{"report_id":"29410b72-9f0d-43f3-85e1-eb2a398cfbd2","version":6,"status":"done","tags":[],"date":"2026-04-03T00:10:27Z","url":{"schema":"http","addr":"mediaissou.cassioweb.fr/wp-content/uploads/1dxyirs/index.php","fqdn":"mediaissou.cassioweb.fr","domain":"cassioweb.fr","tld":"fr"},"ip":{"addr":"163.172.70.115","port":0,"asn":12876,"as":"Scaleway S.a.s.","country":"France","country_code":"FR"},"final":{"url":{"schema":"https","addr":"mediaissou.cassioweb.fr/wp-content/uploads/1dxyirs/index.php","fqdn":"mediaissou.cassioweb.fr","domain":"cassioweb.fr","tld":"fr"},"title":"Webmail :: Welcome to Webmail","dom":{"size":36155,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (20854)","md5":"f0788b26079c3bf6696db1f58b177e1b","sha1":"c2f286f42913cd526b7ec9c7290b43a367f7dc2f","sha256":"2077dd274be2073a36cb814bfd6b13eb025e12b89f8e4bcd395d6e6655d4299e","sha512":"e487f0011681ebf557a884df459ceade4803e116f21d2724c3c8632d6915730a749a452852b9d6765b9b30cdae731c8bad9098e56df61e28ce860ca3451f0ec4","ssdeep":"768:hXP3d2UpE6gycqKl2BpbDTnVVDJDeE4mO8gMlOBl/XoOnqCgdKbqslJoaTrb5e1G:1P3oUq6gycolvvDJPtsJecHdh","tlshash":"80f219b162c1fc4522835b36b367b5e5fc3a5c9ba9c4088df014bca4f5e4605fae9970","dom_hash":"domhashb50f45e0736596663743fa8724c7c5e2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"mediaissou.cassioweb.fr/wp-content/uploads/1dxyirs/index.php","fqdn":"mediaissou.cassioweb.fr","domain":"cassioweb.fr","tld":"fr"},"ip":{"addr":"163.172.70.115","port":0,"asn":12876,"as":"Scaleway S.a.s.","country":"France","country_code":"FR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-08T00:10:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-03","alert":"Phishing Block","trigger":"mediaissou.cassioweb.fr","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"mediaissou.cassioweb.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"mediaissou.cassioweb.fr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"mediaissou.cassioweb.fr","ip":{"addr":"163.172.70.115","port":443,"asn":12876,"as":"Scaleway S.a.s.","country":"France","country_code":"FR"},"domain_registered":"2008-02-26","domain_rank":0,"first_seen":"2026-04-03T00:10:27.252041Z","last_seen":"2026-04-03T00:10:27.252041Z","alert_count":3,"request_count":1,"received_data":36486,"sent_data":528,"comment":"","tags":null,"fingerprints":[{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-03-29T23:24:32.360777Z","alert_count":0,"request_count":1,"received_data":89131,"sent_data":452,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mediaissou.cassioweb.fr/wp-content/uploads/1dxyirs/index.php","fqdn":"mediaissou.cassioweb.fr","domain":"cassioweb.fr","tld":"fr"},"ip":{"addr":"163.172.70.115","port":443,"asn":12876,"as":"Scaleway S.a.s.","country":"France","country_code":"FR"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-22T02:02:57.130347Z","times_seen":622664,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mediaissou.cassioweb.fr/wp-content/uploads/1dxyirs/index.php","fqdn":"mediaissou.cassioweb.fr","domain":"cassioweb.fr","tld":"fr"},"ip":{"addr":"163.172.70.115","port":443,"asn":12876,"as":"Scaleway S.a.s.","country":"France","country_code":"FR"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-22T01:58:37.406414Z","times_seen":212848,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-22T01:21:29.406902Z","times_seen":119705,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mediaissou.cassioweb.fr/wp-content/uploads/1dxyirs/index.php","fqdn":"mediaissou.cassioweb.fr","domain":"cassioweb.fr","tld":"fr"},"ip":{"addr":"163.172.70.115","port":443,"asn":12876,"as":"Scaleway S.a.s.","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"ea3f42bdf7ccb5f7ed889247e35f2f9c","sha1":"9317a4e2086269d3d541f951db5651acb6c42b1f","sha256":"95de1b7a3b40a35ae5764bdfd9c0ff3d3cb3883c9413327c95c0b3e5614dae7e","sha512":"7f0a56dc463ecac028a3c8b453ef25b65b97b1f727a949e80bb66601b825401e227c9abc4e8fe6d134eda70089a3442f8391d260118cc54323b6b5a2282685e1","ssdeep":"384:J2LlpBlDTnVVEiJDlsENKmO8gMlOBl/XoO9FqCgdKbqslJoasNwrb5LQNMwJb+Az:J2BpbDTnVVDJDeE4mO8gMlOBl/XoOnqt","tlshash":"4092728666c1bc4523975b37732bb1e5f43a5c99b9c8098ef104bca0f5e9502fae8970","size":20848,"data":"","first_seen":"2023-03-26T01:31:32Z","last_seen":"2026-04-21T19:24:42.520682Z","times_seen":473,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"mediaissou.cassioweb.fr/wp-content/uploads/1dxyirs/index.php","fqdn":"mediaissou.cassioweb.fr","domain":"cassioweb.fr","tld":"fr"},"ip":{"addr":"163.172.70.115","port":443,"asn":12876,"as":"Scaleway S.a.s.","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-03T00:10:05.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mediaissou.cassioweb.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Mar 2026 01:07:58 GMT","end":"Mon, 22 Jun 2026 01:07:57 GMT"},"fingerprint":{"sha1":"B4:E7:5D:85:90:98:78:35:61:7F:86:E1:20:4C:62:79:EC:85:8F:5A","sha256":"A2:18:5F:49:95:27:D0:CC:79:BF:63:9A:DF:BA:91:98:12:05:C6:3C:AE:9D:CC:13:23:23:C5:5B:FD:5B:50:50"}}},"request":{"raw":"GET /wp-content/uploads/1dxyirs/index.php HTTP/1.1\r\nHost: mediaissou.cassioweb.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 03 Apr 2026 00:10:05 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 18826\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":36232,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (20840)","md5":"8e72ed3723c55c957c05586af45aa486","sha1":"80c42f5ace1e7fe284c30ec8af68385ac19889a6","sha256":"cac2bb60cbe92a50b044f2fa376000bfccade39436d954487e37f6144d05e44e","sha512":"33f505e7d7b9dc81ff75a403f32b29a2aba529e2c8b70a9ce7a5f6eab00f69fed4784d4f4d8be24c3feb2faed9eb6d669540c6c2d128ef5ac96842435b648857","ssdeep":"768:LXP3d2UpE6gycUml2BpbDTnVVDJDeE4mO8gMlOBl/XoOnqCgdKbqslJoaTrb5e1h:zP3oUq6gycylvvDJPtsJecHdi","tlshash":"73f219b162c1fc4522835b36b367b5e5fc3a5c9ba9c4088df018bca4f5e4605fae9970","first_seen":"2024-05-31T20:47:32Z","last_seen":"2026-04-21T19:24:42.52001Z","times_seen":68,"resource_available":true,"data":null}},"time_used":366,"timings":{"blocked":148,"dns":86,"connect":26,"send":0,"wait":43,"receive":27,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-03","alert":"Phishing Block","trigger":"mediaissou.cassioweb.fr","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"mediaissou.cassioweb.fr","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-03","alert":"Sinkholed","trigger":"mediaissou.cassioweb.fr","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mediaissou.cassioweb.fr/wp-content/uploads/1dxyirs/index.php","date":"2026-04-03T00:10:05.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:54 GMT","end":"Mon, 08 Jun 2026 08:38:53 GMT"},"fingerprint":{"sha1":"B7:E6:53:75:FA:B8:E8:B5:11:AC:F7:22:E0:8B:AC:53:3E:61:05:64","sha256":"46:48:37:84:82:72:61:A1:32:78:58:13:38:99:8D:2A:19:CB:C4:47:8B:BC:B1:AC:5F:6C:F4:91:6D:BB:DE:BB"}}},"request":{"raw":"GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mediaissou.cassioweb.fr/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30774\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 31 Mar 2026 06:03:33 GMT\r\nexpires: Wed, 31 Mar 2027 06:03:33 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Mon, 13 May 2019 14:37:17 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 237992\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":88145,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-22T01:21:29.406902Z","times_seen":119705,"resource_available":true,"data":null}},"time_used":379,"timings":{"blocked":174,"dns":1,"connect":14,"send":0,"wait":15,"receive":15,"ssl":157},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}