{"report_id":"7459085b-d524-4d13-9f62-c9b5cb7dd517","version":6,"status":"done","tags":[],"date":"2026-06-04T16:45:35Z","url":{"schema":"http","addr":"srtx.pro/uEIL3o","fqdn":"srtx.pro","domain":"srtx.pro","tld":"pro"},"ip":{"addr":"172.67.213.225","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"le-meridien.ch/red?5231","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"title":"Page non trouvée - Le Méridien","dom":{"size":112619,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21474)","md5":"238641eec642309ec191acda4dfdfbb1","sha1":"580f476f169cced8f8353c53924a83e3bec6c5b1","sha256":"6f2ccedcb5f17be3ed2a84de2a7bcfbec0865b4f3f9f679fb7127f4a4e85db3b","sha512":"e9fa98f91d85bf5f139ab281e5f9deacc20e1ebf22621806f358607b1925e0def6b202e757a16133d0a51a819e2002a2ec50b06f762d8e27ce567214f25d757f","ssdeep":"3072:+SEXjqxXDuJdAR4vV3xhMH0xd0i40xS0IQ0bE0xX0ik0xQ0Ik0be0xX0ik0xQ0I5:+XjbxxCipxTIxb9xEidxxIdbHxEidxxI","tlshash":"41b3e9717a65d43291bb439ee28bb71c502cd427c90b80fafaec921ce7d6f99630d106","dom_hash":"domhashfd3323836fb34756e9b9ddfaed5cd9d2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"srtx.pro/uEIL3o","fqdn":"srtx.pro","domain":"srtx.pro","tld":"pro"},"ip":{"addr":"172.67.213.225","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-09T16:45:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"srtx.pro","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"srtx.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"le-meridien.ch","ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-04T16:45:38.796063Z","last_seen":"2026-06-04T16:45:38.796063Z","alert_count":330,"request_count":66,"received_data":2413778,"sent_data":34345,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Elementor:4.1.1","description":"Elementor is a website builder platform for professionals on WordPress.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Page builders","WordPress plugins"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Site Kit:1.180.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Yoast SEO:27.7","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Contact Form 7:6.1.6","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"Complianz","description":"Complianz is a GDPR/CCPA Cookie Consent plugin that supports GDPR, DSGVO, CCPA and PIPEDA with a conditional Cookie Notice and customized Cookie Policy based on the results of the built-in Cookie Scan.","website":"https://complianz.io","common_platform_enumeration":"","icon":"Complianz.png","categories":["A/B Testing","Cookie compliance","WordPress plugins"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-05-31T22:26:05.480738Z","alert_count":0,"request_count":2,"received_data":804584,"sent_data":868,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"srtx.pro","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-29T13:44:17.209851Z","last_seen":"2026-05-29T13:44:17.209851Z","alert_count":2,"request_count":1,"received_data":90449,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"le-meridien.ch/google_gtagjs-js-after","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"a1a1057b93d70982c9ccbc524de9e5e3","sha1":"cef97616b49421dae6255363ead2ce3940dd5159","sha256":"7c9aeec9db3169d20fa7cb64dbf3ad9d4946f6ad0e69f94183b2fa805d7e3c1b","sha512":"c4be1e777e732427e55961c10e7cf7c4007eea29a22d7c70f93f82ee068860c7811f18b810a705eed4e247e4e251690b0688be0332b142ed4e4adc7b94097ee7","ssdeep":"","tlshash":"4a014533e0820afac9baa93267562b95362333eae574640088cc150434bfe43e1c4cc8","size":816,"data":"","first_seen":"2026-06-04T16:45:44.744349Z","last_seen":"2026-06-04T16:45:44.744349Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/lazyload.min.js?ver=17.8.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"646fe97a3d48a84991e24f5640fc9881","sha1":"3c7db91a02a1dd8077e9fd4abc8636529655543c","sha256":"b4dca05acfc6299e7eed4d83b74e0a07c9f060f8b31b81ab5e5136028f218ed4","sha512":"7c935081cd73128fcf3045d381e31c135eafb50e38fae563032497f534d0d03591d2e548ee59ee08cbd4dd013ac5cd0d1ad09aa29b86db1b67fb89c3c244c2fc","ssdeep":"192:pDvu5/2Pbu1ZWhbat1oee/9X8UnZEHuuwJgbClI+YkFG/uW1eqa93Ve:pTw/4Dt0+IHHu5Y","tlshash":"970232487946b46b3973f0f6218f02ca353a24526ced6854a6e1f8f82d7858d1863fbd","size":8914,"data":"","first_seen":"2024-01-05T04:58:30Z","last_seen":"2026-06-04T16:45:44.706109Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/cmplz-cookiebanner-js-extra","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"6379b6f945d68044da301ada1966db7d","sha1":"c0e74ba6feb564c52598e0fbb178cd4739724c45","sha256":"c47af15f1391fd9e623e1315be03aebb79cccce9cbef79ed1eb079a723b43bfb","sha512":"80b94c7606c1dbbecaaef3ead6abc21f2d9432d74dccfe50dbe71a6b0493b8701ff7a27de230fe8b7978c691d0ddfc90e15a0359dc38991b3b74570f0ce1fc17","ssdeep":"","tlshash":"8231ee3bfe6d91fe47c5a3f422494d1ba5ec6040e189c648da04ec2882b87572bcf607","size":1710,"data":"","first_seen":"2026-06-04T16:45:44.745131Z","last_seen":"2026-06-04T16:45:44.745131Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/cmplz-cookiebanner-js-after","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fa4c981a06d2ac83c9732a7993ba0c6","sha1":"4e7fde4de697b1f227861327a8569bdfef1a5523","sha256":"e7f107195ac91a18b4205eff111bdf06894ba27a3ee71d0a9982483763ecffca","sha512":"e1e40a2946dc3a6ac69a9bb5140ca4f70aa6a05abede41a69d49df54795f4523ec60c94e3130c79f3ef9ad918b0af8c6a14da2b707845ead215089a828349ec0","ssdeep":"96:QME+DnaGyu8F6m3OILpci5mDp4wDUdDXLpci5mDp+wD/ujWKkrkJ:QP+7aG+FBwDhDUFwDvDmClAJ","tlshash":"a3a1daa8fb9e007365ff127a1d4765cc294ca0f6c4592cf6beb0dc2851d4d8c2ab85e2","size":4683,"data":"","first_seen":"2026-05-15T01:52:34.391428Z","last_seen":"2026-06-04T16:45:44.745954Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-header.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"b2879e5c35c7bd7feb88462f3cf13574","sha1":"ae2c260420ee4f80f6d86ae0c6ac19187e392a5a","sha256":"ec49308f43ec5a4a2fd37a49eb2b0d5814c5b4f98b027ef05797f2afedf76f3a","sha512":"8daadc5272065f41f8a4606b62d37c682760eb3b167df63f531ece7ced81a354b9bbbc7ecdc053bffee4e5ca66f0ab220d463dc488e34a1e91954bb1889f686a","ssdeep":"768:7GjmgtZ/NgNEW5r7XkuvRBwW/v1+qPyp1bRUk1kXyR4sRbDWxSrKvvVWMNJMAcHh:78mgTqNEwr7XkuHwW/N+fP4sRbDWxSr/","tlshash":"5df2464b3702b63595de42aac4390217f330ea95541a443cf93cfaeee878e5492f5a3d","size":34733,"data":"","first_seen":"2025-10-23T09:40:47.499489Z","last_seen":"2026-06-04T16:45:44.730389Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.scroll.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"4dbdaaaf1487f2ee3bcc7253ffd7a0d3","sha1":"a4e0f9712c749cdcb068a20dc00171ef6c8638f3","sha256":"1d2687bb25c29e37429e56ceceb6a019408769af69d1d076d12c1f9f24203449","sha512":"8d5ca849f2dce555d7f10902b62a2eaa5dd9f3617778e17b72ff910ebaf8bb8aafd69f1f289fa126af07c7fa26cdbb9bb7ab9e6159243eb1772100da4c7f6d78","ssdeep":"192:gI4VsF2jvHzI7PnwVfDXsk4oKdDAq39OX:xasF4vTinwBDXsA","tlshash":"d712508b321d79371aca8455e2a0461ba23496d0b508c0bcbd24fefdbe9d42c517bb3c","size":9884,"data":"","first_seen":"2025-10-23T09:40:47.63565Z","last_seen":"2026-06-04T16:45:44.735153Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/MarqueeHeader.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"a66d9531137b51bff1047f7411d97c25","sha1":"071d794b93e3187b4419dacbe0d92d3198abf54a","sha256":"9fb1242e884d3737ca034b95b6dba3f979f1fe6bdf7634dbbf0841033f0f2c01","sha512":"1e2dce3ae94f80d631d1e9c706ad071e399a464a915628c2695f2ab29f8d0d2a6ab6159c886260d7aaa3689caead2d5dab75c3652b9b0c137531557569bcfe1e","ssdeep":"96:l6CwGMipQBTxKGbfQgy0EAg3NOZChcYZ86xvzPBUotVt4hVWcvzWT9SlgCXKB7Q8:J0QGbfQwENOUhcM9zfUyOgCXKB7Q8","tlshash":"86b1520c6e001f74375a5eb7f41390d782be559b250d8b2ee5786c9036b8262fbeb139","size":5488,"data":"","first_seen":"2026-06-01T07:43:53.181531Z","last_seen":"2026-06-04T16:45:44.707249Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/CursorFollower.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"6830dfdc4c9c7903bacddedcd9d79f15","sha1":"3bd9b2a1e4ddfdddcf904b29eb04bf7f67b83aac","sha256":"a45cc28fe660f6cc99826c2802cbe2a22ad5f3d3bdd9bc66178ff6801776d47f","sha512":"8acd7ffc8fc209c725b87a3f0d2142f52be1b9802f38f716a7cb402be27b4aa0328c8fa090fbc3dad23c650bf692b257946e917d30bbcdc62a918f6c81f8877c","ssdeep":"","tlshash":"c77112002e8057192305cd6b332a94b7c65b98993ecd4c4fb11e8cb85c5e706eef6d76","size":3782,"data":"","first_seen":"2026-05-19T19:03:04.935098Z","last_seen":"2026-06-04T16:45:44.71837Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/DrawSVGPlugin.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"009ee43073a2e5b1ebb0875987e894d0","sha1":"34e75c9ab1aecd7e6b492bc5e992d58949a9f99f","sha256":"586dcabcbb6ba09bf252c541cc7dad490ac777d0a1c08c29f36cf492f347abb6","sha512":"6878d173138ca3fcc9812eea0deca91718069c465d2c0431f3ca13e1e6656642bbcee2ab7300f2b6baebc960fab4ef42e3939de5ccb19352741cd370f32eb41a","ssdeep":"96:Rk8z68oBfJ6vA/3bI9mGPA69BW6vCU4NWMHOf6xCurfZONnnKV:6ZtIvE3s9mGP7HWcCrNWpSDZOZnKV","tlshash":"9d91b5f936813433022906fa456f3807b13d08a6670d248cf7a869e97d66d3b6337de9","size":4489,"data":"","first_seen":"2024-09-19T22:03:11.999104Z","last_seen":"2026-06-04T16:45:44.737522Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/ScrollToPlugin.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e011b074a17f4b03ade7d11459c0d8a","sha1":"21b11e46187e60d7fb26b847a0761e9173c2c5f8","sha256":"e82f1a686ce2f7a62a7078bf101a386c58bd4e3b0b2e99f5774b7c1e54f8440f","sha512":"d4f2aa5c1cf68eed897007ab1ca2f495d8343d3ff5bebdcb821600b5ce7dfbdc72f1ed7d404b5a354cadd60a6ba2ec969e938fa8d2632f8817311304a476322d","ssdeep":"","tlshash":"398195deb440f07352df0596c06f5b8a6235583b271a8491a16decfdac10bbf6127e93","size":4038,"data":"","first_seen":"2024-03-04T00:21:49Z","last_seen":"2026-06-04T16:45:44.701683Z","times_seen":635,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/red?5231","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"461907cc2893e23c19ddaa91ce8fbfcb","sha1":"b74de88b1ee718cbcfac2ee7fc3fc970345f850f","sha256":"3e336c76a682f3c3fb6fa8c45fb9e0d58f9d5c95ac5dbb0632ab3dc049c545aa","sha512":"d99e30aafbb58e1d0ffe1c34e219a0ff4a42b346d51285d5f6f48cdbba720b855e7bf2b3dcc4053c7adb202bd4eade87bf5213d1b1abfadfad5294afd307b023","ssdeep":"","tlshash":"4601287324c21afbc9fab90267562b95372333eae574641089dc150434bfe57e1d5cc8","size":736,"data":"","first_seen":"2026-06-04T16:45:44.746739Z","last_seen":"2026-06-04T16:45:44.746739Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/plugins/google-site-kit/dist/assets/js/googlesitekit-events-provider-contact-form-7-9a37b777e8016c4536f8.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"d26400096ff121751f5d911ed46e5a18","sha1":"3331c3c714bd0e61bcc4313519414d0f9d6f63a7","sha256":"02a7b238a367202402e1857b5a2e7d258c229dd89d05003f6f6c4b08edbae2e5","sha512":"36180b398e9e8c3649d2f8bceb7f3a37343b179ff6242f3a6d2344886006c93295e5fb20dce7110992bf415258ea5498ff7cea86bbe27621af6bdca366d67f34","ssdeep":"192:NXyCpzZAM/1xnMgBXZBqGJCY8CYfCpTAUiLQyEh8lyvf:NiCPAMNxDBJBjMg4ChAUGEhv","tlshash":"a0e1a98876c2f8f295e5a2a1407f5507f03c761764adf840d31adcd1ac79e8b91b2b36","size":7252,"data":"","first_seen":"2026-06-01T21:17:23.658315Z","last_seen":"2026-06-04T18:54:28.519597Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/SplitText.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ab4d78435a4e872833393c18847015a","sha1":"0835ca7b5515aeb16c73c285b1834b76dd680ae0","sha256":"f906f960b061c3bd425b67054deeab6bb16db1e7ec9ba837beb19dde316a8839","sha512":"9f4249f8e2e10647826b0c3164c41ede5e3d6cb1320330e799b221cb18785b83d95550c224b2e0a9b980f2334b87f046255fe6b42e0afc94c8af6628bda9c0fe","ssdeep":"192:yDrEaLjwZ/9w8xh6Los1ZVBjV2uuw/wuPBnnlncpOjd/VFh1CKCW269EVCNj:qrEawZ1w8fa7jVUml+y/J1CFW9CVCZ","tlshash":"f96285b050216f207572121789561b1ff0a8591be623da36ebacf4ad7340834e7e7af9","size":15685,"data":"","first_seen":"2024-08-16T23:06:41Z","last_seen":"2026-06-04T16:45:44.739773Z","times_seen":561,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/ScrollTrigger.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba1fa78eb4bb49f8a0eeaf8e61708840","sha1":"489bcf6d9c69f0f29f871e0323510c5197859bf5","sha256":"ad33c2df9ada8a663c2147357828f980d0b7ca731ef33eb3c6e4f327c3b2cda5","sha512":"a2731344a2412b3f0cd539eaa83b86065a30947d28845ccc5d844d79bcfec8e71ce5342bff300ab2d87386ebf4862c942848901105c4ca79d70af3533a4e7476","ssdeep":"768:L+5LHpwfVyb83wG/B/nE306RAHdAIsxmAK31horUp45:apqgo3wKB/nKRAHOIKS3TjK","tlshash":"741309ca3244b03267df627aa52f030a733654d9291e4464f266e4e83c7d5bc873be6d","size":43380,"data":"","first_seen":"2024-01-19T15:55:20Z","last_seen":"2026-06-04T18:05:01.072395Z","times_seen":5867,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/framework.js?ver=1.9.9","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9acac4983d4756c2558ad1b704f77c6","sha1":"0353676910f23f8fe049fb234c7c51b93efc3a25","sha256":"5f96662c7a3ae8cb4d1a05aeefa3e8d922ac6f77727045a42e894be46fbd0231","sha512":"563ae62a25c4a1fc793672d3f03840c90793c47cb0e7dbc01c28b30adc5fbda1518e1241bf396dbbee5382112d8d7771dcdfcac020dc461456ead6251c3516c2","ssdeep":"1536:kRJuprQZ71H+kJn/Vej7+GvuUnRwv2JkiJGH06bxt6tp62MDreDkZ+B4g5IYQQiO:Gu9kEKKm7mnUmeQdGmp","tlshash":"0083f9d63305aa3247df43fba53a1207b2344994b84a442cb53cdded292e84563b7b7a","size":86118,"data":"","first_seen":"2025-10-23T09:40:47.487038Z","last_seen":"2026-06-04T16:45:44.716443Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/Header.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"72fb53fbf0507bbf0cfda215adc334ca","sha1":"295564b48ad5c71c3641a679bd79d1c3794ec477","sha256":"38d6c17b2a1cf8431304582194d55a4ab87e414ae9294d2f235f4c524407a447","sha512":"2c8e81b5001c939930c7249ed459fabae29db6c0e69853d2ee4261babff06929e9c70c36b892f5f39c8c551b8f28243aaf91c37c4c71c4f4353c3b630fe894a3","ssdeep":"384:MjsJ+6rcW6IVK7U+DNTwWawMIx34yiIYZzt/tCEaL2aRrJq0DWD8J7bfXT1imB2e:ysJ/rcxIVK7U+DNTwWawMIV4yiIYVt/2","tlshash":"058243046b411e39a3466a9fb32690e7d70a0d4d368e449bf23cac5c76c6743e6fe235","size":18938,"data":"","first_seen":"2026-05-19T19:03:05.067216Z","last_seen":"2026-06-04T16:45:44.702838Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=GT-NB3SQN97","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4dd0a1eb9614c83836be192573ad3024","sha1":"30db1909e2a51aaa3d78bb5e4482998ac4b1906b","sha256":"6df822713349cd60fa12a3c61612d86e075e996d11bc4e2c0360ae4db5d76a4e","sha512":"07d1ff5c1508181e9d07fe14bcea64a61dcc4426f89804e42a7b9f926587292a8398e68ea238813577d1c9e921205710f71f96b49c1159024946edab37c102a6","ssdeep":"6144:X2V3GsHPLhgbE47c2bXW0w40dicStQoSXDKTl25GGQ:Grx47LSohh","tlshash":"6da4e9ceb3d674625396f478903f018ba57b28e2b44cc899b189cce42e7469a4177f7c","size":478955,"data":"","first_seen":"2026-06-04T16:45:44.742376Z","last_seen":"2026-06-04T16:45:44.742376Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-infinite-list/arts-infinite-list.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"f351374fac677dde40ceb9a56154153c","sha1":"8d20ac0826e9fae6b5e62900e87cbd461c1df529","sha256":"b707aae8ae34224683d96476ef7d1e16fdb15baf3d7b766ccfc0571faf03567e","sha512":"dbd218b5623d0be5cda1a85d6f25fe2527a0566fd31ecb1e2305eb25f18bab1b910c379b6ed6708de6e687f5b50cc27576f14465520d7c3991ab416c16f5b81b","ssdeep":"1536:tQXVIrhc+r2ecyBIqrzxQOxWhbLwCL29coY0YOKGg/kn8xSr4kVv/wsfxSrKsVv+:ok7LggbkLPA","tlshash":"2253e9897309b52282dd915df4350347f335a6e6ac0a80bc7928edfda95cd18a1bbf34","size":64617,"data":"","first_seen":"2025-10-23T09:40:47.638973Z","last_seen":"2026-06-04T16:45:44.703842Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/barba.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c952f9e89e55f5c59100bed476bc11b","sha1":"564490b55fd6cb9f88423414e3c1c280b18ce945","sha256":"bc182e7ca6bf20c0687b5fbe588a294bf835ddb515201aec7e4838e8ac47e6e0","sha512":"1dd6fdf9438f59bf24bb0411cd9d49e2c08da975369aed691ba40dcd4de803ef2fab4b8594841e74011650da79a958b77eb4427df90b730dffb9cb80a8629d9a","ssdeep":"384:hqAWRRU6OmbhguYebCVQf/Ndr3Tuv9opc2ICM1fHyBPPP1:gN3LbWuYebCV6NdDCv6pcbCMRSdPP1","tlshash":"3dd2938df292f0778783a574a56f150bf23b6885244e8428f558e8e53c7a94ee123f7c","size":29506,"data":"","first_seen":"2025-10-23T09:40:47.575195Z","last_seen":"2026-06-04T16:45:44.71749Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/app.js?ver=1.9.9","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"459c16c8fd63abca08e7fb9be706162f","sha1":"da18a8b130f4f3352cad7a99e0068a595de801b6","sha256":"144afda9fde6218f174773a87fa5ac649ec8c68480499b7acf0fd52f232f8106","sha512":"d8a73c4d531d96efac6b8a51e42208997af620bb3fe1f3b11b8fcdd7aa2baa4089e70687034fe4cb99e256d02276f35909b642deaaa72c9b82ba0d093ad1b075","ssdeep":"384:49S6zDUeSNp0ynRFwpcYc+6HrcqNL7colco1cEaaX:49S6zDUeSNp0yn/OcYc+6goL7colcUcm","tlshash":"b54253a47d46691133cc6ebf376674d6d1e48e9b28888abec019ec8cd593717d2f2930","size":12289,"data":"","first_seen":"2026-05-19T19:03:04.936718Z","last_seen":"2026-06-04T16:45:44.733565Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-includes/js/wp-emoji-loader.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"40161458ad00a6d138f49d5b914fa6a4","sha1":"726329621534ab9cb9a33738b6844d0195fc6423","sha256":"98e65bd355e218507d93225d1ceedd89525323b4d710f4488a866b42f72afe3c","sha512":"ec24befe54e50aaf91c882b8134fa48264b6c36de744a43c043aeab8dca3ca4c79f2f66b9084b8d2c4324c7aae517b60305a802441c2b9fd28e71d2275da95d6","ssdeep":"","tlshash":"4e71969ae77638dbb2f900f2697e0d47eb614435d6c8d038c9bda3141cb5893c378a46","size":3666,"data":"","first_seen":"2026-06-04T16:45:44.7475Z","last_seen":"2026-06-04T16:45:44.7475Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-includes/js/dist/i18n.min.js?ver=781d11515ad3d91786ec","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"e73824b7ab9a4f88f98e0530b43ede25","sha1":"e95c97fa934f0cef056cc9d7be3aeacaefbbfd33","sha256":"46668f561bd01aaab7c0f42be3d045eb9c3eaab6b9f5ae4a9f6bcf28fa22c679","sha512":"973a620e6d69dcb9b528f6a446f977cb8401dbf0b7b8df3aebd58e8198ab301331195a02967ef260ac44754058b6b9d82b7c61d4832e55d6ffb056f64656b9d7","ssdeep":"96:0E7/RPgrMs4WLJOmlWS33c0xyE2B1596NiH826V0NG7CXMGOyd/sEomkKvYCGaMe:bhgws4WTBYNB1C9aNwAMPyd0R3SGaMSL","tlshash":"8bc1a7c975daf056235910a594afb005e134be2870deac00aae0c4957eb44cdb1b7fba","size":5697,"data":"","first_seen":"2026-04-26T21:57:59.028052Z","last_seen":"2026-06-04T18:51:32.257113Z","times_seen":9808,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/scheduler-polyfill.min.js?ver=1.3.0","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"be92121776ca650425da1bb0c3055b7d","sha1":"ce9e7e3ae6f5331ef37420b0d5e44880c4269754","sha256":"de6af007b85134f3275213a39268d4ebc32e4429b13d822b44f0e3de788f795d","sha512":"b9ac972db732e4aad7c120651bf3d70ca07e1ee352825cf8c3a3b450d0cf0c184bbc9243270346952047b29d9d7890cd4f2146adc3e14276b4fb73ef39fbcabf","ssdeep":"192:Las0/t50xc9vTR639uTMJTerntiR2RRqtr1HmaEtfbqKRyP:LH0l50oTwsdKlam","tlshash":"941231f151a6eb660ef6f293d3069343a33c63666c4842697bacebc224945c05363f72","size":9288,"data":"","first_seen":"2025-10-23T09:40:47.621761Z","last_seen":"2026-06-04T16:45:44.743837Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.1.6","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"2912c657d0592cc532dff73d0d2ce7bb","sha1":"70a679e2769825236f83bcc56965a9d0bd86c4e9","sha256":"ddcce687729cb358abf9d0d8e1217a097859be2b0d18c23d7c851b38c87bc9c0","sha512":"9646384e65d09bf00cb20365f43e06dd41e7428e3fc6cc2737f4e69b50f006ebb25bd24a566fcd9faec2f0dcb24404e25d57ba7b8c6aba61797a29c515ad5144","ssdeep":"384:IsIRHeFJ1yQ7QdfnJgeYh7MXlsNqrBp1pgQpwOjNtqohIQ/5Z:IsIR+L1yQ7QdpYh7M1iqrBp1pgQpwOjn","tlshash":"0a52d7a1472955321eb506e391e513c1769075aef44b8aa1a898dc2e18bdcc328f3ff7","size":13452,"data":"","first_seen":"2024-11-04T17:50:00.022634Z","last_seen":"2026-06-04T18:50:11.503916Z","times_seen":203643,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/asli-app-js-extra","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"34f87456ac7ea72a7aedb76335045c2f","sha1":"1072310c11c262ec5d5373c83f8405e5916ace0f","sha256":"752a82936e3416b47f437cc045020ae9b43304bf1021c984787b200fd1643d0d","sha512":"223c705904983a6c95c5b922aace9136363185716badbdeab3358fc56fd01d9733bf0c2eea1ae92db0b3edae57fb3651a16e75f3ccf6f583d58e64acb064889f","ssdeep":"192:l+YtqzByKEp9GqaSViFQnU8TsSA0e9tGW74Sh8bGqAUmNmCVnUfe3BM49lH9liuh:l+Yt+yKWtaSViFQnU8TsSA0e9tGW74S7","tlshash":"a432bf62c447862112e6b3f2e16d3e43c4dd94a7d8cad395ced8e84dc3f6e55338a229","size":11056,"data":"","first_seen":"2026-06-04T16:45:44.748342Z","last_seen":"2026-06-04T16:45:44.748342Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/AJAX.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b86caf72fb082e8bcd740c7c1ca23e8","sha1":"de0d10c1e06e33a23f17bfca987ab07ff2dc93fc","sha256":"8fa9b9587caa637306105ce31b3865015daf9c88229763b6600d14a5263c5dde","sha512":"08874aac78fd56cd445ce17e4d0c53c30317f2430d61e91a922b7e8b80b73112943a6d3ee6268219d4555cd409fe376d09f1a51394cf127b94e63739498a090d","ssdeep":"3072:jfzenm6MIph9piypiXpiyyOhdsLe+yWtJN:jfzXWtJN","tlshash":"cfa3834426845f59238b5fbf7713b0e5e9ad08aa290848abe114fc1876d3327f3f2675","size":99932,"data":"","first_seen":"2026-05-19T19:03:05.040511Z","last_seen":"2026-06-04T16:45:44.740361Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-i18n-js-after","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c97bb95d7bbfc14b6f64fa06f7d14866","sha1":"f4bb14e9287d18e619ccf340929b6cfa5d960b9d","sha256":"014ab15462fd1f1ac4ddfa596c2a385c5f6f89f74d67fa872ac80899ce1a5016","sha512":"436a0d43b9b50d30f414a00324dadbd4c5dbe710f1de508f52967d344deb56c88eb7311714eee769255a8b4c2f89754f22c5df65667e4f6152ba352fa17808e2","ssdeep":"","tlshash":"60f012cbf4ab3d50828fc7b48d23be0145502487c2afd50875e59d3496718c0b4c362f","size":645,"data":"","first_seen":"2025-12-09T21:05:30.337789Z","last_seen":"2026-06-04T16:45:44.749294Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.speed-effect.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"b6fde21fdd6c84d088eb3ddedbb4bdee","sha1":"e9bdc6ed6439aef32a58d33aaaf3cb452c0fb83e","sha256":"5309bb696de3b88e903c1cc7b1c330d5b791c3620f76eaabf0aa745081d9ead0","sha512":"685adff4ed079181cbddc7c81fa604f03db72d78cc63116e15abf6a9a78c9b3bd0cce5986d750314d0d0f01492b20c8e2b240e9eaff38402a2a95112253d95ec","ssdeep":"","tlshash":"c931230234492e5551d25e85ead08f2065059f92b83ab8bd3dd4c6df79c448d02fd653","size":1481,"data":"","first_seen":"2026-04-16T07:45:24.107674Z","last_seen":"2026-06-04T16:45:44.697355Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.marquee.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"5c0135d603f751fece82afaafdfe0012","sha1":"77180f9ab0c8a00081b76ec19d7525d471ce5af2","sha256":"01d72bf5f2a3beb02e4eaa996b2d36106f86d6e9feb2a9fa56179c44261ad41a","sha512":"311e08c87280a589259066774178d0c53c50497cc05aedf0ab66ab06ce44080a68e568362bb7ba40cf6c08fda166e1a959f586d3fa31a8eb73d6de2477721fa6","ssdeep":"","tlshash":"0e51c09d224caf37a2f6c39957a442276504dad2b815827c3c78bcfdd89980c7335739","size":2909,"data":"","first_seen":"2026-04-16T07:45:24.223234Z","last_seen":"2026-06-04T16:45:44.708384Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-includes/js/dist/hooks.min.js?ver=7496969728ca0f95732d","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"0174a320c4dd06b3f2871de897acba21","sha1":"b9ff75dc08d6030996eba8e3bef085303297360d","sha256":"1d231f080d1df633865e5a079d8e4e377a6c6b13b3a67be8e271b848eca1b05f","sha512":"936bd3b0db0b0a33d20758b6067b838ec36632b08d58f6a8aa7345cb738ecee15340711a396f592c7f046b1b69a6fc312f76a5708bc5809dcf5d4564de7f47ef","ssdeep":"96:pu/16WIHBLusBcADGDd/R5h2RTLlD3jMXY2yGy94E34sTY2Cif:pGIhNBcAD0NRv8XlD3wXY2yH+EoaY2f","tlshash":"34a151c43542b830e2b77027f0ab58d46175abe1a82d8446d59cd8f12da39cee0e7b3d","size":5015,"data":"","first_seen":"2026-04-26T21:57:59.026054Z","last_seen":"2026-06-04T18:51:32.274027Z","times_seen":9999,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/gsap.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"47da594cbece0e34a656e6bf2490b7c3","sha1":"2d26f4c060491ac980d09ca687388d3610256eb7","sha256":"28033e449a31ebcc396e5be8b13b63152bf03094288fb5867034321927bce087","sha512":"ede1d1c1c6d890ae1df60ffab43fe68647fef9ea131f0a4d33dc28071b4f5015a6ebbcde01f142f87adda04d866a729ea1c972fd5c5e2ef22ac2f09d93ba9272","ssdeep":"1536:auJ29KBROpgAEQ9a1tgwA6NSZW3ytdKTdIwEp28Ywz7CDE:f29CakgwdNSQ3yt8eNp28YqCA","tlshash":"d063e8d93292f423039a51a1447f094bf337a958640f0918f269e4ce7d3c9ad52bbe7a","size":72214,"data":"","first_seen":"2024-01-19T15:55:20Z","last_seen":"2026-06-04T18:05:01.05943Z","times_seen":7182,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/MorphSVGPlugin.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"879f4afc4c7464026cbd0337d86cf69d","sha1":"8d43ae7df0dfcac916136b3daf888a47dcc7be3a","sha256":"23f9fdf6a8c6f08c72792ca93f036e64c2c57363da87ad90e4d3d342c1f62587","sha512":"530c542165011cc0ed362f50399cf5b9b652bdd9928b06566dc35154b8d1ae7ec31a984e16bced8efe1ceb125916a980e9803f7a6662f13533d94be4a589f034","ssdeep":"192:MtiIBH0UWA/ggovOpFPYHMYUi2LByMKvJQnyH2q/MNxL6SzMlR3KV5oiWkS+YCm:dQHhrgJuPddi21evJSq/4dm374YL","tlshash":"36724bed3144302a44552bd0048f1897a335ad197a0a9a11d36cd8d2bcacefa96fff39","size":16748,"data":"","first_seen":"2025-05-20T12:51:34.961407Z","last_seen":"2026-06-04T16:45:44.732782Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=1776412888","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"56c9676ba030ad9d7fb5521ee10cee10","sha1":"f997465c15b5b5de8a53aaea553aa269dca9d755","sha256":"6da59ce6285ab9cc242e38eddfcf550026c0aaca760a6bc79a1024696b6092b1","sha512":"0849e329a05e8490ffb4aa7d72ffe67b63886370003ffddf0d4fa700a459cd399a928fc45eeb8f51016036ea1791c3838d7017118f74b7e68a5bd1ae402a7e2b","ssdeep":"768:8h4r4cjxYZaYSJjv+YfzwLpstNyu+BVurxesKNVhIkYJO2ybEXoHgFC1aRHWpkiq:KZal0BKHWpkVM0KtmuECEh","tlshash":"2c13d8b93adcd0b511ee47ed37abaf48e4303962d80fc8609565dc542268dc60e9bfb1","size":42015,"data":"","first_seen":"2026-04-07T18:32:07.00063Z","last_seen":"2026-06-04T18:11:02.470629Z","times_seen":3903,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/Scroll.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c712ca782d7fa41aa32ecf07b2281de","sha1":"5c985eb3e6e542be9d2b55d9ba677286ace143f6","sha256":"efeaa259336697c0955dad0b6c976037a0d33bff1fa122b981dbd5e064cd7837","sha512":"bb069bcd3c032da7be72c1a4d0b822a73de01400ebfd93cd1a3600527c1cae27f9844586c16f6b376a4bbf19caf3da7fd326d8dce2892b4f9715928804a50c79","ssdeep":"192:tEV8V9wGJVvxsjn723PB0GkXmTUY2nJ7Abg7WE3LNgcX:tEV8V9wq6n72/B0GU0J2nNAc6E3LNPX","tlshash":"df1284415b401f4d038d5abb3e1674ebe41a1caeaa1984cbf029bc1e655a733e6fb530","size":9401,"data":"","first_seen":"2026-05-19T19:03:04.889795Z","last_seen":"2026-06-04T16:45:44.727815Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/MenuClassic.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c008541808423015c270e61245be517","sha1":"6dfa4747e73b6e5b73785d77346a0e3e3e18946a","sha256":"88bbc6512788786930f78548d45c4c89fd98e802f0fbabfc0b0615d34f331fe6","sha512":"d6ca5f2f8c0c3c56a53bb0ddd9208debdd83725ac5b62f27b00e292b5cc5f3cdbef547c1085bad6967ec401f0c6e399f0cc0b9227deea129d303cffd85653224","ssdeep":"192:o1cDIgl+NWdJAqM2D9qLzXgLgMHdABcE1EjN7H6SxKH:o1cF+NWHAqBDYLzGgMHiEFxxi","tlshash":"83023018afc00e5c276a4dfb361734e2f4251e5a78c5898be23c7c48a686717f2f91b5","size":9003,"data":"","first_seen":"2026-06-04T16:45:44.725775Z","last_seen":"2026-06-04T16:45:44.725775Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-5LGXKFRG","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc62e759892a2cb05a59ef1fd889d87b","sha1":"a841d2d94ab7de2f82b89e0689ee11509f48ee92","sha256":"23bd0d7c9dd6d1937a955fbdcbab6d175a932eb589b4ac4d1d064529ab8e0b8d","sha512":"bab1224b6f36cd14dfab36f2b42a767aca9ba5ffbf814a8f371a292f587ff3c9af4b89ff9d0c00af31534f670cdb791b13b83020f693b8b5785c2d91dc7d019b","ssdeep":"3072:DJDNtwrO5hPeGzIHPBVu0XTlYkY1bdZTJzYCGB5Ck2pbCmW0wkl0dicShP2SsY9D:763GsHPfgbP4V2pXW0w40dicSF2SNhqQ","tlshash":"d464e7cdb3d6b46283a3a478903f114bb23a79d2f448c898f186d8d42e746694277f7d","size":324375,"data":"","first_seen":"2026-06-04T16:45:44.734404Z","last_seen":"2026-06-04T16:45:44.734404Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/MenuOverlay.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"d7bf33b4ff33e30b7cfe80a07b8db907","sha1":"ca0f6f162988047e91b9c94c784f54a30162d476","sha256":"796c8eb87dcc2d91003526c5c2f810441f1971bc49241f9528ed32fc356c9f68","sha512":"fcb51b8d6eb022c643c6c89e589a12701f79b479028769b4f51e3512bca2d9a955b8ad05d5b7fd9cd46c5012552103fbf0c9dabc4c0ec7d57ba1dd01c76b5fb4","ssdeep":"96:pg/Qe3cwHckd/f8A3Ez6uVwTumY5RAKOd51COLExJGk1ba/rEIt3Oo46FoGqqFED:pgHcwcwcA3Ez6uV+tmWdnoa/YIE9tSy","tlshash":"47d1955563842b4c678fddef6303a1e3db09486e295ec088e125fc54a8ed652e5fe134","size":6728,"data":"","first_seen":"2026-05-19T19:03:05.054573Z","last_seen":"2026-06-04T16:45:44.722377Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/contact-form-7-js-before","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"22c131f526bfef8b8305f83c2ce9de40","sha1":"0dde81d2a4f035afad9b3824bfbfd69cf692d506","sha256":"3d375135f3ca81513fba00b60064d7e2c9cda2be78202ccaefd3ab30c09ab87e","sha512":"949b24bf70b90b7c2a57c1e77d555dbaa0619781848b421a1243fa39e0069fdb2ae330a48bde7ca91d47b6fc5b47d320459cc7d8cf793147f14ca8c0b97e64cd","ssdeep":"","tlshash":"a30180d5d9d81c4524f6c374457c2310f114d517c61f5f05f60d004c5fb44787a08185","size":732,"data":"","first_seen":"2026-06-04T16:45:44.749804Z","last_seen":"2026-06-04T16:45:44.749804Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-includes/js/wp-emoji-release.min.js?ver=7.0","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","size":22762,"data":"","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-06-04T18:48:05.79515Z","times_seen":257142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.renderer.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a1111af9ef9fa9a23ae5ade7f4e7509","sha1":"39be93e0959e52b976d82157c29ccfcd8b6e171f","sha256":"01bf65b11f61f46b25540a24874dd4273057fbb248d37493490ba27a03a5271b","sha512":"b72ed3a33e88a9a0abfdeebfcd82fcbc1d43882988cac66fd34a5bcf89de1e513e3e91d83503d0ec81dcb37385010802b120a42d41b3378d7f1728d59e1c787a","ssdeep":"96:DQ/W4dIby/8JK6OqL96/W96wMLiGsdpLUL0GDLrdULCF1v7Fr:CrSL9OW9ZMLiGsdpLU0G3rdUmZr","tlshash":"539153c43205f41c45aa1399c5a9022fb2287929b85f80cc7354f8ee997a86d33fdf78","size":4314,"data":"","first_seen":"2025-10-23T09:40:47.42835Z","last_seen":"2026-06-04T16:45:44.700117Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-cursor-follower.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"852f1c55963746afea5d140c7e8eefb7","sha1":"20b51bb81da05e8042db442a18abb3c56ccdf999","sha256":"14902068006ec47b028b36934a5dfca77a8b7850ed904abb8cc1378252af37b0","sha512":"8f1878e40742ff261c271e04ab37288c8aee8d3d46b5f94925d66f6a6c5736ae40d69ceb7f7af1d61e72ed4a77f15c58fe88124141d82b4f05fc5a6d4b62249d","ssdeep":"768:FCGTQXRG0rzxJh+76jWKYwBlGP5du5q1+NVDk4kCbRVcprzxvtU2k1k6krxkskyV:FNTORlrzxJh+76CKY6GP5dKq1+NVDk4c","tlshash":"13d266c97106aa2606cb43fb447d020bb235ead52416c5bcf97cebeda439c44a3a7735","size":30784,"data":"","first_seen":"2025-10-23T09:40:47.517559Z","last_seen":"2026-06-04T16:45:44.698248Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/contact-form-7-js-translations","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a694956f7ed52e1ed67a7398eb41573","sha1":"69e53fce75db350c111080173d608985a736343b","sha256":"d0bf542dd2751ee7b85f0253a6c6e490ebe5b123c0eb0903e9e4bbb1d5d241ec","sha512":"15a065ca6993f0e32218bfe7614cd28a4dfa330e638cbd95bf6b6fda32fdc14f8006c69d8f7bb1f4e0e270472ccc7fa2cf515df63b43b5408a39c727c66b8ce1","ssdeep":"","tlshash":"ee211084dc78ea25858691b975ae7e4ab578f610c36f1c03620e048d2aa167dddf364c","size":1242,"data":"","first_seen":"2026-06-04T16:45:44.750585Z","last_seen":"2026-06-04T16:45:44.750585Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/red?5231","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":true,"md5":"bd0fe2d14a255987b6dff51686648074","sha1":"0be8315921ff331cb2e155d677068a50a4ea9b6b","sha256":"9e7614f336b8eefd1b3a8dee8248637710461dda55be988bcd02f9cf140de446","sha512":"6f7b27542f886403c52c3428beb9e15b15484d250b9bdbb792a448add94615f7c8dacd698fcbcfa19f3e26f7de1ea12fbf2031d582dacc07d0a4b871163d81d5","ssdeep":"","tlshash":"8ef0f1ca7b9c0430ae6ee23a473d0d6c313f302cb0850c37cefcc825601469b04267a8","size":441,"data":"","first_seen":"2026-06-04T16:45:44.75142Z","last_seen":"2026-06-04T16:45:44.75142Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.1.6","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"96e7dc3f0e8559e4a3f3ca40b17ab9c3","sha1":"d363d0291e92c233e828023583dcf6685f2da5a2","sha256":"29fdd17a7002a2e1bbd9b33adafc53457c64006b5aca8f6e4dbf907de35433ca","sha512":"851dcea59510a12dd72c8391a9ea6ffa96bcbe0f009037d7a0b6e27bae63a494709b6eee912b5ed8d25605fbb767a885f543915996f8a8aff34395992e3332dc","ssdeep":"384:wwuf8OQL0sARrAZcNWLq/+Ffm/hibLexa2VautyX2fsL3ZHO1O9H:wwuf8OQL0sAZAGNWmGcibLexa2Vau0XD","tlshash":"d34235e16197e0f0c7c338a48816c051f2bf866cb9898054fb5dcdd22d5de07626b77a","size":12512,"data":"","first_seen":"2025-03-11T19:47:45.42406Z","last_seen":"2026-06-04T18:50:11.600818Z","times_seen":196249,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/lenis.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa3986869af6096939c518ff6bc76afb","sha1":"500e717798fb821755da3a1fd3d9aa62444e19da","sha256":"2ab7cc86860b11f2565169f4abc0019a1c23a336a4777b2252492f74a7adc5ad","sha512":"f7ae84e679ddb9d549bc6e17b050fbcd061fd9f481a4bb6f11d708bb839d811434d8a56160597341f168f666a699cc81a48c9e23f4c71ed9db4599a1f7300721","ssdeep":"192:i/5jiVG30NmmWYFoiol1IcRLqhFrQa5Fu7zK8rMIJvDU3fZ55FD5huK+GDxWoRG:i/5jiVG30FWBjIc/a5Q7O87JQruScoRG","tlshash":"4552984b6311fa7123ee91dee1178206733663542741002cf8bcadda7868675b2b6fbd","size":13446,"data":"","first_seen":"2025-10-23T09:40:47.685451Z","last_seen":"2026-06-04T16:45:44.721419Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/Masthead.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"introduction_type":"scriptElement","is_inline":false,"md5":"b22841f8b19435abb9d6f0827c66af79","sha1":"b6844f1d625fbea34d701f489bbb10665751aa68","sha256":"7977fb7aeebb32448b14741cb46072c731c0508fd737ca73e4d485fedb985756","sha512":"18d1661843154e6b9ecba298dfef4299d51873f3e79909f5b0dae857a5f634cfa425b1d918012c1b0ea251ab59fbc6707948770f43f6311aa34f36334220e311","ssdeep":"192:23a5Gzf4xYvJRmwyrl6IoKPQE77p/XtkOK1IaU9iX2sGeyMqoK8zr07JBq:23a5Gzf4xYvJRmwypboKPP/p/tkX+sGC","tlshash":"af22a5151e804a15b38dd6fb7213a4d7da21484d2b5e8cf7f9351cac21a8e1ae6f7930","size":10268,"data":"","first_seen":"2026-06-01T07:43:53.117993Z","last_seen":"2026-06-04T16:45:44.711616Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/2024/10/cropped-ICONE-192x192.jpg","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/2024/10/cropped-ICONE-192x192.jpg HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 18 Oct 2024 06:44:43 GMT\r\netag: \"6481-624baa3546cc0\"\r\naccept-ranges: bytes\r\ncontent-length: 25729\r\ncontent-type: image/jpeg\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25729,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 192x192, components 3","md5":"75fba17c4c7308659bc9c749a56c0df1","sha1":"6a1e4655fbb97c10148997361186fb566ab59882","sha256":"efbb7532400712f5847133c74a8366468458ea7624af2034ca46f5ac483faaf2","sha512":"460acee97885375f417fbbe36178fd0d7e83157f410c2deec7ad2a59bea472c86bc3c8d7c3e6c450f2b5abad06f48320c6197e0ec10ac262b13e71aeb7852d09","ssdeep":"384:hYNg735lQTswsnxyVnFn/isKDsnwGZkATEkInsbJinT+/upu9kDx/:hYylmTswsEXn/iMwt/82SUu9kl/","tlshash":"75c2b066b9f9100cd7c19a7418b2f5c7fc317be282784934babdbc865b405870bee251","first_seen":"2026-06-04T16:45:44.696123Z","last_seen":"2026-06-04T16:45:44.696123Z","times_seen":1,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":38,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.speed-effect.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.455Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.speed-effect.min.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nCookie: _ga_QQ45JBGFDC=GS2.1.s1780591512$o1$g0$t1780591512$j60$l0$h0; _ga=GA1.1.1796942693.1780591512\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"5c9-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 627\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1481,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1481), with no line terminators","md5":"b6fde21fdd6c84d088eb3ddedbb4bdee","sha1":"e9bdc6ed6439aef32a58d33aaaf3cb452c0fb83e","sha256":"5309bb696de3b88e903c1cc7b1c330d5b791c3620f76eaabf0aa745081d9ead0","sha512":"685adff4ed079181cbddc7c81fa604f03db72d78cc63116e15abf6a9a78c9b3bd0cce5986d750314d0d0f01492b20c8e2b240e9eaff38402a2a95112253d95ec","ssdeep":"","tlshash":"c931230234492e5551d25e85ead08f2065059f92b83ab8bd3dd4c6df79c448d02fd653","first_seen":"2026-04-16T07:45:24.107674Z","last_seen":"2026-06-04T16:45:44.697355Z","times_seen":3,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-cursor-follower.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/arts-cursor-follower.min.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nCookie: _ga_QQ45JBGFDC=GS2.1.s1780591512$o1$g0$t1780591512$j60$l0$h0; _ga=GA1.1.1796942693.1780591512\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 29 Apr 2025 15:55:08 GMT\r\netag: \"7840-633ecd3254f00-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7514\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30784,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (30784), with no line terminators","md5":"852f1c55963746afea5d140c7e8eefb7","sha1":"20b51bb81da05e8042db442a18abb3c56ccdf999","sha256":"14902068006ec47b028b36934a5dfca77a8b7850ed904abb8cc1378252af37b0","sha512":"8f1878e40742ff261c271e04ab37288c8aee8d3d46b5f94925d66f6a6c5736ae40d69ceb7f7af1d61e72ed4a77f15c58fe88124141d82b4f05fc5a6d4b62249d","ssdeep":"768:FCGTQXRG0rzxJh+76jWKYwBlGP5du5q1+NVDk4kCbRVcprzxvtU2k1k6krxkskyV:FNTORlrzxJh+76CKY6GP5dKq1+NVDk4c","tlshash":"13d266c97106aa2606cb43fb447d020bb235ead52416c5bcf97cebeda439c44a3a7735","first_seen":"2025-10-23T09:40:47.517559Z","last_seen":"2026-06-04T16:45:44.698248Z","times_seen":6,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/css/bootstrap-utilities.min.css?ver=1.9.9","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/css/bootstrap-utilities.min.css?ver=1.9.9 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Mon, 17 Jul 2023 07:43:54 GMT\r\netag: \"d097-600a9f5d34280-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7080\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":53399,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (53179)","md5":"4df1ccaef5f121dfaf1992a06c4fcd05","sha1":"c7a8f8ca42995f04520b9e01cca48c64438e1b08","sha256":"b08085636723298e3c54095cc7059ec6ee5f7ce60865263fbaabc1bceb096a56","sha512":"f4629923f9c1b332fd51a2353c31a16a10e5f7b9b5983148275a975949ae00187860b5e1ef7138eb875939ead451bacfa934d7e0d8efb476369c05168ef2ae2c","ssdeep":"768:Uy9/5y2Mkmghfxhmx/G1NfbApz600I4r7T:P5e0VUpz600I4fT","tlshash":"d133b8c7f6d62808c5e68245c5a1bfbc8dbf8948c752adcba4177b7a8785bc70980d1c","first_seen":"2025-10-23T09:40:47.523386Z","last_seen":"2026-06-04T16:45:44.698956Z","times_seen":7,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/google-fonts/fonts/librefranklin-jizdrevithgc8qdibstkq4xkriuf2zc.woff2","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/google-fonts/fonts/librefranklin-jizdrevithgc8qdibstkq4xkriuf2zc.woff2 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/uploads/elementor/google-fonts/css/librefranklin.css?ver=1743504177\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 01 Apr 2025 10:42:57 GMT\r\netag: \"7298-631b5332d5a4a\"\r\naccept-ranges: bytes\r\ncontent-length: 29336\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29336,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 29336, version 1.0","md5":"e762e44cb164b541165601daed140a13","sha1":"510cfd47e5fa014beae4ad527cfa1b6d31141789","sha256":"c4d5d8c2ab89b2f588e061a7d40627b75dbdb7d3288683fd44bdd4e894ca359b","sha512":"c8a91341a657c6a3aac5e8de64b3058283f076d3858a1bb2b5c00626e13ee6b705eb70f62468868b07cdfbe26eb9aff4063b453c7912b51e0922dbb2629fb3df","ssdeep":"768:xCBOHC13l0wqzpycliAcSQApb/4Q0R5/dwyaNr:xxHCQhsylQCb/U/wya9","tlshash":"ddd2f120adc7258cb471e2f51a493f32e1afe07adce04151126a9c8d35ca1ef469fb93","first_seen":"2024-10-02T09:10:05Z","last_seen":"2026-06-04T16:45:44.699554Z","times_seen":1296,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.renderer.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.renderer.min.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nCookie: _ga_QQ45JBGFDC=GS2.1.s1780591512$o1$g0$t1780591512$j60$l0$h0; _ga=GA1.1.1796942693.1780591512\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"10da-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1503\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4314,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4237)","md5":"2a1111af9ef9fa9a23ae5ade7f4e7509","sha1":"39be93e0959e52b976d82157c29ccfcd8b6e171f","sha256":"01bf65b11f61f46b25540a24874dd4273057fbb248d37493490ba27a03a5271b","sha512":"b72ed3a33e88a9a0abfdeebfcd82fcbc1d43882988cac66fd34a5bcf89de1e513e3e91d83503d0ec81dcb37385010802b120a42d41b3378d7f1728d59e1c787a","ssdeep":"96:DQ/W4dIby/8JK6OqL96/W96wMLiGsdpLUL0GDLrdULCF1v7Fr:CrSL9OW9ZMLiGsdpLU0G3rdUmZr","tlshash":"539153c43205f41c45aa1399c5a9022fb2287929b85f80cc7354f8ee997a86d33fdf78","first_seen":"2025-10-23T09:40:47.42835Z","last_seen":"2026-06-04T16:45:44.700117Z","times_seen":6,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/style.css?ver=7.0","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/style.css?ver=7.0 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Thu, 05 Mar 2026 20:20:32 GMT\r\netag: \"208-64c4cab188400-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 329\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6f7703d4dd3a18f2bed5d52c17cd554b","sha1":"2fda6580a5468e73e88eca8a39afecfd23ed2188","sha256":"64ba2f36f412da1688f4f3bcea7501574421d4d6dc260cce67459b5d27bd2dbe","sha512":"ec265da5decb365650f9efddb8314e7c7d6d422b275d538073c362682c948b611d54944d0e00fc489f4a3583befac45c3a6f58a9dbdf5e0e50d937a68417eda6","ssdeep":"","tlshash":"0df0c0052a2692a3b2e6c38b3c637156649bd78091cc54f4d54e91965c2975f23f5428","first_seen":"2026-04-16T07:45:24.091273Z","last_seen":"2026-06-04T16:45:44.700691Z","times_seen":4,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/ScrollToPlugin.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/ScrollToPlugin.min.js?ver=3.12.5 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 26 Jan 2024 20:14:30 GMT\r\netag: \"fc6-60fdef18d7580-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1945\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":4038,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3745)","md5":"9e011b074a17f4b03ade7d11459c0d8a","sha1":"21b11e46187e60d7fb26b847a0761e9173c2c5f8","sha256":"e82f1a686ce2f7a62a7078bf101a386c58bd4e3b0b2e99f5774b7c1e54f8440f","sha512":"d4f2aa5c1cf68eed897007ab1ca2f495d8343d3ff5bebdcb821600b5ce7dfbdc72f1ed7d404b5a354cadd60a6ba2ec969e938fa8d2632f8817311304a476322d","ssdeep":"","tlshash":"398195deb440f07352df0596c06f5b8a6235583b271a8491a16decfdac10bbf6127e93","first_seen":"2024-03-04T00:21:49Z","last_seen":"2026-06-04T16:45:44.701683Z","times_seen":635,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/google-fonts/fonts/nunitosans-pe0tmimslybiv1o4x1m8ce2xcx3yop4tqpf_metm0lfgwvpnn64cl7u8uphzibmv51q42ptcp7t1r-s.woff2","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/google-fonts/fonts/nunitosans-pe0tmimslybiv1o4x1m8ce2xcx3yop4tqpf_metm0lfgwvpnn64cl7u8uphzibmv51q42ptcp7t1r-s.woff2 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/uploads/elementor/google-fonts/css/nunitosans.css?ver=1743504173\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 01 Apr 2025 10:42:53 GMT\r\netag: \"794c-631b532ebaded\"\r\naccept-ranges: bytes\r\ncontent-length: 31052\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31052,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31052, version 1.0","md5":"5c4f357d4926fc197d43abc63b7fca8c","sha1":"686af7000d038d7479ed36b48a8ebb0ea9b98aea","sha256":"1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3","sha512":"9f760f0c8c7fe583bbcb8270abf62c826d33fa6dceaf820533b64b56742284ec9b750066daaf9e4d3c0305373d1db8bd2ad47bbb88573610f0be2a617e183dd6","ssdeep":"768:O0RiZKVUEuUY9yqDvkLAGxqwSUZZ+ntzoNQG:O0RvFuUY9qn4wSG+C","tlshash":"f7d2e06e7e77c5b468489372f0fe1e3137ac3916314d22e27ac3aa3d34b3756a824452","first_seen":"2023-04-30T22:47:43Z","last_seen":"2026-06-04T16:45:44.702243Z","times_seen":8007,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/Header.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/components/Header.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/themes/asli/js/framework.js?ver=1.9.9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"49fa-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 5410\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":18938,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18938), with no line terminators","md5":"72fb53fbf0507bbf0cfda215adc334ca","sha1":"295564b48ad5c71c3641a679bd79d1c3794ec477","sha256":"38d6c17b2a1cf8431304582194d55a4ab87e414ae9294d2f235f4c524407a447","sha512":"2c8e81b5001c939930c7249ed459fabae29db6c0e69853d2ee4261babff06929e9c70c36b892f5f39c8c551b8f28243aaf91c37c4c71c4f4353c3b630fe894a3","ssdeep":"384:MjsJ+6rcW6IVK7U+DNTwWawMIx34yiIYZzt/tCEaL2aRrJq0DWD8J7bfXT1imB2e:ysJ/rcxIVK7U+DNTwWawMIV4yiIYVt/2","tlshash":"058243046b411e39a3466a9fb32690e7d70a0d4d368e449bf23cac5c76c6743e6fe235","first_seen":"2026-05-19T19:03:05.067216Z","last_seen":"2026-06-04T16:45:44.702838Z","times_seen":3,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-infinite-list/arts-infinite-list.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/arts-infinite-list/arts-infinite-list.min.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"fc69-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 15900\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":64617,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (64617), with no line terminators","md5":"f351374fac677dde40ceb9a56154153c","sha1":"8d20ac0826e9fae6b5e62900e87cbd461c1df529","sha256":"b707aae8ae34224683d96476ef7d1e16fdb15baf3d7b766ccfc0571faf03567e","sha512":"dbd218b5623d0be5cda1a85d6f25fe2527a0566fd31ecb1e2305eb25f18bab1b910c379b6ed6708de6e687f5b50cc27576f14465520d7c3991ab416c16f5b81b","ssdeep":"1536:tQXVIrhc+r2ecyBIqrzxQOxWhbLwCL29coY0YOKGg/kn8xSr4kVv/wsfxSrKsVv+:ok7LggbkLPA","tlshash":"2253e9897309b52282dd915df4350347f335a6e6ac0a80bc7928edfda95cd18a1bbf34","first_seen":"2025-10-23T09:40:47.638973Z","last_seen":"2026-06-04T16:45:44.703842Z","times_seen":6,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/red?5231","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-04T16:45:09.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /red?5231 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Thu, 04 Jun 2026 16:45:10 GMT\r\nserver: Apache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nlink: \u003chttps://le-meridien.ch/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nstrict-transport-security: max-age=16000000\r\nvary: X-FORWARDED-PROTO\r\ncontent-type: text/html; charset=UTF-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Elementor:4.1.1","description":"Elementor is a website builder platform for professionals on WordPress.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Page builders","WordPress plugins"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Site Kit:1.180.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Yoast SEO:27.7","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Contact Form 7:6.1.6","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"Complianz","description":"Complianz is a GDPR/CCPA Cookie Consent plugin that supports GDPR, DSGVO, CCPA and PIPEDA with a conditional Cookie Notice and customized Cookie Policy based on the results of the built-in Cookie Scan.","website":"https://complianz.io","common_platform_enumeration":"","icon":"Complianz.png","categories":["A/B Testing","Cookie compliance","WordPress plugins"]}],"data":{"size":89870,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21474)","md5":"8550b4bdcb8d08f4249a2006fc1fc41b","sha1":"455c3552a43cb61ac0ef23d4f3eaf5ca1328bd1e","sha256":"2b24ec9d03745f123929c293faf1fb311fda1c1447a2b39e08c0013fb6ab1983","sha512":"8ad40dbbb46f5c19eedd12dfaa58df3336b79bb06de0201314bc58612f08ec9adbb28fc0018dc5b4ddbba31dcc14a5eba4348c7d0469594c2ee0d5d64e0c3bc0","ssdeep":"1536:oGyp3ZjqxXDuJdADi6fVYIA6xiTwGK+l96xUQT1QvwR5MNyYCIZIVtWQnBhcIqFn:o/njqxXDuJdAeIYIA6MTwGK+f6xUQT1M","tlshash":"9e93b9617a19c47391bb439ee287b62c942cd437c40ec1fafaedd20cd6e6f5a624d205","first_seen":"2026-06-04T16:45:44.704549Z","last_seen":"2026-06-04T16:45:44.704549Z","times_seen":1,"resource_available":true,"data":null}},"time_used":724,"timings":{"blocked":133,"dns":59,"connect":33,"send":0,"wait":458,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.1.6","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.1.6 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Sun, 03 Nov 2024 07:02:12 GMT\r\netag: \"348c-625fcbf50e500-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 4265\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13452,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13452), with no line terminators","md5":"2912c657d0592cc532dff73d0d2ce7bb","sha1":"70a679e2769825236f83bcc56965a9d0bd86c4e9","sha256":"ddcce687729cb358abf9d0d8e1217a097859be2b0d18c23d7c851b38c87bc9c0","sha512":"9646384e65d09bf00cb20365f43e06dd41e7428e3fc6cc2737f4e69b50f006ebb25bd24a566fcd9faec2f0dcb24404e25d57ba7b8c6aba61797a29c515ad5144","ssdeep":"384:IsIRHeFJ1yQ7QdfnJgeYh7MXlsNqrBp1pgQpwOjNtqohIQ/5Z:IsIR+L1yQ7QdpYh7M1iqrBp1pgQpwOjn","tlshash":"0a52d7a1472955321eb506e391e513c1769075aef44b8aa1a898dc2e18bdcc328f3ff7","first_seen":"2024-11-04T17:50:00.022634Z","last_seen":"2026-06-04T18:50:11.503916Z","times_seen":203643,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/lazyload.min.js?ver=17.8.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/lazyload.min.js?ver=17.8.5 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"22d2-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3058\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8914,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (8914), with no line terminators","md5":"646fe97a3d48a84991e24f5640fc9881","sha1":"3c7db91a02a1dd8077e9fd4abc8636529655543c","sha256":"b4dca05acfc6299e7eed4d83b74e0a07c9f060f8b31b81ab5e5136028f218ed4","sha512":"7c935081cd73128fcf3045d381e31c135eafb50e38fae563032497f534d0d03591d2e548ee59ee08cbd4dd013ac5cd0d1ad09aa29b86db1b67fb89c3c244c2fc","ssdeep":"192:pDvu5/2Pbu1ZWhbat1oee/9X8UnZEHuuwJgbClI+YkFG/uW1eqa93Ve:pTw/4Dt0+IHHu5Y","tlshash":"970232487946b46b3973f0f6218f02ca353a24526ced6854a6e1f8f82d7858d1863fbd","first_seen":"2024-01-05T04:58:30Z","last_seen":"2026-06-04T16:45:44.706109Z","times_seen":80,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/google-fonts/fonts/notoserifdisplay-bueeppa9f8_vkxazlagp0g5wi6qma1qaeyah2sovlcdq_zgl4nhkha.woff2","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/google-fonts/fonts/notoserifdisplay-bueeppa9f8_vkxazlagp0g5wi6qma1qaeyah2sovlcdq_zgl4nhkha.woff2 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/uploads/elementor/google-fonts/css/notoserifdisplay.css?ver=1743505222\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 01 Apr 2025 11:00:22 GMT\r\netag: \"a110-631b57172fec0\"\r\naccept-ranges: bytes\r\ncontent-length: 41232\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":41232,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 41232, version 1.0","md5":"5aefbc80aa33937eb4b7d811b8c0c0b1","sha1":"81995244379489847067daaa62ca88e383230f7a","sha256":"5343443b8fd91607b1b610a5a5a68ed74b682c28825d2c19a9f0ee6f04b36a60","sha512":"4b8397bfd6740590d6ba10d1c8fd0907c6e21a8e517d6b150d8ae8a65dc973bb67bdb5302fe1780257d42b8ebb448c96006ef5e29128181300f62a31c1d6b9e9","ssdeep":"768:tVBACjTJmWCdVz8QAERNIuYogD3IVe3b0ZEUY1WdCPv5jfKUxKMSnu5/cuyEALzj:tVBACvGJwRrf3bWE/Pv5jX9Snu5/cN5D","tlshash":"f903f2197f9199a5ee1eb93d2521f5b76c78911427a8548eec34b1d4023dacd980ccc5","first_seen":"2025-04-09T02:49:28.194053Z","last_seen":"2026-06-04T16:45:44.706696Z","times_seen":550,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/MarqueeHeader.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/components/MarqueeHeader.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/themes/asli/js/framework.js?ver=1.9.9\r\nCookie: _ga_QQ45JBGFDC=GS2.1.s1780591512$o1$g0$t1780591512$j60$l0$h0; _ga=GA1.1.1796942693.1780591512\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"1570-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1994\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5488,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5488), with no line terminators","md5":"a66d9531137b51bff1047f7411d97c25","sha1":"071d794b93e3187b4419dacbe0d92d3198abf54a","sha256":"9fb1242e884d3737ca034b95b6dba3f979f1fe6bdf7634dbbf0841033f0f2c01","sha512":"1e2dce3ae94f80d631d1e9c706ad071e399a464a915628c2695f2ab29f8d0d2a6ab6159c886260d7aaa3689caead2d5dab75c3652b9b0c137531557569bcfe1e","ssdeep":"96:l6CwGMipQBTxKGbfQgy0EAg3NOZChcYZ86xvzPBUotVt4hVWcvzWT9SlgCXKB7Q8:J0QGbfQwENOUhcM9zfUyOgCXKB7Q8","tlshash":"86b1520c6e001f74375a5eb7f41390d782be559b250d8b2ee5786c9036b8262fbeb139","first_seen":"2026-06-01T07:43:53.181531Z","last_seen":"2026-06-04T16:45:44.707249Z","times_seen":2,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":40,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.marquee.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.marquee.min.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nCookie: _ga_QQ45JBGFDC=GS2.1.s1780591512$o1$g0$t1780591512$j60$l0$h0; _ga=GA1.1.1796942693.1780591512\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"b5d-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 859\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2909,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2909), with no line terminators","md5":"5c0135d603f751fece82afaafdfe0012","sha1":"77180f9ab0c8a00081b76ec19d7525d471ce5af2","sha256":"01d72bf5f2a3beb02e4eaa996b2d36106f86d6e9feb2a9fa56179c44261ad41a","sha512":"311e08c87280a589259066774178d0c53c50497cc05aedf0ab66ab06ce44080a68e568362bb7ba40cf6c08fda166e1a959f586d3fa31a8eb73d6de2477721fa6","ssdeep":"","tlshash":"0e51c09d224caf37a2f6c39957a442276504dad2b815827c3c78bcfdd89980c7335739","first_seen":"2026-04-16T07:45:24.223234Z","last_seen":"2026-06-04T16:45:44.708384Z","times_seen":3,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/css/bootstrap-grid.min.css?ver=1.9.9","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/css/bootstrap-grid.min.css?ver=1.9.9 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Mon, 17 Jul 2023 07:43:54 GMT\r\netag: \"ce12-600a9f5d34280-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 6707\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":52754,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52539)","md5":"7834caa057d08c14392a2648abf08798","sha1":"aab295b1ba09cbb2692b71ef2a8aea9d796b7f70","sha256":"468ccfee6caee4e360c0e999a1b76f4afc1d0ce746220c6f95d588306d992a1f","sha512":"801d038fbd554f331997d31b5efa99031d0a25fea1fdb03c423bc0469bf6c9790e668e1b8915b8aa7849c8c203119e113e56a4ebb56b531348bea0bb6baeb6c1","ssdeep":"384:CoGnlptoCygtFymx/G1NfCpz600I4Lh7Gzcj:CfnlptoCygtomx/G1NfCpz600I4gcj","tlshash":"ea33a8c7f9d2284cc592c245c0923fbc5dbf9949a352ac9ba0177fba4b457cb08a2d4d","first_seen":"2024-12-22T18:48:37.313329Z","last_seen":"2026-06-04T16:45:44.709019Z","times_seen":8,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/google-fonts/css/poppins.css?ver=1743504169","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/google-fonts/css/poppins.css?ver=1743504169 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 01 Apr 2025 10:42:49 GMT\r\netag: \"4110-631b532b26dcb-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 726\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":16656,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"916b46210f619a1bf6b21b3c2e4fa75b","sha1":"fe48b42243560decc97f009ca5a9055f2145f719","sha256":"e40c0f6945858468639e16b49eaad0654dcf6daad6d46820141449747402df2c","sha512":"d9700d1ba6a83b7360880252ccf05b088b2cf16d8cff7ed55b9dbe50591d2310c9740f5c2bccb03328ebd705d208783a9f0cb8ac074899349863c3ba95162079","ssdeep":"384:x3OZ3OYD3DVsvsd5O5yScSoH8HIgRgPtttbmZmeOLOXDdzjvvfoxpHlD/4+IDB:twaUax","tlshash":"7072cea1087b9200d7a39ec172cf3d25ee0da145b444e9b46ffd18d9fea6c14636272e","first_seen":"2026-06-04T16:45:44.710027Z","last_seen":"2026-06-04T16:45:44.710027Z","times_seen":1,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/plugins/google-site-kit/dist/assets/js/googlesitekit-events-provider-contact-form-7-9a37b777e8016c4536f8.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/plugins/google-site-kit/dist/assets/js/googlesitekit-events-provider-contact-form-7-9a37b777e8016c4536f8.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Mon, 01 Jun 2026 16:39:20 GMT\r\netag: \"1c54-65333d60ede00-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 2325\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7252,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (7252), with no line terminators","md5":"d26400096ff121751f5d911ed46e5a18","sha1":"3331c3c714bd0e61bcc4313519414d0f9d6f63a7","sha256":"02a7b238a367202402e1857b5a2e7d258c229dd89d05003f6f6c4b08edbae2e5","sha512":"36180b398e9e8c3649d2f8bceb7f3a37343b179ff6242f3a6d2344886006c93295e5fb20dce7110992bf415258ea5498ff7cea86bbe27621af6bdca366d67f34","ssdeep":"192:NXyCpzZAM/1xnMgBXZBqGJCY8CYfCpTAUiLQyEh8lyvf:NiCPAMNxDBJBjMg4ChAUGEhv","tlshash":"a0e1a98876c2f8f295e5a2a1407f5507f03c761764adf840d31adcd1ac79e8b91b2b36","first_seen":"2026-06-01T21:17:23.658315Z","last_seen":"2026-06-04T18:54:28.519597Z","times_seen":77,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/Masthead.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/components/Masthead.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/themes/asli/js/framework.js?ver=1.9.9\r\nCookie: _ga_QQ45JBGFDC=GS2.1.s1780591512$o1$g0$t1780591512$j60$l0$h0; _ga=GA1.1.1796942693.1780591512\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"281c-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3259\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10268,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10268), with no line terminators","md5":"b22841f8b19435abb9d6f0827c66af79","sha1":"b6844f1d625fbea34d701f489bbb10665751aa68","sha256":"7977fb7aeebb32448b14741cb46072c731c0508fd737ca73e4d485fedb985756","sha512":"18d1661843154e6b9ecba298dfef4299d51873f3e79909f5b0dae857a5f634cfa425b1d918012c1b0ea251ab59fbc6707948770f43f6311aa34f36334220e311","ssdeep":"192:23a5Gzf4xYvJRmwyrl6IoKPQE77p/XtkOK1IaU9iX2sGeyMqoK8zr07JBq:23a5Gzf4xYvJRmwypboKPP/p/tkX+sGC","tlshash":"af22a5151e804a15b38dd6fb7213a4d7da21484d2b5e8cf7f9351cac21a8e1ae6f7930","first_seen":"2026-06-01T07:43:53.117993Z","last_seen":"2026-06-04T16:45:44.711616Z","times_seen":2,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/google-fonts/css/nunitosans.css?ver=1743504173","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/google-fonts/css/nunitosans.css?ver=1743504173 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 01 Apr 2025 10:42:53 GMT\r\netag: \"9a78-631b532ebaded-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1123\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":39544,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5dc3297f588e0beecac97ae6b9d65ea8","sha1":"48ad3e2692594e3b77749b2e02d6de1597008db3","sha256":"6911f9b4ec3e17cdec4b39751858edf264576f235e55e19e062670e9a46bccb6","sha512":"1305291ffac5d2f01718d9f6ad45e76d0431a698725ce94337e6e6f23242b789b01ff342ba73436dadb7fe5689439c82c1b6eb8a72395acd424d62c0007cb1f0","ssdeep":"384:tbzdbRybYbQnbbszdsRysYsQnsbNzdNRyNYNQnNbezdeRyeYeQnebnzdnRynYnQm:H","tlshash":"9103fc91044e4200d657adc3b3cf3e36ac1de1127401d6ac6ffd90a8deead2463a6b5e","first_seen":"2026-06-04T16:45:44.712595Z","last_seen":"2026-06-04T16:45:44.712595Z","times_seen":1,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=1776412888","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=1776412888 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 17 Apr 2026 08:01:28 GMT\r\netag: \"a41f-64fa35b29e600-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 10935\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42015,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (42015), with no line terminators","md5":"56c9676ba030ad9d7fb5521ee10cee10","sha1":"f997465c15b5b5de8a53aaea553aa269dca9d755","sha256":"6da59ce6285ab9cc242e38eddfcf550026c0aaca760a6bc79a1024696b6092b1","sha512":"0849e329a05e8490ffb4aa7d72ffe67b63886370003ffddf0d4fa700a459cd399a928fc45eeb8f51016036ea1791c3838d7017118f74b7e68a5bd1ae402a7e2b","ssdeep":"768:8h4r4cjxYZaYSJjv+YfzwLpstNyu+BVurxesKNVhIkYJO2ybEXoHgFC1aRHWpkiq:KZal0BKHWpkVM0KtmuECEh","tlshash":"2c13d8b93adcd0b511ee47ed37abaf48e4303962d80fc8609565dc542268dc60e9bfb1","first_seen":"2026-04-07T18:32:07.00063Z","last_seen":"2026-06-04T18:11:02.470629Z","times_seen":3903,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/2024/10/cropped-ICONE-32x32.jpg","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/2024/10/cropped-ICONE-32x32.jpg HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 18 Oct 2024 06:44:43 GMT\r\netag: \"541a-624baa3546cc0\"\r\naccept-ranges: bytes\r\ncontent-length: 21530\r\ncontent-type: image/jpeg\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21530,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 32x32, components 3","md5":"706f150a79b41b990e58a323adb60472","sha1":"747989fdf6634f96af71021b11af06d26f4d04f6","sha256":"0153da8fe3679a46e072b2df1340c5bede6d56bdc00c67d721ca79def776d89a","sha512":"f60a9c0dbddf97b39b1c0c310a24e38dd0740ca0b910b2a490469242c52dfa395d69d09b37639b7bd6e20b999411a1939495f7da48af60cbaa4c6ccffac28490","ssdeep":"384:hYNg735lQTswsnxyVnFn/isKDsnwGZkATEkInsbJir1:hYylmTswsEXn/iMwt/8s1","tlshash":"5ca28c66b9f9100debc19a7018b2f5c7fc316bd292794934bebcbc165b005871bee252","first_seen":"2026-06-04T16:45:44.714264Z","last_seen":"2026-06-04T16:45:44.714264Z","times_seen":1,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":40,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=1741706570","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=1741706570 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 11 Mar 2025 15:22:50 GMT\r\netag: \"ade-63012a9686680-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 723\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2782,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2782), with no line terminators","md5":"182c31e4b049004a343781556afe8606","sha1":"d37c351aeeadbb654d441621b611bed8d7104aa1","sha256":"afe6634c4de97ea6dd0824fa7ad34f551b6faede0ca95db78516165ab1610f47","sha512":"cbfdfc6c97bb4fc1be24576e61c6accedb203bb5b38054393256ae354851d6beb91bd3afac2d7e5bea7729b3aeb28579dedb848b344f7ee592228fabe7ffa7fc","ssdeep":"","tlshash":"305129756d931890b3feef052d80b9842a29f753c02e0dede162962cb1df586cde6345","first_seen":"2025-03-07T16:44:09.983719Z","last_seen":"2026-06-04T18:40:16.799077Z","times_seen":26416,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.1.6","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.1.6 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 11 Mar 2025 07:35:02 GMT\r\netag: \"30e0-6300c206cb580-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3503\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12512,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12512), with no line terminators","md5":"96e7dc3f0e8559e4a3f3ca40b17ab9c3","sha1":"d363d0291e92c233e828023583dcf6685f2da5a2","sha256":"29fdd17a7002a2e1bbd9b33adafc53457c64006b5aca8f6e4dbf907de35433ca","sha512":"851dcea59510a12dd72c8391a9ea6ffa96bcbe0f009037d7a0b6e27bae63a494709b6eee912b5ed8d25605fbb767a885f543915996f8a8aff34395992e3332dc","ssdeep":"384:wwuf8OQL0sARrAZcNWLq/+Ffm/hibLexa2VautyX2fsL3ZHO1O9H:wwuf8OQL0sAZAGNWmGcibLexa2Vau0XD","tlshash":"d34235e16197e0f0c7c338a48816c051f2bf866cb9898054fb5dcdd22d5de07626b77a","first_seen":"2025-03-11T19:47:45.42406Z","last_seen":"2026-06-04T18:50:11.600818Z","times_seen":196249,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/framework.js?ver=1.9.9","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/framework.js?ver=1.9.9 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"15066-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 22525\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":86118,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a9acac4983d4756c2558ad1b704f77c6","sha1":"0353676910f23f8fe049fb234c7c51b93efc3a25","sha256":"5f96662c7a3ae8cb4d1a05aeefa3e8d922ac6f77727045a42e894be46fbd0231","sha512":"563ae62a25c4a1fc793672d3f03840c90793c47cb0e7dbc01c28b30adc5fbda1518e1241bf396dbbee5382112d8d7771dcdfcac020dc461456ead6251c3516c2","ssdeep":"1536:kRJuprQZ71H+kJn/Vej7+GvuUnRwv2JkiJGH06bxt6tp62MDreDkZ+B4g5IYQQiO:Gu9kEKKm7mnUmeQdGmp","tlshash":"0083f9d63305aa3247df43fba53a1207b2344994b84a442cb53cdded292e84563b7b7a","first_seen":"2025-10-23T09:40:47.487038Z","last_seen":"2026-06-04T16:45:44.716443Z","times_seen":6,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/google-fonts/fonts/nunitosans-pe0tmimslybiv1o4x1m8ce2xcx3yop4tqpf_metm0lfgwvpnn64cl7u8uphzibmv51q42ptcp7t1r-s.woff2","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/google-fonts/fonts/nunitosans-pe0tmimslybiv1o4x1m8ce2xcx3yop4tqpf_metm0lfgwvpnn64cl7u8uphzibmv51q42ptcp7t1r-s.woff2 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/uploads/elementor/google-fonts/css/nunitosans.css?ver=1743504173\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 01 Apr 2025 10:42:53 GMT\r\netag: \"794c-631b532ebaded\"\r\naccept-ranges: bytes\r\ncontent-length: 31052\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31052,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31052, version 1.0","md5":"5c4f357d4926fc197d43abc63b7fca8c","sha1":"686af7000d038d7479ed36b48a8ebb0ea9b98aea","sha256":"1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3","sha512":"9f760f0c8c7fe583bbcb8270abf62c826d33fa6dceaf820533b64b56742284ec9b750066daaf9e4d3c0305373d1db8bd2ad47bbb88573610f0be2a617e183dd6","ssdeep":"768:O0RiZKVUEuUY9yqDvkLAGxqwSUZZ+ntzoNQG:O0RvFuUY9qn4wSG+C","tlshash":"f7d2e06e7e77c5b468489372f0fe1e3137ac3916314d22e27ac3aa3d34b3756a824452","first_seen":"2023-04-30T22:47:43Z","last_seen":"2026-06-04T16:45:44.702243Z","times_seen":8007,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/barba.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.821Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/barba.min.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nCookie: _ga_QQ45JBGFDC=GS2.1.s1780591512$o1$g0$t1780591512$j60$l0$h0; _ga=GA1.1.1796942693.1780591512\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Mon, 17 Jul 2023 07:43:56 GMT\r\netag: \"7342-600a9f5f1c700-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 9605\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29506,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29505)","md5":"4c952f9e89e55f5c59100bed476bc11b","sha1":"564490b55fd6cb9f88423414e3c1c280b18ce945","sha256":"bc182e7ca6bf20c0687b5fbe588a294bf835ddb515201aec7e4838e8ac47e6e0","sha512":"1dd6fdf9438f59bf24bb0411cd9d49e2c08da975369aed691ba40dcd4de803ef2fab4b8594841e74011650da79a958b77eb4427df90b730dffb9cb80a8629d9a","ssdeep":"384:hqAWRRU6OmbhguYebCVQf/Ndr3Tuv9opc2ICM1fHyBPPP1:gN3LbWuYebCV6NdDCv6pcbCMRSdPP1","tlshash":"3dd2938df292f0778783a574a56f150bf23b6885244e8428f558e8e53c7a94ee123f7c","first_seen":"2025-10-23T09:40:47.575195Z","last_seen":"2026-06-04T16:45:44.71749Z","times_seen":6,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/CursorFollower.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/components/CursorFollower.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/themes/asli/js/framework.js?ver=1.9.9\r\nCookie: _ga_QQ45JBGFDC=GS2.1.s1780591512$o1$g0$t1780591512$j60$l0$h0; _ga=GA1.1.1796942693.1780591512\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"ec6-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1364\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3782,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3782), with no line terminators","md5":"6830dfdc4c9c7903bacddedcd9d79f15","sha1":"3bd9b2a1e4ddfdddcf904b29eb04bf7f67b83aac","sha256":"a45cc28fe660f6cc99826c2802cbe2a22ad5f3d3bdd9bc66178ff6801776d47f","sha512":"8acd7ffc8fc209c725b87a3f0d2142f52be1b9802f38f716a7cb402be27b4aa0328c8fa090fbc3dad23c650bf692b257946e917d30bbcdc62a918f6c81f8877c","ssdeep":"","tlshash":"c77112002e8057192305cd6b332a94b7c65b98993ecd4c4fb11e8cb85c5e706eef6d76","first_seen":"2026-05-19T19:03:04.935098Z","last_seen":"2026-06-04T16:45:44.71837Z","times_seen":3,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/red?5231","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-04T16:45:10.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /red?5231 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Thu, 04 Jun 2026 16:45:10 GMT\r\nserver: Apache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nlink: \u003chttps://le-meridien.ch/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nstrict-transport-security: max-age=16000000\r\nvary: X-FORWARDED-PROTO\r\ncontent-type: text/html; charset=UTF-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Site Kit:1.180.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"Contact Form 7:6.1.6","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Yoast SEO:27.7","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Elementor:4.1.1","description":"Elementor is a website builder platform for professionals on WordPress.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Page builders","WordPress plugins"]},{"name":"Complianz","description":"Complianz is a GDPR/CCPA Cookie Consent plugin that supports GDPR, DSGVO, CCPA and PIPEDA with a conditional Cookie Notice and customized Cookie Policy based on the results of the built-in Cookie Scan.","website":"https://complianz.io","common_platform_enumeration":"","icon":"Complianz.png","categories":["A/B Testing","Cookie compliance","WordPress plugins"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Google Tag Manager","description":"Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.","website":"https://www.google.com/tagmanager","common_platform_enumeration":"","icon":"Google Tag Manager.svg","categories":["Tag managers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":89870,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21474)","md5":"8550b4bdcb8d08f4249a2006fc1fc41b","sha1":"455c3552a43cb61ac0ef23d4f3eaf5ca1328bd1e","sha256":"2b24ec9d03745f123929c293faf1fb311fda1c1447a2b39e08c0013fb6ab1983","sha512":"8ad40dbbb46f5c19eedd12dfaa58df3336b79bb06de0201314bc58612f08ec9adbb28fc0018dc5b4ddbba31dcc14a5eba4348c7d0469594c2ee0d5d64e0c3bc0","ssdeep":"1536:oGyp3ZjqxXDuJdADi6fVYIA6xiTwGK+l96xUQT1QvwR5MNyYCIZIVtWQnBhcIqFn:o/njqxXDuJdAeIYIA6MTwGK+f6xUQT1M","tlshash":"9e93b9617a19c47391bb439ee287b62c942cd437c40ec1fafaedd20cd6e6f5a624d205","first_seen":"2026-06-04T16:45:44.704549Z","last_seen":"2026-06-04T16:45:44.704549Z","times_seen":1,"resource_available":true,"data":null}},"time_used":405,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":405,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli-child/style.css?ver=1.5.3","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli-child/style.css?ver=1.5.3 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 18 Oct 2024 06:55:55 GMT\r\netag: \"118-624bacb6254c0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 193\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":280,"size_decoded":0,"mime_type":"text/css","magic":"HTML document, ASCII text","md5":"5abe843fa30343399763b28a5a1b1c1f","sha1":"a726315f0309459c3e5ffc68fb7ea3b2b24ca665","sha256":"e72c528ce201ccbb841c8891d06161448ea346626daecaa3a991a8b00c814dee","sha512":"e09140461341d81068f1ed620f198175e23413349b38193e10eb5cb57b008166adc8319024e97a2b853c30ab8475bf60084041943c5dcd780c1ca6cb2f3b261a","ssdeep":"","tlshash":"aad07dd3050bc2e0a3b1430b0835a75495f18304e7d4a5a4d4d6043a8d3629322f5814","first_seen":"2026-06-04T16:45:44.719885Z","last_seen":"2026-06-04T16:45:44.719885Z","times_seen":1,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/fonts/MaterialIcons-Regular.woff2","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/fonts/MaterialIcons-Regular.woff2 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/themes/asli/css/material-icons.min.css?ver=3.0.1\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Mon, 17 Jul 2023 07:43:56 GMT\r\netag: \"25e8c-600a9f5f1c700\"\r\naccept-ranges: bytes\r\ncontent-length: 155276\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":155276,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 155276, version 1.0","md5":"0ba49c096a77b67734434cebcaf2e14d","sha1":"2f9e28ab559782402f27332633c843c40209d95a","sha256":"35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577","sha512":"535cbcaa70d87a908edbe2603738ef1bd6ee7ae9d893bf9ab962d850f0e410013a66aa2da74d57babe4655f8eae61ded74fc722fbb36cf5f99a6fa0a520c84a4","ssdeep":"3072:UPjG/drPcIi87081wBxkBx+nmaAjFlcJJQUD+iFHVV/KmahWxn4TzCOfjA:UP6/VPRqPqcn4F1UDfH+WezCOU","tlshash":"90e31219855f35e0e983b9c9977dd9e68cc0b4be0984aeed8c13031918b87c4dd28dbd","first_seen":"2023-04-17T15:03:43Z","last_seen":"2026-06-04T18:15:13.044356Z","times_seen":5642,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/lenis.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/lenis.min.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"3486-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3743\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13446,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13446), with no line terminators","md5":"aa3986869af6096939c518ff6bc76afb","sha1":"500e717798fb821755da3a1fd3d9aa62444e19da","sha256":"2ab7cc86860b11f2565169f4abc0019a1c23a336a4777b2252492f74a7adc5ad","sha512":"f7ae84e679ddb9d549bc6e17b050fbcd061fd9f481a4bb6f11d708bb839d811434d8a56160597341f168f666a699cc81a48c9e23f4c71ed9db4599a1f7300721","ssdeep":"192:i/5jiVG30NmmWYFoiol1IcRLqhFrQa5Fu7zK8rMIJvDU3fZ55FD5huK+GDxWoRG:i/5jiVG30FWBjIc/a5Q7O87JQruScoRG","tlshash":"4552984b6311fa7123ee91dee1178206733663542741002cf8bcadda7868675b2b6fbd","first_seen":"2025-10-23T09:40:47.685451Z","last_seen":"2026-06-04T16:45:44.721419Z","times_seen":6,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/MenuOverlay.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/components/MenuOverlay.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/themes/asli/js/framework.js?ver=1.9.9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"1a48-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 2365\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":6728,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6728), with no line terminators","md5":"d7bf33b4ff33e30b7cfe80a07b8db907","sha1":"ca0f6f162988047e91b9c94c784f54a30162d476","sha256":"796c8eb87dcc2d91003526c5c2f810441f1971bc49241f9528ed32fc356c9f68","sha512":"fcb51b8d6eb022c643c6c89e589a12701f79b479028769b4f51e3512bca2d9a955b8ad05d5b7fd9cd46c5012552103fbf0c9dabc4c0ec7d57ba1dd01c76b5fb4","ssdeep":"96:pg/Qe3cwHckd/f8A3Ez6uVwTumY5RAKOd51COLExJGk1ba/rEIt3Oo46FoGqqFED:pgHcwcwcA3Ez6uV+tmWdnoa/YIE9tSy","tlshash":"47d1955563842b4c678fddef6303a1e3db09486e295ec088e125fc54a8ed652e5fe134","first_seen":"2026-05-19T19:03:05.054573Z","last_seen":"2026-06-04T16:45:44.722377Z","times_seen":3,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1780590798","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/css/custom-frontend.min.css?ver=1780590798 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Thu, 04 Jun 2026 16:33:18 GMT\r\netag: \"d615-653701a08bfa3-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7266\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":54805,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (54805), with no line terminators","md5":"5a5e38a4a6f70ef60bc276059f2af834","sha1":"0e926f1f21f859a9520d3c997104e523ec627e99","sha256":"aec8674dc00fe020922479b2162f25f76007c420030ec069926d7d55c4de92c0","sha512":"a218b8efdc29915ac0eb888619bcb08ff031a5e5abd71a2e172f591e5d1cd9c2baec4091c2c172709d6c04f34b6beab3b31ade32d6bf282996a2391518169108","ssdeep":"384:WsKJ/M5wksCoI+SHQYO22/lmRs5Cz9TQXPTkvmGkvmCFldNraiIks05ArM:v5Lh5wP3lbrlTdps05j","tlshash":"76330ea23d13b269226f442b82c7364c526499c1ee1375d9f904c523eafece63b36c57","first_seen":"2026-02-04T05:46:14.746346Z","last_seen":"2026-06-04T16:45:44.723275Z","times_seen":226,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/css/bootstrap-reboot.min.css?ver=1.9.9","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/css/bootstrap-reboot.min.css?ver=1.9.9 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Mon, 17 Jul 2023 07:43:54 GMT\r\netag: \"17b3-600a9f5d34280-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 2293\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6067,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5741)","md5":"067b8159ca15c7a07e25d3feda401344","sha1":"30c8551154b9e56e7d58474a5bf96e2009d86915","sha256":"54034cc3c402188fdb3b99f20203873e1ba10b52f190bc4743a6b4ec699ac94c","sha512":"021de0be25a83acb26b4b33b39303f26c58e18c402d405dbb20f210ba78fee119f4666c52ae1311d4339191a121cfcd3cbcb1624a7824d180637745ce1af60bc","ssdeep":"96:dGPEYUtUV0ErsbDT9STXdWIGO5cKQbZsSBXQsLqF:diEw0fZDIGOuX2SVQI2","tlshash":"75c1095be310317cae7b4ca636ce9ec977009823c4659a70d0539e58deca9b31352bcd","first_seen":"2025-10-23T09:40:47.52175Z","last_seen":"2026-06-04T16:45:44.723822Z","times_seen":6,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/gsap.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/gsap.min.js?ver=3.12.5 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 26 Jan 2024 20:14:30 GMT\r\netag: \"11a16-60fdef18d7580-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 28097\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":72214,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65255)","md5":"47da594cbece0e34a656e6bf2490b7c3","sha1":"2d26f4c060491ac980d09ca687388d3610256eb7","sha256":"28033e449a31ebcc396e5be8b13b63152bf03094288fb5867034321927bce087","sha512":"ede1d1c1c6d890ae1df60ffab43fe68647fef9ea131f0a4d33dc28071b4f5015a6ebbcde01f142f87adda04d866a729ea1c972fd5c5e2ef22ac2f09d93ba9272","ssdeep":"1536:auJ29KBROpgAEQ9a1tgwA6NSZW3ytdKTdIwEp28Ywz7CDE:f29CakgwdNSQ3yt8eNp28YqCA","tlshash":"d063e8d93292f423039a51a1447f094bf337a958640f0918f269e4ce7d3c9ad52bbe7a","first_seen":"2024-01-19T15:55:20Z","last_seen":"2026-06-04T18:05:01.05943Z","times_seen":7182,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/ScrollTrigger.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/ScrollTrigger.min.js?ver=3.12.5 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 26 Jan 2024 20:14:30 GMT\r\netag: \"a974-60fdef18d7580-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 17652\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43380,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (43088)","md5":"ba1fa78eb4bb49f8a0eeaf8e61708840","sha1":"489bcf6d9c69f0f29f871e0323510c5197859bf5","sha256":"ad33c2df9ada8a663c2147357828f980d0b7ca731ef33eb3c6e4f327c3b2cda5","sha512":"a2731344a2412b3f0cd539eaa83b86065a30947d28845ccc5d844d79bcfec8e71ce5342bff300ab2d87386ebf4862c942848901105c4ca79d70af3533a4e7476","ssdeep":"768:L+5LHpwfVyb83wG/B/nE306RAHdAIsxmAK31horUp45:apqgo3wKB/nKRAHOIKS3TjK","tlshash":"741309ca3244b03267df627aa52f030a733654d9291e4464f266e4e83c7d5bc873be6d","first_seen":"2024-01-19T15:55:20Z","last_seen":"2026-06-04T18:05:01.072395Z","times_seen":5867,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/MenuClassic.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/components/MenuClassic.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/themes/asli/js/framework.js?ver=1.9.9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"232b-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 2858\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9003,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9003), with no line terminators","md5":"8c008541808423015c270e61245be517","sha1":"6dfa4747e73b6e5b73785d77346a0e3e3e18946a","sha256":"88bbc6512788786930f78548d45c4c89fd98e802f0fbabfc0b0615d34f331fe6","sha512":"d6ca5f2f8c0c3c56a53bb0ddd9208debdd83725ac5b62f27b00e292b5cc5f3cdbef547c1085bad6967ec401f0c6e399f0cc0b9227deea129d303cffd85653224","ssdeep":"192:o1cDIgl+NWdJAqM2D9qLzXgLgMHdABcE1EjN7H6SxKH:o1cF+NWHAqBDYLzGgMHiEFxxi","tlshash":"83023018afc00e5c276a4dfb361734e2f4251e5a78c5898be23c7c48a686717f2f91b5","first_seen":"2026-06-04T16:45:44.725775Z","last_seen":"2026-06-04T16:45:44.725775Z","times_seen":1,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/fonts/MaterialIcons-Regular.woff2","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/fonts/MaterialIcons-Regular.woff2 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/themes/asli/css/material-icons.min.css?ver=3.0.1\r\nCookie: _ga_QQ45JBGFDC=GS2.1.s1780591512$o1$g0$t1780591512$j60$l0$h0; _ga=GA1.1.1796942693.1780591512\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Mon, 17 Jul 2023 07:43:56 GMT\r\netag: \"25e8c-600a9f5f1c700\"\r\naccept-ranges: bytes\r\ncontent-length: 155276\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":155276,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 155276, version 1.0","md5":"0ba49c096a77b67734434cebcaf2e14d","sha1":"2f9e28ab559782402f27332633c843c40209d95a","sha256":"35dca8a7145a17c8d1306f25a3ca091578e15396f0b22d61eb8e73262ac75577","sha512":"535cbcaa70d87a908edbe2603738ef1bd6ee7ae9d893bf9ab962d850f0e410013a66aa2da74d57babe4655f8eae61ded74fc722fbb36cf5f99a6fa0a520c84a4","ssdeep":"3072:UPjG/drPcIi87081wBxkBx+nmaAjFlcJJQUD+iFHVV/KmahWxn4TzCOfjA:UP6/VPRqPqcn4F1UDfH+WezCOU","tlshash":"90e31219855f35e0e983b9c9977dd9e68cc0b4be0984aeed8c13031918b87c4dd28dbd","first_seen":"2023-04-17T15:03:43Z","last_seen":"2026-06-04T18:15:13.044356Z","times_seen":5642,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/css/material-icons.min.css?ver=3.0.1","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/css/material-icons.min.css?ver=3.0.1 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Thu, 08 Feb 2024 13:58:56 GMT\r\netag: \"bde8-610df365bc800-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 8555\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":48616,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (48616), with no line terminators","md5":"d05c7d9d28e854baa947e53a01a2db34","sha1":"995575df3a1b85d614b99c49dec855da8fe14ac5","sha256":"c8a3a62e537549fe4521fc7f478ade3abcaecf2257f35b259268a776924b304e","sha512":"879d07ed2178f81c14cf5d1b05bab48023640d5fc38a098efb6563e5eac497a3d1591f4bcb229302f53a70d81c1dee67cab4bb7153114baa63d62dee655dea2c","ssdeep":"384:muw4imff7AVdXJegoA/T17s/IEn60RzxhLKzSq:Zw4imff2dXJesT8Iwrq","tlshash":"73230feddc4d16cf3b61c043ab44b27a1894f32bcc4688d1f8aa552d19e2a158b8cf7d","first_seen":"2025-10-23T09:40:47.647032Z","last_seen":"2026-06-04T16:45:44.726682Z","times_seen":6,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":47,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=6.1.6","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=6.1.6 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 15 May 2026 00:52:20 GMT\r\netag: \"ba3-651d0a0051900-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1036\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2979,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"b2b463a5bdb73833be2a6afbc1843ddd","sha1":"ade55e90dd7694b7974edd336b555e765967e702","sha256":"a3b9f5df6bf638a4cb583480bed6e18a84ad7141cc3d75b81094f91dd7b82f32","sha512":"431fcb88c720bc2ee3cd950772bbf03194b28f5a00c602287ea4877829ed377f0742dcff523e88e07dd4a7968ea8618fae59b883617d9112d61feee5167ae191","ssdeep":"","tlshash":"aa510264660028504bff92db6eaddb047b6e7481cd1faf97b0c21a7c57782851223e5e","first_seen":"2026-05-15T04:06:26.038056Z","last_seen":"2026-06-04T18:05:01.021681Z","times_seen":5054,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/Scroll.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/components/Scroll.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/themes/asli/js/framework.js?ver=1.9.9\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"24b9-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3041\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":9401,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9401), with no line terminators","md5":"4c712ca782d7fa41aa32ecf07b2281de","sha1":"5c985eb3e6e542be9d2b55d9ba677286ace143f6","sha256":"efeaa259336697c0955dad0b6c976037a0d33bff1fa122b981dbd5e064cd7837","sha512":"bb069bcd3c032da7be72c1a4d0b822a73de01400ebfd93cd1a3600527c1cae27f9844586c16f6b376a4bbf19caf3da7fd326d8dce2892b4f9715928804a50c79","ssdeep":"192:tEV8V9wGJVvxsjn723PB0GkXmTUY2nJ7Abg7WE3LNgcX:tEV8V9wq6n72/B0GU0J2nNAc6E3LNPX","tlshash":"df1284415b401f4d038d5abb3e1674ebe41a1caeaa1984cbf029bc1e655a733e6fb530","first_seen":"2026-05-19T19:03:04.889795Z","last_seen":"2026-06-04T16:45:44.727815Z","times_seen":3,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/css/no-elementor.min.css?ver=1.9.9","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/css/no-elementor.min.css?ver=1.9.9 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"167-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 170\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":359,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (359), with no line terminators","md5":"55acd2d64c427ce67f8728c56e5ef633","sha1":"a750b29b7e72b6ec6507edf9ebba44c52e4ec849","sha256":"bc12779d45e15b923d004d1ea502a4f0fcbad9824997f9b6b63cb6de80f63f81","sha512":"cf24517a006149c0f256d23ccebc948946a7bce1a3a9b9be8563e065bcd2db624479c03896130ffe57799018745c03524bde1c934146da777b02a8ce61d0129d","ssdeep":"","tlshash":"0de04fb90f17f449c8f554bbe9895828434ad30cf34476a0fb5024de9dc8e1fd95aa44","first_seen":"2026-06-04T16:45:44.729064Z","last_seen":"2026-06-04T16:45:44.729064Z","times_seen":1,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/google-fonts/fonts/nunitosans-pe0tmimslybiv1o4x1m8ce2xcx3yop4tqpf_metm0lfgwvpnn64cl7u8uphzibmv51q42ptcp7t1r-s.woff2","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/google-fonts/fonts/nunitosans-pe0tmimslybiv1o4x1m8ce2xcx3yop4tqpf_metm0lfgwvpnn64cl7u8uphzibmv51q42ptcp7t1r-s.woff2 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/uploads/elementor/google-fonts/css/nunitosans.css?ver=1743504173\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 01 Apr 2025 10:42:53 GMT\r\netag: \"794c-631b532ebaded\"\r\naccept-ranges: bytes\r\ncontent-length: 31052\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31052,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31052, version 1.0","md5":"5c4f357d4926fc197d43abc63b7fca8c","sha1":"686af7000d038d7479ed36b48a8ebb0ea9b98aea","sha256":"1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3","sha512":"9f760f0c8c7fe583bbcb8270abf62c826d33fa6dceaf820533b64b56742284ec9b750066daaf9e4d3c0305373d1db8bd2ad47bbb88573610f0be2a617e183dd6","ssdeep":"768:O0RiZKVUEuUY9yqDvkLAGxqwSUZZ+ntzoNQG:O0RvFuUY9qn4wSG+C","tlshash":"f7d2e06e7e77c5b468489372f0fe1e3137ac3916314d22e27ac3aa3d34b3756a824452","first_seen":"2023-04-30T22:47:43Z","last_seen":"2026-06-04T16:45:44.702243Z","times_seen":8007,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":47,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-includes/js/dist/i18n.min.js?ver=781d11515ad3d91786ec","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-includes/js/dist/i18n.min.js?ver=781d11515ad3d91786ec HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Thu, 04 Jun 2026 14:16:37 GMT\r\netag: \"1641-6536e3136efdf-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 2438\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5697,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"e73824b7ab9a4f88f98e0530b43ede25","sha1":"e95c97fa934f0cef056cc9d7be3aeacaefbbfd33","sha256":"46668f561bd01aaab7c0f42be3d045eb9c3eaab6b9f5ae4a9f6bcf28fa22c679","sha512":"973a620e6d69dcb9b528f6a446f977cb8401dbf0b7b8df3aebd58e8198ab301331195a02967ef260ac44754058b6b9d82b7c61d4832e55d6ffb056f64656b9d7","ssdeep":"96:0E7/RPgrMs4WLJOmlWS33c0xyE2B1596NiH826V0NG7CXMGOyd/sEomkKvYCGaMe:bhgws4WTBYNB1C9aNwAMPyd0R3SGaMSL","tlshash":"8bc1a7c975daf056235910a594afb005e134be2870deac00aae0c4957eb44cdb1b7fba","first_seen":"2026-04-26T21:57:59.028052Z","last_seen":"2026-06-04T18:51:32.257113Z","times_seen":9808,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-header.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/arts-header.min.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"87ad-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7426\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34733,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (34733), with no line terminators","md5":"b2879e5c35c7bd7feb88462f3cf13574","sha1":"ae2c260420ee4f80f6d86ae0c6ac19187e392a5a","sha256":"ec49308f43ec5a4a2fd37a49eb2b0d5814c5b4f98b027ef05797f2afedf76f3a","sha512":"8daadc5272065f41f8a4606b62d37c682760eb3b167df63f531ece7ced81a354b9bbbc7ecdc053bffee4e5ca66f0ab220d463dc488e34a1e91954bb1889f686a","ssdeep":"768:7GjmgtZ/NgNEW5r7XkuvRBwW/v1+qPyp1bRUk1kXyR4sRbDWxSrKvvVWMNJMAcHh:78mgTqNEwr7XkuHwW/N+fP4sRbDWxSr/","tlshash":"5df2464b3702b63595de42aac4390217f330ea95541a443cf93cfaeee878e5492f5a3d","first_seen":"2025-10-23T09:40:47.499489Z","last_seen":"2026-06-04T16:45:44.730389Z","times_seen":6,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/google-fonts/css/librefranklin.css?ver=1743504177","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/google-fonts/css/librefranklin.css?ver=1743504177 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 01 Apr 2025 10:42:57 GMT\r\netag: \"9747-631b5332d5a4a-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1098\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38727,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3cfa8fc9bbc965ad3dfb4b5e4795e3f0","sha1":"361fab6678853f6f7e3df0ac156dba3e034b4c4e","sha256":"8821ac467d379709cb0b3c7a0691e2ba3f78bcfba76715c5b67ee8b5f7ffbdc9","sha512":"0eafa56f082e76527a6b84e68d03ffdef95f3fd21fa0248c106b5901db4df963c10068aaa17e59e5d7792a05d6ed800f978db726f22778d1057b9826eec7a2c2","ssdeep":"768:GKtK5KSKGKZPjoUImq5lT9p6uaMYzXFLHUo0yel5v5tmyGo8PL6KUKzK5KeKumJE:zAEXzZPjoUImq5lT9p6uaMYzXFLHUo0f","tlshash":"5803ecd26857460097bb1dc1b3cf3f26895ea04d7045c6689ffc0498dfaae20735ab5e","first_seen":"2026-06-04T16:45:44.730904Z","last_seen":"2026-06-04T16:45:44.730904Z","times_seen":1,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/google-fonts/css/notoserifdisplay.css?ver=1743505222","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/google-fonts/css/notoserifdisplay.css?ver=1743505222 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 01 Apr 2025 11:00:22 GMT\r\netag: \"e0b8-631b571730e60-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1395\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":57528,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"17d55d30849b34ffae51433e080347ee","sha1":"00f45d5b1517303cd96653d42b4b20d0cde5ca35","sha256":"cf4df27aaef8c99b3e3f0a46954a68f9269ecc4f371d72f0fa331fdc8890a3f8","sha512":"459e5c88936bd0af617cef0a48d9db136c3387b57a9d839fc94ecf16f6a2a96dc72206542811f43bfddf766233c4cf11c54727ac50ee2c450246ddc114da16c6","ssdeep":"384:i3Swy3SZ3Ss3SOr3Sd3Sj3SQbwybZbsbOrbdbjbQswysZsssOrsdsjsQNwyNZNsu:CGE1/Wk2gdxt8o4","tlshash":"3943aa91840b86409297aec2f3db3f25991ed8163140e7bc2ffd149dedead24236674e","first_seen":"2026-06-04T16:45:44.731977Z","last_seen":"2026-06-04T16:45:44.731977Z","times_seen":1,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/MorphSVGPlugin.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/MorphSVGPlugin.min.js?ver=3.12.5 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 26 Jan 2024 20:14:30 GMT\r\netag: \"416c-60fdef18d7580-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7584\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16748,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (16378)","md5":"879f4afc4c7464026cbd0337d86cf69d","sha1":"8d43ae7df0dfcac916136b3daf888a47dcc7be3a","sha256":"23f9fdf6a8c6f08c72792ca93f036e64c2c57363da87ad90e4d3d342c1f62587","sha512":"530c542165011cc0ed362f50399cf5b9b652bdd9928b06566dc35154b8d1ae7ec31a984e16bced8efe1ceb125916a980e9803f7a6662f13533d94be4a589f034","ssdeep":"192:MtiIBH0UWA/ggovOpFPYHMYUi2LByMKvJQnyH2q/MNxL6SzMlR3KV5oiWkS+YCm:dQHhrgJuPddi21evJSq/4dm374YL","tlshash":"36724bed3144302a44552bd0048f1897a335ad197a0a9a11d36cd8d2bcacefa96fff39","first_seen":"2025-05-20T12:51:34.961407Z","last_seen":"2026-06-04T16:45:44.732782Z","times_seen":15,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/app.js?ver=1.9.9","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/app.js?ver=1.9.9 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"3001-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3676\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":12289,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12289), with no line terminators","md5":"459c16c8fd63abca08e7fb9be706162f","sha1":"da18a8b130f4f3352cad7a99e0068a595de801b6","sha256":"144afda9fde6218f174773a87fa5ac649ec8c68480499b7acf0fd52f232f8106","sha512":"d8a73c4d531d96efac6b8a51e42208997af620bb3fe1f3b11b8fcdd7aa2baa4089e70687034fe4cb99e256d02276f35909b642deaaa72c9b82ba0d093ad1b075","ssdeep":"384:49S6zDUeSNp0ynRFwpcYc+6HrcqNL7colco1cEaaX:49S6zDUeSNp0yn/OcYc+6goL7colcUcm","tlshash":"b54253a47d46691133cc6ebf376674d6d1e48e9b28888abec019ec8cd593717d2f2930","first_seen":"2026-05-19T19:03:04.936718Z","last_seen":"2026-06-04T16:45:44.733565Z","times_seen":3,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-5LGXKFRG","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:35:27 GMT","end":"Mon, 10 Aug 2026 18:35:26 GMT"},"fingerprint":{"sha1":"81:79:25:0A:2E:C8:CA:DA:16:EF:B8:34:B7:38:E6:48:7B:5B:4C:6D","sha256":"7B:74:72:15:7A:A8:4B:D0:1D:D6:11:DE:7C:D9:15:EE:E9:22:FF:E8:56:41:9E:88:6C:4A:F9:9F:AB:B3:6E:2C"}}},"request":{"raw":"GET /gtm.js?id=GTM-5LGXKFRG HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nexpires: Thu, 04 Jun 2026 16:45:11 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Thu, 04 Jun 2026 16:12:53 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 113818\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":324375,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (4575)","md5":"fc62e759892a2cb05a59ef1fd889d87b","sha1":"a841d2d94ab7de2f82b89e0689ee11509f48ee92","sha256":"23bd0d7c9dd6d1937a955fbdcbab6d175a932eb589b4ac4d1d064529ab8e0b8d","sha512":"bab1224b6f36cd14dfab36f2b42a767aca9ba5ffbf814a8f371a292f587ff3c9af4b89ff9d0c00af31534f670cdb791b13b83020f693b8b5785c2d91dc7d019b","ssdeep":"3072:DJDNtwrO5hPeGzIHPBVu0XTlYkY1bdZTJzYCGB5Ck2pbCmW0wkl0dicShP2SsY9D:763GsHPfgbP4V2pXW0w40dicSF2SNhqQ","tlshash":"d464e7cdb3d6b46283a3a478903f114bb23a79d2f448c898f186d8d42e746694277f7d","first_seen":"2026-06-04T16:45:44.734404Z","last_seen":"2026-06-04T16:45:44.734404Z","times_seen":1,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":86,"dns":5,"connect":28,"send":0,"wait":86,"receive":57,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.scroll.min.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/arts-infinite-list/plugin.scroll.min.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nCookie: _ga_QQ45JBGFDC=GS2.1.s1780591512$o1$g0$t1780591512$j60$l0$h0; _ga=GA1.1.1796942693.1780591512\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"269c-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 2885\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9884,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9884), with no line terminators","md5":"4dbdaaaf1487f2ee3bcc7253ffd7a0d3","sha1":"a4e0f9712c749cdcb068a20dc00171ef6c8638f3","sha256":"1d2687bb25c29e37429e56ceceb6a019408769af69d1d076d12c1f9f24203449","sha512":"8d5ca849f2dce555d7f10902b62a2eaa5dd9f3617778e17b72ff910ebaf8bb8aafd69f1f289fa126af07c7fa26cdbb9bb7ab9e6159243eb1772100da4c7f6d78","ssdeep":"192:gI4VsF2jvHzI7PnwVfDXsk4oKdDAq39OX:xasF4vTinwBDXsA","tlshash":"d712508b321d79371aca8455e2a0461ba23496d0b508c0bcbd24fefdbe9d42c517bb3c","first_seen":"2025-10-23T09:40:47.63565Z","last_seen":"2026-06-04T16:45:44.735153Z","times_seen":6,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-includes/css/dist/block-library/style.min.css?ver=7.0","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-includes/css/dist/block-library/style.min.css?ver=7.0 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Thu, 04 Jun 2026 14:16:40 GMT\r\netag: \"20075-6536e31611cbb-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 17396\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":131189,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a3377ace04283479811c87cacb2ccc2f","sha1":"dc35fd2e01583c9f43a27d3a1e9f8c8140a93fcd","sha256":"dd1a8bd21728868dea879c3fcdb6e4e2d23ae377a86ee4866366cffd17900d9f","sha512":"f25d322d35b13327a41c2e3d5ca79b339d55ec59287495583cec658f28d6ea8392c20e956c19a5fb42bc62b6356297cbbee46ca93161df20bca8173c957883f2","ssdeep":"3072:+oeJKCbMQg5Mmjx+qehFP0xTcmRiBmgT0cTrnbO27kdCpT1hpPKK:v0MQg5Mmjx+qehFP0xTcmoTkdmhN","tlshash":"ccd3830417b4dcf935ffa73a5e4ee258a207aa41c68967e6e066d190718ca490df3f0f","first_seen":"2026-05-04T14:45:17.385617Z","last_seen":"2026-06-04T18:40:56.353035Z","times_seen":962,"resource_available":false,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/css/main.css?ver=1.9.9","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/css/main.css?ver=1.9.9 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Thu, 05 Mar 2026 20:20:36 GMT\r\netag: \"5731c-64c4cab558d00-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 41744\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":357148,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (437)","md5":"d8507e8c7d7e0bdede802c902984670b","sha1":"aae78f931e07174a77e9d870c87337d38c5e2ce6","sha256":"45e54ab89bb910643dfced368ad505521f8cb57263a9781a425baa9b499f3072","sha512":"6cf505228b4a293c6f95aec34ce6c8f771f1f83e57c94e4e05ab7fef66d376020bf967da2c3e15b5554354977b8544a7bffdfa8af512406d0459170667758b81","ssdeep":"1536:l12+0BCVxuLukPT+twg3f6nSmHEbSmu3r1RYIcRB9+bzTg7vGV3I4xHE8Vv1ITe1:l120xuLuY3oRBKOC6sCK8ibRyeXXqidP","tlshash":"9274b6a0efb21e346d7f625a954fdb18b36e6080ea0ecf91b9e054148fc93f45163e85","first_seen":"2026-06-01T07:43:53.096729Z","last_seen":"2026-06-04T16:45:44.736176Z","times_seen":2,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-includes/js/dist/hooks.min.js?ver=7496969728ca0f95732d","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-includes/js/dist/hooks.min.js?ver=7496969728ca0f95732d HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Thu, 04 Jun 2026 14:16:37 GMT\r\netag: \"1397-6536e3136e03f-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1799\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5015,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5014)","md5":"0174a320c4dd06b3f2871de897acba21","sha1":"b9ff75dc08d6030996eba8e3bef085303297360d","sha256":"1d231f080d1df633865e5a079d8e4e377a6c6b13b3a67be8e271b848eca1b05f","sha512":"936bd3b0db0b0a33d20758b6067b838ec36632b08d58f6a8aa7345cb738ecee15340711a396f592c7f046b1b69a6fc312f76a5708bc5809dcf5d4564de7f47ef","ssdeep":"96:pu/16WIHBLusBcADGDd/R5h2RTLlD3jMXY2yGy94E34sTY2Cif:pGIhNBcAD0NRv8XlD3wXY2yH+EoaY2f","tlshash":"34a151c43542b830e2b77027f0ab58d46175abe1a82d8446d59cd8f12da39cee0e7b3d","first_seen":"2026-04-26T21:57:59.026054Z","last_seen":"2026-06-04T18:51:32.274027Z","times_seen":9999,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/DrawSVGPlugin.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/DrawSVGPlugin.min.js?ver=3.12.5 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 26 Jan 2024 20:14:30 GMT\r\netag: \"1189-60fdef18d7580-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 2272\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":4489,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4120)","md5":"009ee43073a2e5b1ebb0875987e894d0","sha1":"34e75c9ab1aecd7e6b492bc5e992d58949a9f99f","sha256":"586dcabcbb6ba09bf252c541cc7dad490ac777d0a1c08c29f36cf492f347abb6","sha512":"6878d173138ca3fcc9812eea0deca91718069c465d2c0431f3ca13e1e6656642bbcee2ab7300f2b6baebc960fab4ef42e3939de5ccb19352741cd370f32eb41a","ssdeep":"96:Rk8z68oBfJ6vA/3bI9mGPA69BW6vCU4NWMHOf6xCurfZONnnKV:6ZtIvE3s9mGP7HWcCrNWpSDZOZnKV","tlshash":"9d91b5f936813433022906fa456f3807b13d08a6670d248cf7a869e97d66d3b6337de9","first_seen":"2024-09-19T22:03:11.999104Z","last_seen":"2026-06-04T16:45:44.737522Z","times_seen":81,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/complianz/css/banner-1-optin.css?v=20","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/complianz/css/banner-1-optin.css?v=20 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 13 May 2026 08:01:08 GMT\r\netag: \"3e1c-651ae61d8838d-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3004\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15900,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (15900), with no line terminators","md5":"d076396f4b22b656318e0a6957527dbc","sha1":"0cba1a682253135fd3900539dcdc082f4518e526","sha256":"64ab1f166cc41617580e1af67dbd56bd3b4f9060232f734461123f0285145a70","sha512":"a32ca01f6f17e0c02d9f6f7aecb8340a9010d8963a5a9a5eff3dcc45532e1402ba2dd7710cfa7a49f9105f9f11523bf3101cd2133a096323948f5e9b513e003a","ssdeep":"96:susOpHJbne6nrZ1csUi5p8Z1cAvqlIWurrkTobudlYLhf8Iqb56qlym6OoLBa/TH:7UAWDi5cWi2IWRzZKdVE5y3sMBlYj","tlshash":"3c622fa99e0c1164d3cfdf1d3baa960e9114b731b29d1af824a17850f2ee5d11d2e387","first_seen":"2026-06-04T16:45:44.738055Z","last_seen":"2026-06-04T16:45:44.738055Z","times_seen":1,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"srtx.pro/uEIL3o","fqdn":"srtx.pro","domain":"srtx.pro","tld":"pro"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-04T16:45:09.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"srtx.pro","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 23 May 2026 15:48:34 GMT","end":"Fri, 21 Aug 2026 15:48:33 GMT"},"fingerprint":{"sha1":"EB:2E:5E:C7:EE:AC:3E:CE:25:67:E4:CD:99:5F:0A:E6:38:87:62:0F","sha256":"7A:AC:8A:42:32:76:48:35:3F:58:35:52:68:A9:21:4C:0B:CE:BD:1A:F6:0F:8A:4C:CE:9E:53:58:9D:EE:EF:5F"}}},"request":{"raw":"GET /uEIL3o HTTP/1.1\r\nHost: srtx.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Thu, 04 Jun 2026 16:45:09 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://le-meridien.ch/red?5231\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YNjE45ZncoMo4RzHlCkJ9B3tV2skxrfbs7o5AsX%2FfAnlEjTPx2nQEuGOYSuvN7fdcxaf0H9iykkDpD7SV7sY8uLb4WknPKXsYLKG3AHIGJZp6nJtmIqqWmiCyA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a06868045cc0c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89870,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-04T18:49:09.20719Z","times_seen":16120047,"resource_available":true,"data":null}},"time_used":840,"timings":{"blocked":35,"dns":13,"connect":1,"send":0,"wait":770,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"srtx.pro","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"srtx.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/style.css?ver=1.9.9","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/style.css?ver=1.9.9 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Thu, 05 Mar 2026 20:20:32 GMT\r\netag: \"208-64c4cab188400-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 329\r\ncontent-type: text/css\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":520,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6f7703d4dd3a18f2bed5d52c17cd554b","sha1":"2fda6580a5468e73e88eca8a39afecfd23ed2188","sha256":"64ba2f36f412da1688f4f3bcea7501574421d4d6dc260cce67459b5d27bd2dbe","sha512":"ec265da5decb365650f9efddb8314e7c7d6d422b275d538073c362682c948b611d54944d0e00fc489f4a3583befac45c3a6f58a9dbdf5e0e50d937a68417eda6","ssdeep":"","tlshash":"0df0c0052a2692a3b2e6c38b3c637156649bd78091cc54f4d54e91965c2975f23f5428","first_seen":"2026-04-16T07:45:24.091273Z","last_seen":"2026-06-04T16:45:44.700691Z","times_seen":4,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/SplitText.min.js?ver=3.12.5","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/SplitText.min.js?ver=3.12.5 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 26 Jan 2024 20:14:30 GMT\r\netag: \"3d45-60fdef18d7580-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 5363\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15685,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15320)","md5":"7ab4d78435a4e872833393c18847015a","sha1":"0835ca7b5515aeb16c73c285b1834b76dd680ae0","sha256":"f906f960b061c3bd425b67054deeab6bb16db1e7ec9ba837beb19dde316a8839","sha512":"9f4249f8e2e10647826b0c3164c41ede5e3d6cb1320330e799b221cb18785b83d95550c224b2e0a9b980f2334b87f046255fe6b42e0afc94c8af6628bda9c0fe","ssdeep":"192:yDrEaLjwZ/9w8xh6Los1ZVBjV2uuw/wuPBnnlncpOjd/VFh1CKCW269EVCNj:qrEawZ1w8fa7jVUml+y/J1CFW9CVCZ","tlshash":"f96285b050216f207572121789561b1ff0a8591be623da36ebacf4ad7340834e7e7af9","first_seen":"2024-08-16T23:06:41Z","last_seen":"2026-06-04T16:45:44.739773Z","times_seen":561,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/components/AJAX.js","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:12.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/components/AJAX.js HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/themes/asli/js/framework.js?ver=1.9.9\r\nCookie: _ga_QQ45JBGFDC=GS2.1.s1780591512$o1$g0$t1780591512$j60$l0$h0; _ga=GA1.1.1796942693.1780591512\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:12 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"1865c-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 26459\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":99932,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9b86caf72fb082e8bcd740c7c1ca23e8","sha1":"de0d10c1e06e33a23f17bfca987ab07ff2dc93fc","sha256":"8fa9b9587caa637306105ce31b3865015daf9c88229763b6600d14a5263c5dde","sha512":"08874aac78fd56cd445ce17e4d0c53c30317f2430d61e91a922b7e8b80b73112943a6d3ee6268219d4555cd409fe376d09f1a51394cf127b94e63739498a090d","ssdeep":"3072:jfzenm6MIph9piypiXpiyyOhdsLe+yWtJN:jfzXWtJN","tlshash":"cfa3834426845f59238b5fbf7713b0e5e9ad08aa290848abe114fc1876d3327f3f2675","first_seen":"2026-05-19T19:03:05.040511Z","last_seen":"2026-06-04T16:45:44.740361Z","times_seen":3,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/google-fonts/fonts/poppins-pxieyp8kv8jhgfvrjjfecg.woff2","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/google-fonts/fonts/poppins-pxieyp8kv8jhgfvrjjfecg.woff2 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/uploads/elementor/google-fonts/css/poppins.css?ver=1743504169\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 01 Apr 2025 10:42:49 GMT\r\netag: \"1ecc-631b532ac728e\"\r\naccept-ranges: bytes\r\ncontent-length: 7884\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-06-04T18:50:32.130067Z","times_seen":350772,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-includes/js/wp-emoji-release.min.js?ver=7.0","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=7.0 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Thu, 04 Jun 2026 14:16:37 GMT\r\netag: \"58ea-6536e3136345f-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 5375\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22762,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19823)","md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-06-04T18:48:05.79515Z","times_seen":257142,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=GT-NB3SQN97","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 18:35:27 GMT","end":"Mon, 10 Aug 2026 18:35:26 GMT"},"fingerprint":{"sha1":"81:79:25:0A:2E:C8:CA:DA:16:EF:B8:34:B7:38:E6:48:7B:5B:4C:6D","sha256":"7B:74:72:15:7A:A8:4B:D0:1D:D6:11:DE:7C:D9:15:EE:E9:22:FF:E8:56:41:9E:88:6C:4A:F9:9F:AB:B3:6E:2C"}}},"request":{"raw":"GET /gtag/js?id=GT-NB3SQN97 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nexpires: Thu, 04 Jun 2026 16:45:11 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 158873\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":478955,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"4dd0a1eb9614c83836be192573ad3024","sha1":"30db1909e2a51aaa3d78bb5e4482998ac4b1906b","sha256":"6df822713349cd60fa12a3c61612d86e075e996d11bc4e2c0360ae4db5d76a4e","sha512":"07d1ff5c1508181e9d07fe14bcea64a61dcc4426f89804e42a7b9f926587292a8398e68ea238813577d1c9e921205710f71f96b49c1159024946edab37c102a6","ssdeep":"6144:X2V3GsHPLhgbE47c2bXW0w40dicStQoSXDKTl25GGQ:Grx47LSohh","tlshash":"6da4e9ceb3d674625396f478903f018ba57b28e2b44cc899b189cce42e7469a4177f7c","first_seen":"2026-06-04T16:45:44.742376Z","last_seen":"2026-06-04T16:45:44.742376Z","times_seen":1,"resource_available":true,"data":null}},"time_used":798,"timings":{"blocked":295,"dns":0,"connect":30,"send":0,"wait":56,"receive":98,"ssl":316},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/2023/10/Fichier-1@300x-1536x487.png","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/2023/10/Fichier-1@300x-1536x487.png HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Fri, 18 Oct 2024 07:13:31 GMT\r\netag: \"88b7-624bb0a539cc0\"\r\naccept-ranges: bytes\r\ncontent-length: 34999\r\ncontent-type: image/png\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34999,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1536 x 487, 8-bit/color RGBA, non-interlaced","md5":"499470ea4025071d08ddf75833ca21e0","sha1":"ffd6637cf8c5773cf1c3ad0cca749057bb78a4aa","sha256":"6bae09e0d72825ee3f4f74aa9b00e10bb2627983d55522ca2ddfb200e3bd6fdc","sha512":"9a9edcacf3b9a27a2398dc6da3f287ba0171f5a5c6b3144e13abc56ed6eb57cbd1100601cacbc9f5282b50682843bef4a2abbc8d23b02402d87701f59188c21c","ssdeep":"768:3zZwCPKqAVAWDHLpsIUQDYaHBMLlhbgWZnHAlPkSgPqlw:3Sa1AVAWDrCIUQDNHGHHsPwPqlw","tlshash":"45f2e082d201e2d19542c50d227f31f1e6d6c272c6a73cd69af469a38550793b0bf3ee","first_seen":"2026-06-04T16:45:44.742994Z","last_seen":"2026-06-04T16:45:44.742994Z","times_seen":1,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/themes/asli/js/vendor/scheduler-polyfill.min.js?ver=1.3.0","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/themes/asli/js/vendor/scheduler-polyfill.min.js?ver=1.3.0 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/red?5231\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Wed, 18 Feb 2026 15:35:14 GMT\r\netag: \"2448-64b1aef29f080-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 2722\r\ncontent-type: application/javascript\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9288,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9288), with no line terminators","md5":"be92121776ca650425da1bb0c3055b7d","sha1":"ce9e7e3ae6f5331ef37420b0d5e44880c4269754","sha256":"de6af007b85134f3275213a39268d4ebc32e4429b13d822b44f0e3de788f795d","sha512":"b9ac972db732e4aad7c120651bf3d70ca07e1ee352825cf8c3a3b450d0cf0c184bbc9243270346952047b29d9d7890cd4f2146adc3e14276b4fb73ef39fbcabf","ssdeep":"192:Las0/t50xc9vTR639uTMJTerntiR2RRqtr1HmaEtfbqKRyP:LH0l50oTwsdKlam","tlshash":"941231f151a6eb660ef6f293d3069343a33c63666c4842697bacebc224945c05363f72","first_seen":"2025-10-23T09:40:47.621761Z","last_seen":"2026-06-04T16:45:44.743837Z","times_seen":6,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"le-meridien.ch/wp-content/uploads/elementor/google-fonts/fonts/nunitosans-pe0tmimslybiv1o4x1m8ce2xcx3yop4tqpf_metm0lfgwvpnn64cl7u8uphzibmv51q42ptcp7t1r-s.woff2","fqdn":"le-meridien.ch","domain":"le-meridien.ch","tld":"ch"},"ip":{"addr":"83.228.239.243","port":443,"asn":0,"as":"","country":"Switzerland","country_code":"CH"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://le-meridien.ch/red?5231","date":"2026-06-04T16:45:11.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"le-meridien.ch","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 20 Apr 2026 18:10:50 GMT","end":"Sun, 19 Jul 2026 18:10:49 GMT"},"fingerprint":{"sha1":"D6:65:EE:94:E2:C4:B9:BC:05:1B:8A:A8:EE:6B:8C:8C:3D:40:EB:47","sha256":"7B:57:56:A5:75:13:78:B2:32:2C:FD:F9:2A:25:3B:E3:73:DD:D2:7D:E2:70:E9:BF:DB:E1:76:92:DE:01:4B:86"}}},"request":{"raw":"GET /wp-content/uploads/elementor/google-fonts/fonts/nunitosans-pe0tmimslybiv1o4x1m8ce2xcx3yop4tqpf_metm0lfgwvpnn64cl7u8uphzibmv51q42ptcp7t1r-s.woff2 HTTP/1.1\r\nHost: le-meridien.ch\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://le-meridien.ch/wp-content/uploads/elementor/google-fonts/css/nunitosans.css?ver=1743504173\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 04 Jun 2026 16:45:11 GMT\r\nserver: Apache\r\nstrict-transport-security: max-age=16000000\r\nlast-modified: Tue, 01 Apr 2025 10:42:53 GMT\r\netag: \"794c-631b532ebaded\"\r\naccept-ranges: bytes\r\ncontent-length: 31052\r\ncontent-type: font/woff2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":31052,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31052, version 1.0","md5":"5c4f357d4926fc197d43abc63b7fca8c","sha1":"686af7000d038d7479ed36b48a8ebb0ea9b98aea","sha256":"1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3","sha512":"9f760f0c8c7fe583bbcb8270abf62c826d33fa6dceaf820533b64b56742284ec9b750066daaf9e4d3c0305373d1db8bd2ad47bbb88573610f0be2a617e183dd6","ssdeep":"768:O0RiZKVUEuUY9yqDvkLAGxqwSUZZ+ntzoNQG:O0RvFuUY9qn4wSG+C","tlshash":"f7d2e06e7e77c5b468489372f0fe1e3137ac3916314d22e27ac3aa3d34b3756a824452","first_seen":"2023-04-30T22:47:43Z","last_seen":"2026-06-04T16:45:44.702243Z","times_seen":8007,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-04","alert":"Phishing Block","trigger":"le-meridien.ch","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-04","alert":"Sinkholed","trigger":"le-meridien.ch","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}