{"report_id":"18e1d8ab-5430-41f3-acfe-0783edb76f97","version":6,"status":"done","tags":[],"date":"2026-04-01T00:13:32Z","url":{"schema":"http","addr":"secure-domaine.fr/sites/4","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":0,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"secure-domaine.fr/sites/4/","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"title":"Connectez-vous à votre compte","dom":{"size":12034,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3312)","md5":"f65b79d54a330a0c2a25e6a9802a1d28","sha1":"6f38b3a4aaba16f37b34d5c397b8f57254974450","sha256":"bc122dbea92e6162aab3c8021efe695eec3abc45136b026fe30a60030618152b","sha512":"af4b8ce163fbd4b486f6474c71e528a6701736aab022195930d3d9f4be4b3e2935b3dba6c606ba273aa8388a200bb62067d48361c824cf883bf77b5345dd5359","ssdeep":"192:agj+SBjlevudl9nOkNkrI5S5jSbLD6WIx6+16xK7Gqr:ESBj1dPnrerIE4bLmWw646xK7GO","tlshash":"9e42c63501f141758297938a3be6b78d3f70415bb5229640376e0a9e6fc2dd3a8b3de8","dom_hash":"domhash6287e169066f1d3da9301d813ac1fe06","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"secure-domaine.fr/sites/4","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":0,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-06T00:13:32Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"secure-domaine.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"secure-domaine.fr","ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"domain_registered":"2023-02-21","domain_rank":0,"first_seen":"2026-02-13T03:37:58.902769Z","last_seen":"2026-02-13T03:37:58.90277Z","alert_count":10,"request_count":10,"received_data":1060332,"sent_data":4662,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Prototype","description":"Prototype is a JavaScript Framework that aims to ease development of web applications.","website":"https://www.prototypejs.org","common_platform_enumeration":"cpe:2.3:a:prototypejs:prototype:*:*:*:*:*:*:*:*","icon":"Prototype.png","categories":["JavaScript frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"secure-domaine.fr/sites/4/","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"introduction_type":"eventHandler","is_inline":false,"md5":"7cf3cbc8b32dc442dbbd9db0029d6956","sha1":"eac6330fe3c9952d7df168105e0972d99fdbf423","sha256":"29dc24bf08dee9481e4d3e2e1f237b465f6be9d05c04ca287559de3b6e6d3c99","sha512":"06ed8ff7296146c83d6ed1d51422f6a270b66931cbdd57b5a4dfb561d78ffe245d464e0a1f79f35e1063cfbc230d29b872d54954d18d0c0c14a6992899608b99","ssdeep":"","tlshash":"5850000000000000c0c0000c3000000000000cc0c000000003000fc00000030333c000","size":9,"data":"","first_seen":"2026-04-01T00:13:34.333221Z","last_seen":"2026-04-01T02:26:14.741649Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure-domaine.fr/js/prototype.min.js","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b878d61a447cdaee3ca4da586c46e76","sha1":"2b8c9b42e953a5f89f311da01d01988672e79f3b","sha256":"fb7c60a9f6a3e7d462764342b1a04216ba85b44914f10e7b02856d38e4d8301b","sha512":"0b82eec1742d40e175893472df3c029582ec2e014b946f27095e5d0b10e33dc5acc857a5417ce2dde7c7463a6db0ecdb1f0c275c2dd953eb16521d609b169304","ssdeep":"1536:iqDWprCjOQ+a1Yg38hVju994q2VsG8CrtyUVxDV68r30ely5MORq7w7KsaHJrDjP:i8aCjOQ+UsC7G8ItKiXrIFc","tlshash":"42a3e6d872c2b17583dbb179907f024ef27958a15a08d464f168e8e07c78d6a8237fbd","size":105940,"data":"","first_seen":"2023-03-09T04:05:17Z","last_seen":"2026-06-06T23:51:35.299604Z","times_seen":643,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"secure-domaine.fr/sites/4/","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"cff7bee19c8648ed790c02cae6b2b7a7","sha1":"3d8d4705d11ca870c3a3c24ba9dc3580f422c755","sha256":"acfcef18b63b8214f692bb58b3b6c942328dd303e2995edae676b9cf73194de8","sha512":"6f5c9f3c6f29347f22a04473860756a049614359e45d1fcec330fe28a60953e11dd7c36a8ca817fa8075724e91a43a5374ba59881822eecbdc7d776c45236d6e","ssdeep":"96:9rIi34gxHi34gxCL7GbqXuNZ6Wqzx6qbdUGq/xK7Gqk:9rI5S5jSbLD6WIx6+16xK7Gqk","tlshash":"90a1fc1809b34034476750df37eba3c97ab0006f7811e68a363d0b9d2fd1d8569f1aea","size":4643,"data":"","first_seen":"2026-04-01T00:13:34.335721Z","last_seen":"2026-04-01T02:26:14.742314Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"secure-domaine.fr/sites/4","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-01T00:13:10.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secure-domaine.fr","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:56:99:CA:3E:FC:A4:E8:5F:09:6C:E8:17:A8:E8:E1:95:15:C9:82","sha256":"29:D2:70:21:4E:F8:9A:C0:22:69:F7:B4:41:2F:BC:3D:7C:AD:77:23:01:BF:1B:A9:4D:68:14:8A:39:B9:2C:17"}}},"request":{"raw":"GET /sites/4 HTTP/1.1\r\nHost: secure-domaine.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-length: 282\r\nlocation: https://secure-domaine.fr/sites/4/\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 999\r\ndate: Wed, 01 Apr 2026 00:13:10 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":12504,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T12:34:25.437902Z","times_seen":16239334,"resource_available":true,"data":null}},"time_used":704,"timings":{"blocked":332,"dns":48,"connect":34,"send":0,"wait":38,"receive":0,"ssl":249},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"secure-domaine.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure-domaine.fr/sites/4/","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-01T00:13:10.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secure-domaine.fr","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:56:99:CA:3E:FC:A4:E8:5F:09:6C:E8:17:A8:E8:E1:95:15:C9:82","sha256":"29:D2:70:21:4E:F8:9A:C0:22:69:F7:B4:41:2F:BC:3D:7C:AD:77:23:01:BF:1B:A9:4D:68:14:8A:39:B9:2C:17"}}},"request":{"raw":"GET /sites/4/ HTTP/1.1\r\nHost: secure-domaine.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 998\r\ndate: Wed, 01 Apr 2026 00:13:10 GMT\r\nserver: Apache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Prototype","description":"Prototype is a JavaScript Framework that aims to ease development of web applications.","website":"https://www.prototypejs.org","common_platform_enumeration":"cpe:2.3:a:prototypejs:prototype:*:*:*:*:*:*:*:*","icon":"Prototype.png","categories":["JavaScript frameworks"]}],"data":{"size":12504,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3291), with CRLF line terminators","md5":"78e7e3225b089cb313697f8099b70385","sha1":"889c8046d2a059f69dfcfa8366f57c55c4be9d2a","sha256":"5ef41d2b94a21c5e182e40f6a712e7a404c1c732b970a97cc3c810b9686970b5","sha512":"d0f0ee0ee04885cee830afc82943c4407b9a88a12046251a2fdde3586f7b2d8bb5d6e2b163724df740f244e97fb75893e0f286625b3f746b789c998808e3b3b0","ssdeep":"192:EsgoSBjlevudl9nBAeDtI4QfHx+PkDZl6iR+3Tf5:LSBj1dPnq0tI4QfR+PkDZlBR+3Tf5","tlshash":"7842b93501d4417586b2538a6fa1b7cdff70415bb2228240376e169b2fb2d93a5b3de8","first_seen":"2026-04-01T00:13:34.308213Z","last_seen":"2026-04-01T02:26:14.738891Z","times_seen":2,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"secure-domaine.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure-domaine.fr/sites/4/style.css","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secure-domaine.fr/sites/4/","date":"2026-04-01T00:13:10.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secure-domaine.fr","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:56:99:CA:3E:FC:A4:E8:5F:09:6C:E8:17:A8:E8:E1:95:15:C9:82","sha256":"29:D2:70:21:4E:F8:9A:C0:22:69:F7:B4:41:2F:BC:3D:7C:AD:77:23:01:BF:1B:A9:4D:68:14:8A:39:B9:2C:17"}}},"request":{"raw":"GET /sites/4/style.css HTTP/1.1\r\nHost: secure-domaine.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure-domaine.fr/sites/4/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 5907\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 997\r\ndate: Wed, 01 Apr 2026 00:13:10 GMT\r\nserver: Apache\r\nlast-modified: Tue, 25 Jun 2024 14:17:11 GMT\r\netag: \"1713-61bb78dc46d80\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":5907,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"35658789e2c031c2fb5b6da686f7ab6f","sha1":"db4762d873f9a72914d5b39841d79decdec2289c","sha256":"e56625534b28eacc09f6b3d7a3c4f39a64aec556e20f8d2b94f6ad0b7a2cbcf0","sha512":"5654f1054dface380da5e0a114764d5f951c63d6c8a4e7532c37c8b610090118ebfee8a7c70d523147bce995226eae7fc38d601bf07b89c9d50d29e6bf59556b","ssdeep":"96:aa5k5E2xx1B4FU3Znitt0EmW2TIRjeyrjHgjcs0lb4Q6d85Nmh8fjGEVOaI5Y/lu:L5k5L0t0otb4Q6y5Nm+bGEVOaI5YdY4U","tlshash":"83c172ac92014d428333ca752fe68bc1e77848935901667c3aed360c4fff6549762eba","first_seen":"2026-04-01T00:13:34.310902Z","last_seen":"2026-04-01T02:26:14.739509Z","times_seen":2,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"secure-domaine.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure-domaine.fr/sites/4/img/reunionpersonnelfaux.jpg","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure-domaine.fr/sites/4/","date":"2026-04-01T00:13:10.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secure-domaine.fr","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:56:99:CA:3E:FC:A4:E8:5F:09:6C:E8:17:A8:E8:E1:95:15:C9:82","sha256":"29:D2:70:21:4E:F8:9A:C0:22:69:F7:B4:41:2F:BC:3D:7C:AD:77:23:01:BF:1B:A9:4D:68:14:8A:39:B9:2C:17"}}},"request":{"raw":"GET /sites/4/img/reunionpersonnelfaux.jpg HTTP/1.1\r\nHost: secure-domaine.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure-domaine.fr/sites/4/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 85913\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 995\r\ndate: Wed, 01 Apr 2026 00:13:10 GMT\r\nserver: Apache\r\nlast-modified: Tue, 25 Jun 2024 14:17:21 GMT\r\netag: \"14f99-61bb78e5c59a6\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":85913,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 718x1021, components 3","md5":"6e7036a4219cfebf1e486a53a222e369","sha1":"6af2453ce7ab4b3d03cd4f79532c330410a56224","sha256":"ca24ccaee8082e43f0fc9cf09de3e1fbd53d4a86f5793b2b8a892e5ca997299f","sha512":"00f0840655de67c171210ab47d152a361809945e543d3cc43967eee84f49dcb0d9dff9ef82c0555c08abc0e15739ee259ccfc875b51b6557e6a688e04e2cb854","ssdeep":"1536:Tt/AWv0SYfuwIDwWwxSBhJOojG3i5+eXRqyg1tjCYzazuMHZY1UX9yaQy:GY0NqVwMrGy5+ehNYtjWvZY1UX9yaQy","tlshash":"2f8324471c188b82a1a88ae47e471e8c2f166f1de9d129ff04931ecb7eb47724c8d55e","first_seen":"2026-04-01T00:13:34.313614Z","last_seen":"2026-04-01T02:26:14.740947Z","times_seen":2,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"secure-domaine.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure-domaine.fr/sites/4/img/phishing.webp","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure-domaine.fr/sites/4/","date":"2026-04-01T00:13:10.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secure-domaine.fr","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:56:99:CA:3E:FC:A4:E8:5F:09:6C:E8:17:A8:E8:E1:95:15:C9:82","sha256":"29:D2:70:21:4E:F8:9A:C0:22:69:F7:B4:41:2F:BC:3D:7C:AD:77:23:01:BF:1B:A9:4D:68:14:8A:39:B9:2C:17"}}},"request":{"raw":"GET /sites/4/img/phishing.webp HTTP/1.1\r\nHost: secure-domaine.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure-domaine.fr/sites/4/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/webp\r\ncontent-length: 77924\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 994\r\ndate: Wed, 01 Apr 2026 00:13:10 GMT\r\nserver: Apache\r\nlast-modified: Tue, 25 Jun 2024 14:17:21 GMT\r\netag: \"13064-61bb78e5aa422\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":77924,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7b508dbdcd3f86c50a413ac221f1a923","sha1":"b9796e23eec1efd70586f6a40c2cc86fee2534a8","sha256":"54b77de5fc6a1b03b6399d6e6c6c4af1c8b3760d0b03388063d42ca5130e578f","sha512":"233128c648a1d366c517b845cd6dbff39d00cd52a2a263792de29cdaa8f5d1fd7e9329e8a47ad1596e4b2673e85038b820e3b6858f6558eb521ae3174d517c77","ssdeep":"1536:lDxovkA+LzIEGH4oiAj1zjBS4iehirS7kmagVVFBUzsHd8DzNmQG3X:lOvkA+a4HAj9BS4NhiBgVVF2zsHENmfH","tlshash":"037302de1505abb27cd7be2a03f8d936443ff8a48249309feb937ac4de32564a6d4104","first_seen":"2026-04-01T00:13:34.316413Z","last_seen":"2026-04-01T02:26:14.735674Z","times_seen":2,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"secure-domaine.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure-domaine.fr/sites/4/img/risques.png","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure-domaine.fr/sites/4/","date":"2026-04-01T00:13:10.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secure-domaine.fr","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:56:99:CA:3E:FC:A4:E8:5F:09:6C:E8:17:A8:E8:E1:95:15:C9:82","sha256":"29:D2:70:21:4E:F8:9A:C0:22:69:F7:B4:41:2F:BC:3D:7C:AD:77:23:01:BF:1B:A9:4D:68:14:8A:39:B9:2C:17"}}},"request":{"raw":"GET /sites/4/img/risques.png HTTP/1.1\r\nHost: secure-domaine.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure-domaine.fr/sites/4/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 157274\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 993\r\ndate: Wed, 01 Apr 2026 00:13:10 GMT\r\nserver: Apache\r\nlast-modified: Tue, 25 Jun 2024 14:17:21 GMT\r\netag: \"2665a-61bb78e5e0f2b\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":157274,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 950 x 317, 8-bit/color RGBA, non-interlaced","md5":"3f42234415e41399c7d04d6fee623694","sha1":"c6e766b2ab50588dbf7ce0a44a441552e1b2b6a0","sha256":"3cd689a3504e305ed78d2ee5ca84df19521ab678ec1fbea8d04b2fc1698f200c","sha512":"3c20dd782bd43938ae0ddc8e3dbfcf6f35ab4bbfa510f7b880173df82769073372b9e612de1eb91458068180396c86fb201d8eb514036edc956a388ebd3a26dd","ssdeep":"3072:75eY60LsIvBC299ozBQGSLeivUBnXqwGVUBK0AbApjT/HhzXeXCWevT9M:75EqBX9iBQGY0BXXkUBLpX/HhzBx9M","tlshash":"ede3129496f363f4a96705253b04e98cfb3a0a6feec2d4c864e0b46fca1107d7760917","first_seen":"2026-04-01T00:13:34.318917Z","last_seen":"2026-04-01T02:26:14.736296Z","times_seen":2,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"secure-domaine.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure-domaine.fr/sites/4/animation.css","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://secure-domaine.fr/sites/4/","date":"2026-04-01T00:13:10.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secure-domaine.fr","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:56:99:CA:3E:FC:A4:E8:5F:09:6C:E8:17:A8:E8:E1:95:15:C9:82","sha256":"29:D2:70:21:4E:F8:9A:C0:22:69:F7:B4:41:2F:BC:3D:7C:AD:77:23:01:BF:1B:A9:4D:68:14:8A:39:B9:2C:17"}}},"request":{"raw":"GET /sites/4/animation.css HTTP/1.1\r\nHost: secure-domaine.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure-domaine.fr/sites/4/style.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 3118\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 992\r\ndate: Wed, 01 Apr 2026 00:13:10 GMT\r\nserver: Apache\r\nlast-modified: Tue, 25 Jun 2024 14:17:11 GMT\r\netag: \"c2e-61bb78dc2e6dc\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3118,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"3185bef29010b5021cd5605c4de82996","sha1":"03054162eaa08c143fbb67abcfa44b9e7d0e600b","sha256":"9746d356e4939c0675db3a00bd8b8eb6e8dfad524419bbba54b0e660470e28dc","sha512":"5c26c37c2d8ebda10e1441733ab2ffddc076e14ef1ac66b8f6ab9fd32748a8b98b31efebccbbaa607f67c8571156d8c045ba453db8fdd3823cf7b99f56d9bc82","ssdeep":"","tlshash":"ef51e22d4a972140587bd7f5bb2981acff0209ef0eb3048176dc5356ef78158b286e8d","first_seen":"2026-04-01T00:13:34.323554Z","last_seen":"2026-04-01T02:26:14.737029Z","times_seen":2,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"secure-domaine.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure-domaine.fr/js/prototype.min.js","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://secure-domaine.fr/sites/4/","date":"2026-04-01T00:13:10.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secure-domaine.fr","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:56:99:CA:3E:FC:A4:E8:5F:09:6C:E8:17:A8:E8:E1:95:15:C9:82","sha256":"29:D2:70:21:4E:F8:9A:C0:22:69:F7:B4:41:2F:BC:3D:7C:AD:77:23:01:BF:1B:A9:4D:68:14:8A:39:B9:2C:17"}}},"request":{"raw":"GET /js/prototype.min.js HTTP/1.1\r\nHost: secure-domaine.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure-domaine.fr/sites/4/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\ncontent-length: 105940\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 996\r\ndate: Wed, 01 Apr 2026 00:13:10 GMT\r\nserver: Apache\r\nlast-modified: Wed, 26 Jun 2024 10:35:14 GMT\r\netag: \"19dd4-61bc891d3331a\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":105940,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1b878d61a447cdaee3ca4da586c46e76","sha1":"2b8c9b42e953a5f89f311da01d01988672e79f3b","sha256":"fb7c60a9f6a3e7d462764342b1a04216ba85b44914f10e7b02856d38e4d8301b","sha512":"0b82eec1742d40e175893472df3c029582ec2e014b946f27095e5d0b10e33dc5acc857a5417ce2dde7c7463a6db0ecdb1f0c275c2dd953eb16521d609b169304","ssdeep":"1536:iqDWprCjOQ+a1Yg38hVju994q2VsG8CrtyUVxDV68r30ely5MORq7w7KsaHJrDjP:i8aCjOQ+UsC7G8ItKiXrIFc","tlshash":"42a3e6d872c2b17583dbb179907f024ef27958a15a08d464f168e8e07c78d6a8237fbd","first_seen":"2023-03-09T04:05:17Z","last_seen":"2026-06-06T23:51:35.299604Z","times_seen":643,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":68,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"secure-domaine.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure-domaine.fr/sites/4/img/background_microsoft.png","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure-domaine.fr/sites/4/","date":"2026-04-01T00:13:11.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secure-domaine.fr","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:56:99:CA:3E:FC:A4:E8:5F:09:6C:E8:17:A8:E8:E1:95:15:C9:82","sha256":"29:D2:70:21:4E:F8:9A:C0:22:69:F7:B4:41:2F:BC:3D:7C:AD:77:23:01:BF:1B:A9:4D:68:14:8A:39:B9:2C:17"}}},"request":{"raw":"GET /sites/4/img/background_microsoft.png HTTP/1.1\r\nHost: secure-domaine.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure-domaine.fr/sites/4/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 594903\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 991\r\ndate: Wed, 01 Apr 2026 00:13:11 GMT\r\nserver: Apache\r\nlast-modified: Tue, 25 Jun 2024 14:17:20 GMT\r\netag: \"913d7-61bb78e51bacb\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":594903,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1047, 8-bit/color RGBA, non-interlaced","md5":"47c74d127956f8437ec78e962e66ee52","sha1":"c79a268638de178a7cf1dadc12ed0ba36fa08b5d","sha256":"04a866c9735a2fbad5f1cfbcd01f7eec46105816952639360087f1a49aee58ab","sha512":"7517c55848ac6a18374f082a5c29fa3412a3bb4ecdcf418a2c14f0995ded33ade2ca6338c4ed5d20bc099f63cd81a5ee9e3d48c86489ced7c101625045860583","ssdeep":"12288:VPRZzHmigAspCHUeey6ebKqwObm/N8ubR5QXfUfZolQ:9RZzHmig9pC0eeydwOC/dR5wcfZ1","tlshash":"c6c433d0e7abbe33399a454464e1f82328f767a1bd9b01179db03b51a20ddec4f88394","first_seen":"2026-04-01T00:13:34.328154Z","last_seen":"2026-04-01T02:26:14.734295Z","times_seen":2,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":127,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"secure-domaine.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"secure-domaine.fr/favicon.ico","fqdn":"secure-domaine.fr","domain":"secure-domaine.fr","tld":"fr"},"ip":{"addr":"217.160.0.233","port":443,"asn":8560,"as":"IONOS SE","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://secure-domaine.fr/sites/4/","date":"2026-04-01T00:13:11.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.secure-domaine.fr","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 11 Jun 2025 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DF:56:99:CA:3E:FC:A4:E8:5F:09:6C:E8:17:A8:E8:E1:95:15:C9:82","sha256":"29:D2:70:21:4E:F8:9A:C0:22:69:F7:B4:41:2F:BC:3D:7C:AD:77:23:01:BF:1B:A9:4D:68:14:8A:39:B9:2C:17"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: secure-domaine.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://secure-domaine.fr/sites/4/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 1248\r\nx-ws-origin: available\r\nx-ws-ratelimit-limit: 1000\r\nx-ws-ratelimit-remaining: 990\r\ndate: Wed, 01 Apr 2026 00:13:11 GMT\r\nserver: Apache\r\nlast-modified: Thu, 20 Feb 2025 10:50:50 GMT\r\netag: \"4e0-62e90a5b4d76d\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1248,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced","md5":"0a286f1d498c51f8f04210410b03b813","sha1":"5eb5678bd92f98ab2861976f6e57d950f4ede0ef","sha256":"1d51194f657b6ac79daaf81534cb227f78d75d9ba53df23e4fb12ad37eb42087","sha512":"c12acf596be63074912d51290c64dda59561ec26b0f009e440f6b936c6a53dd4bc0cb1e0eab62875f523e3a233ca49e8ff5fb91c6e26559d7e6b3fd5bddba091","ssdeep":"","tlshash":"9a21b7c6a290cb29cf75ba4a8990d40c03861b5bd3b5479c0329583bb370f223de11ad","first_seen":"2026-04-01T00:13:34.330601Z","last_seen":"2026-04-01T02:26:14.738188Z","times_seen":2,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"secure-domaine.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}