bdedff35336154e","sha1":"f5acc131f7d3fdfbebfc4a55be73cf51c7638937","sha256":"862885b79bef22ad5716b2dbfa714d52f628a439f2921bb9520a4630bbea5d4e","sha512":"cd75baa25c17945a25381d08d30887ddcb4a42dda676f6189bd2e25c91e390197d2ebf68a86b74995a32483445aeeee3df7c0ff6bec9e8b69f1d84f3ee3423b4","ssdeep":"192:4FWzRDmuPuPjEAWYgZgwuJGaY8o84ntC6K0GrD7tSHzN:4FGRDmumPgAWLslY8o8yCjzr/tk","tlshash":"6bf1af71ca2b86519ebb4f95c1fa8397b851c92ecc03b3f68c2716376dd61b6452ac0c","first_seen":"2023-04-12T19:49:10Z","last_seen":"2026-07-01T09:32:08.278561Z","times_seen":28339,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"tenutaaurelia-fr.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tenutaaurelia-fr.live/","fqdn":"tenutaaurelia-fr.live","domain":"tenutaaurelia-fr.live","tld":"live"},"ip":{"addr":"172.67.215.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T21:02:07.920Z","timestamp":1781730127920,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tenutaaurelia-fr.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 12 Jun 2026 10:55:42 GMT","end":"Thu, 10 Sep 2026 11:54:24 GMT"},"fingerprint":{"sha1":"F3:8F:C2:B4:11:CB:01:6E:86:D2:F4:BA:1C:25:06:8F:D2:95:34:D6","sha256":"68:11:0A:D1:F7:EE:D9:0E:4A:30:C1:38:83:06:7E:4E:AB:DD:17:89:66:8E:72:5D:96:0A:25:2D:75:33:24:FB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tenutaaurelia-fr.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Wed, 17 Jun 2026 21:02:08 GMT\r\nserver: cloudflare\r\nlast-modified: Mon, 18 May 2026 15:56:26 GMT\r\npriority: u=0,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cha1djQN6bdB%2BHFQiWXTp8J7DB0D7XoECx8kJm4tGzjcCsKPsaeG9MsDzFkM7r1AdY83Z%2Bk87vy1vpa2dyA2Jwvm6khsS8Ocw2zgiNjsStYRy33i%2FJd5owKEW5feOdUJ3WaXhVjKc7c%3D\"}]}\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\ncontent-type: text/html\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d4fe54482c1525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-01T10:18:58.66886Z","times_seen":16887239,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"tenutaaurelia-fr.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}
