{"report_id":"76611439-0c36-4d12-bb21-78ae3e1dde87","version":6,"status":"done","tags":[],"date":"2026-04-30T10:46:39Z","url":{"schema":"http","addr":"id-r35dx.com","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":0,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"final":{"url":{"schema":"https","addr":"id-r35dx.com/acces-refuse.php","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"title":"Accès non disponible — DHL","dom":{"size":10969,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (459)","md5":"3f7b9afcfdfbc41ec6a72cd30324bae3","sha1":"3993432d3aa569801c7b30ab777211b990f3fe69","sha256":"83c149a543c080eccf022ca86a730e020226c9d4ff07a5f5b5444b774a12c536","sha512":"ec0e515fd112634a0fde4626237dce25687feaa72d644ec1239e7d972bedb5f7c1e50683aa39c13019d29ef2d6856f927f44de3ed116ce102ccb80db871c6bc3","ssdeep":"192:cRV81b5z+ekrgjvWAOIU3dfVcbbuAIIH0LETgRiy:cR21bpRA2WpWKAIIULEsF","tlshash":"e432942270f5103b06a35399be62ab6c6d978003d50daa02367e8f8d9ff6d42dc1765f","dom_hash":"domhash93a7a1586be26b5db3f55ddd93d1fb45","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"id-r35dx.com","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":0,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-04T10:46:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"id-r35dx.com","ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"domain_registered":"2026-04-28","domain_rank":0,"first_seen":"2026-04-30T01:54:31.879865Z","last_seen":"2026-04-30T01:54:31.879865Z","alert_count":20,"request_count":10,"received_data":69961,"sent_data":5037,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"id-r35dx.com/acces-refuse.php","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"ee55e6bb9a806fc52192b90ab84a051c","sha1":"2c8264e2bdc07e26d0402b199909af6fe9e30ffb","sha256":"d21098719785517a47e26204084a37b94341a1709eb66b21c5b9c2949a730cf6","sha512":"eea1602668953c6b99f1a782f42e65599a4bf04193b076a5b858c2171e8e2312f4b243e6e2a3aee2730c67964c17cc78b0b7b9a9476f1136175080afbd80e148","ssdeep":"","tlshash":"6be0266ff89338b2a87b36dd56ef8ba4359500031683c8023e5cc9404f12e65283fdd8","size":358,"data":"","first_seen":"2026-04-19T23:13:40.536062Z","last_seen":"2026-04-30T10:52:53.263485Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"id-r35dx.com/acces-refuse.php","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"8b6630a9c1af35f70b299eb505745595","sha1":"0bdc0d57d6bbd1fe388ca3851c2c723b90c7cbd2","sha256":"23e34e892a866957ac6b857f65b382140a5952ff9ae331880a9128100a327bbe","sha512":"6ff9e98803003791658c2036786d96ba49716a0dde5ef8fbc267249d4ddf51cd00e289f63d5e423a9bb3fb6061912d5b8eac3e320df5c21422222da78fcb01f1","ssdeep":"","tlshash":"8d31ac1d31e321765933e5b98bdf6b88353521134006c9123d6cdb0caf949ae9e71b8d","size":1740,"data":"","first_seen":"2026-04-19T23:13:40.537564Z","last_seen":"2026-04-30T10:52:53.264192Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"id-r35dx.com/","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-30T10:46:15.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"id-r35dx.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 22:34:10 GMT","end":"Mon, 27 Jul 2026 22:34:09 GMT"},"fingerprint":{"sha1":"D2:1D:71:72:EE:9A:09:94:59:28:51:D1:52:44:61:F7:09:C8:DE:46","sha256":"22:B7:58:35:67:D5:A1:15:08:96:FA:8B:AA:60:08:EB:7E:C2:21:3F:D0:73:78:82:7E:75:93:22:72:6E:AB:85"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: id-r35dx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Thu, 30 Apr 2026 10:46:11 GMT\r\nServer: Apache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nSet-Cookie: PHPSESSID=siuf4g2oe80a0dpd86j070558a; path=/\r\nLocation: acces-refuse.php\r\nX-Powered-By: PHP/8.3.30, PleskLin\r\nContent-Length: 0\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":11222,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-30T20:35:18.51264Z","times_seen":14440285,"resource_available":true,"data":null}},"time_used":257,"timings":{"blocked":84,"dns":16,"connect":30,"send":0,"wait":89,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"id-r35dx.com/acces-refuse.php","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-30T10:46:15.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"id-r35dx.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 22:34:10 GMT","end":"Mon, 27 Jul 2026 22:34:09 GMT"},"fingerprint":{"sha1":"D2:1D:71:72:EE:9A:09:94:59:28:51:D1:52:44:61:F7:09:C8:DE:46","sha256":"22:B7:58:35:67:D5:A1:15:08:96:FA:8B:AA:60:08:EB:7E:C2:21:3F:D0:73:78:82:7E:75:93:22:72:6E:AB:85"}}},"request":{"raw":"GET /acces-refuse.php HTTP/1.1\r\nHost: id-r35dx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=siuf4g2oe80a0dpd86j070558a\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 30 Apr 2026 10:46:11 GMT\r\nServer: Apache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Powered-By: PHP/8.3.30, PleskLin\r\nContent-Length: 3397\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":11222,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (453), with CRLF line terminators","md5":"fa745174066a1a8f1e9290318f93216d","sha1":"a931424311be34803e8be5130e56ee10f71e4018","sha256":"9a7b3ec23d0977986af028c2ae2935afcb9cdd5bc8584c56b8d1751446c84dd8","sha512":"f1720e2be6cf93a8315c69dbbf4fac71c03b93e66066d6af8b19e6c3bd429fda9b1269dee3d3cca0d7352f984ca8da37fafa704c5c90e0c1c4eca01fae26c9ad","ssdeep":"192:rUMONz+9kCW5OxWhdxUKzGJ96ERnmn4YIIySR0HDqjc:IMO9ullWnnDIIySiHDqw","tlshash":"8932612271c0103b077393a9ae21a7acfd968143d2094a0676be5f8f6ff6d059c1795e","first_seen":"2026-04-20T08:49:07.674806Z","last_seen":"2026-04-30T10:52:53.255466Z","times_seen":11,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"id-r35dx.com/css/dhl-home.css","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://id-r35dx.com/acces-refuse.php","date":"2026-04-30T10:46:16.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"id-r35dx.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 22:34:10 GMT","end":"Mon, 27 Jul 2026 22:34:09 GMT"},"fingerprint":{"sha1":"D2:1D:71:72:EE:9A:09:94:59:28:51:D1:52:44:61:F7:09:C8:DE:46","sha256":"22:B7:58:35:67:D5:A1:15:08:96:FA:8B:AA:60:08:EB:7E:C2:21:3F:D0:73:78:82:7E:75:93:22:72:6E:AB:85"}}},"request":{"raw":"GET /css/dhl-home.css HTTP/1.1\r\nHost: id-r35dx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://id-r35dx.com/acces-refuse.php\r\nCookie: PHPSESSID=siuf4g2oe80a0dpd86j070558a\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 30 Apr 2026 10:46:12 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 28 Apr 2026 23:34:16 GMT\r\nETag: \"767e-6508dab6863e0-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Powered-By: PleskLin\r\nContent-Length: 5453\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":30334,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"7b80bff8920149edc698eee61a0c759f","sha1":"7eec15cb87d543823c9e9941e86268e06b28c91d","sha256":"75cb96c7ac361e613370e02113742c9a07f7e41ce323efa6de6da95b6904a965","sha512":"4ad257c7cee8e6d4f1c907ebec60ccfb9335262ba9d02d60b5f71b8dcd3afb67d57a18cf69b2c63a72e6ba7f96edd8b1175e50f7546b629868c82b8ffbfd18b2","ssdeep":"192:xC74stLQIUe5xag9FTEQi5raa2QRRFIRi9Cy9rW+Co+HtOCS8oi0F33DG33ntsRO:xstta/pUTWantrG+Zsyb","tlshash":"86d274bc5716906e9d37df64bb958b89b7c081259d06032dbff65088f2dc2b852a1f8c","first_seen":"2026-04-19T23:13:40.531569Z","last_seen":"2026-04-30T10:52:53.256227Z","times_seen":14,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"id-r35dx.com/assets/youtube-new.svg","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://id-r35dx.com/acces-refuse.php","date":"2026-04-30T10:46:16.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"id-r35dx.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 22:34:10 GMT","end":"Mon, 27 Jul 2026 22:34:09 GMT"},"fingerprint":{"sha1":"D2:1D:71:72:EE:9A:09:94:59:28:51:D1:52:44:61:F7:09:C8:DE:46","sha256":"22:B7:58:35:67:D5:A1:15:08:96:FA:8B:AA:60:08:EB:7E:C2:21:3F:D0:73:78:82:7E:75:93:22:72:6E:AB:85"}}},"request":{"raw":"GET /assets/youtube-new.svg HTTP/1.1\r\nHost: id-r35dx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://id-r35dx.com/acces-refuse.php\r\nCookie: PHPSESSID=siuf4g2oe80a0dpd86j070558a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 30 Apr 2026 10:46:12 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 28 Apr 2026 23:34:16 GMT\r\nETag: \"332-6508dab668f20\"\r\nAccept-Ranges: bytes\r\nContent-Length: 818\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":818,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"01c198d73e6a3f7c351b61f860e0fd90","sha1":"a7bb3ec37dc19e0b8d07aaa272a0de60d7242330","sha256":"8ab280a31a012ac7c6fb77be3e134d2858d50e3b1d16ffa4b45f35487cadf5bd","sha512":"65a8e6a8e2bbcf3adf8dac8816294e66d2aaba9acec34e0acee7713ec350e64b45cf8afbefc950fcd7ade971779c5afd366b5a056bd9c5a316fe66ff856f42e6","ssdeep":"","tlshash":"af01a3cf3b21f55c48d582219e3afd803b5510b1274501c5d4e67fbd01a72b21c40da9","first_seen":"2024-03-19T15:11:55Z","last_seen":"2026-04-30T10:52:53.25778Z","times_seen":532,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":73,"dns":0,"connect":33,"send":0,"wait":31,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"id-r35dx.com/assets/facebook-new.svg","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://id-r35dx.com/acces-refuse.php","date":"2026-04-30T10:46:16.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"id-r35dx.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 22:34:10 GMT","end":"Mon, 27 Jul 2026 22:34:09 GMT"},"fingerprint":{"sha1":"D2:1D:71:72:EE:9A:09:94:59:28:51:D1:52:44:61:F7:09:C8:DE:46","sha256":"22:B7:58:35:67:D5:A1:15:08:96:FA:8B:AA:60:08:EB:7E:C2:21:3F:D0:73:78:82:7E:75:93:22:72:6E:AB:85"}}},"request":{"raw":"GET /assets/facebook-new.svg HTTP/1.1\r\nHost: id-r35dx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://id-r35dx.com/acces-refuse.php\r\nCookie: PHPSESSID=siuf4g2oe80a0dpd86j070558a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 30 Apr 2026 10:46:12 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 28 Apr 2026 23:34:13 GMT\r\nETag: \"335-6508dab349240\"\r\nAccept-Ranges: bytes\r\nContent-Length: 821\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":821,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"79b871b8de76e9e6e4f2f879dac26447","sha1":"8e60e10b0f2183ca4379d89bc27e4d4d69cfc3ee","sha256":"1979d99c5483675a8be762b48f46112909e27301c1f549c8cb35a2be5503f72f","sha512":"939c32a8ed09aa16efeee91704ac394807dd858627665a73365d8f42d9d53aa4b2545863f5e01de682e6ca5469b160fe4d6801b26193fecf571409ed41a61814","ssdeep":"","tlshash":"ee01cee653fdc2aa586eba369e325ac06e111c311b05105dd7e33180ba37aff2c4b684","first_seen":"2024-03-19T15:11:55Z","last_seen":"2026-04-30T10:52:53.258562Z","times_seen":490,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":64,"dns":0,"connect":30,"send":0,"wait":32,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"id-r35dx.com/assets/glo-footer-logo.svg","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://id-r35dx.com/acces-refuse.php","date":"2026-04-30T10:46:16.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"id-r35dx.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 22:34:10 GMT","end":"Mon, 27 Jul 2026 22:34:09 GMT"},"fingerprint":{"sha1":"D2:1D:71:72:EE:9A:09:94:59:28:51:D1:52:44:61:F7:09:C8:DE:46","sha256":"22:B7:58:35:67:D5:A1:15:08:96:FA:8B:AA:60:08:EB:7E:C2:21:3F:D0:73:78:82:7E:75:93:22:72:6E:AB:85"}}},"request":{"raw":"GET /assets/glo-footer-logo.svg HTTP/1.1\r\nHost: id-r35dx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://id-r35dx.com/acces-refuse.php\r\nCookie: PHPSESSID=siuf4g2oe80a0dpd86j070558a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 30 Apr 2026 10:46:12 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 28 Apr 2026 23:34:13 GMT\r\nETag: \"f32-6508dab39b2c0\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3890\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":3890,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5ccb5ea15c3e242b155a1645fb30d717","sha1":"7c14c7cd33894f70df1f5ff821cf6dea8e65d3f5","sha256":"eec352f272b13be3883b6b13674898e718d277a690011c4e6eb1e47189656433","sha512":"51678b3755d2434d7e38390e8cc868edc9599fbce60662fa9a1fd35e830f59c3be33b183f60445bcd82f4c2d44086e0f1d28338b91f2bd8bc23b33991c6746e3","ssdeep":"","tlshash":"338196c36330f1a9580bcfed6e797d75169ea0f56a5506e989d34304428b9bafc60fc0","first_seen":"2024-03-19T15:11:55Z","last_seen":"2026-04-30T10:52:53.260576Z","times_seen":576,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"id-r35dx.com/favicon.ico","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://id-r35dx.com/acces-refuse.php","date":"2026-04-30T10:46:16.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"id-r35dx.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 22:34:10 GMT","end":"Mon, 27 Jul 2026 22:34:09 GMT"},"fingerprint":{"sha1":"D2:1D:71:72:EE:9A:09:94:59:28:51:D1:52:44:61:F7:09:C8:DE:46","sha256":"22:B7:58:35:67:D5:A1:15:08:96:FA:8B:AA:60:08:EB:7E:C2:21:3F:D0:73:78:82:7E:75:93:22:72:6E:AB:85"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: id-r35dx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://id-r35dx.com/acces-refuse.php\r\nCookie: PHPSESSID=siuf4g2oe80a0dpd86j070558a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 30 Apr 2026 10:46:12 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 18 Apr 2026 14:57:01 GMT\r\nETag: \"b69-64fbd472f2060\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2921\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2921,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"91e155f416e5876b97a4a9e69084dc74","sha1":"b51a868e16451b3f08a8e7a9cc4fbee620c0a992","sha256":"9d8618c051925f6b0bc955ee123652503563a8a19605d8d89b6a912c92a88e20","sha512":"4141b0d000c9cb9a04a0d2428de37809a562946c0577f384c50e452711e0fa92d76fe6aaa566b59361eace2061fcb54f900e5bf12eb3bbc5a4b87519063bdf1a","ssdeep":"","tlshash":"e851612268462504b057a1445f83ab0926f2d807d10bc87e7b9e9285cfdd3ff86ef398","first_seen":"2025-07-30T00:06:09.393129Z","last_seen":"2026-04-30T10:52:53.26117Z","times_seen":64,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"id-r35dx.com/assets/dhl-logo.svg","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://id-r35dx.com/acces-refuse.php","date":"2026-04-30T10:46:16.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"id-r35dx.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 22:34:10 GMT","end":"Mon, 27 Jul 2026 22:34:09 GMT"},"fingerprint":{"sha1":"D2:1D:71:72:EE:9A:09:94:59:28:51:D1:52:44:61:F7:09:C8:DE:46","sha256":"22:B7:58:35:67:D5:A1:15:08:96:FA:8B:AA:60:08:EB:7E:C2:21:3F:D0:73:78:82:7E:75:93:22:72:6E:AB:85"}}},"request":{"raw":"GET /assets/dhl-logo.svg HTTP/1.1\r\nHost: id-r35dx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://id-r35dx.com/acces-refuse.php\r\nCookie: PHPSESSID=siuf4g2oe80a0dpd86j070558a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 30 Apr 2026 10:46:12 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 28 Apr 2026 23:34:11 GMT\r\nETag: \"3c2-6508dab1bab40\"\r\nAccept-Ranges: bytes\r\nContent-Length: 962\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":962,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"532ab610b8d23e1a76fe835ea38d3f64","sha1":"bb8143056f80f377663a6c2f760e2ba5cd8ba7b9","sha256":"328777be6ed92ae88755009a974a1283abf795957a3df244576ed70f5de4e9c3","sha512":"39464441fe97ae1bab7b9c6f0a079eaceedf401d228cb2f84747d76ded304f82c561672224f6d8325f751a088cf7e74e4b2241c21931f92a647a7b05cab00de9","ssdeep":"","tlshash":"1b11ec5892f4f6769907c7f48f7c957420ea10d441e98b5cace323101354abbe0bedda","first_seen":"2024-03-19T15:11:55Z","last_seen":"2026-04-30T10:52:53.257013Z","times_seen":2578,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":71,"dns":1,"connect":34,"send":0,"wait":32,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"id-r35dx.com/assets/instagram-new.svg","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://id-r35dx.com/acces-refuse.php","date":"2026-04-30T10:46:16.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"id-r35dx.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 22:34:10 GMT","end":"Mon, 27 Jul 2026 22:34:09 GMT"},"fingerprint":{"sha1":"D2:1D:71:72:EE:9A:09:94:59:28:51:D1:52:44:61:F7:09:C8:DE:46","sha256":"22:B7:58:35:67:D5:A1:15:08:96:FA:8B:AA:60:08:EB:7E:C2:21:3F:D0:73:78:82:7E:75:93:22:72:6E:AB:85"}}},"request":{"raw":"GET /assets/instagram-new.svg HTTP/1.1\r\nHost: id-r35dx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://id-r35dx.com/acces-refuse.php\r\nCookie: PHPSESSID=siuf4g2oe80a0dpd86j070558a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 30 Apr 2026 10:46:12 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 28 Apr 2026 23:34:14 GMT\r\nETag: \"d9d-6508dab4cae20\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3485\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3485,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3acb3282b220833f708c5a9be810bcf2","sha1":"fd26e6ea27a510af8b14da5f5fc8510cf0794e06","sha256":"f27026fef42b128c001a2c722d427044a148b50fc90c55f898c4447838580237","sha512":"0d967c5539fc77fa951fd48cb816adb873a2137f2f67c3bf09a5ee736fabce3a2ddea5146986c46008a20da00ef2e7aad8606028cc7a1fa36d6e908ca94bc225","ssdeep":"","tlshash":"8d7144e367d4728513899b96be3ab06d951b34f3b47a70fcc2c7b14565039e2bc048a9","first_seen":"2024-03-19T15:11:55Z","last_seen":"2026-04-30T10:52:53.259932Z","times_seen":490,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":65,"dns":1,"connect":34,"send":0,"wait":32,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"id-r35dx.com/assets/linkedIn-new.svg","fqdn":"id-r35dx.com","domain":"id-r35dx.com","tld":"com"},"ip":{"addr":"185.99.98.8","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://id-r35dx.com/acces-refuse.php","date":"2026-04-30T10:46:16.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"id-r35dx.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 22:34:10 GMT","end":"Mon, 27 Jul 2026 22:34:09 GMT"},"fingerprint":{"sha1":"D2:1D:71:72:EE:9A:09:94:59:28:51:D1:52:44:61:F7:09:C8:DE:46","sha256":"22:B7:58:35:67:D5:A1:15:08:96:FA:8B:AA:60:08:EB:7E:C2:21:3F:D0:73:78:82:7E:75:93:22:72:6E:AB:85"}}},"request":{"raw":"GET /assets/linkedIn-new.svg HTTP/1.1\r\nHost: id-r35dx.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://id-r35dx.com/acces-refuse.php\r\nCookie: PHPSESSID=siuf4g2oe80a0dpd86j070558a\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 30 Apr 2026 10:46:12 GMT\r\nServer: Apache\r\nLast-Modified: Tue, 28 Apr 2026 23:34:14 GMT\r\nETag: \"41e-6508dab4ea220\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1054\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1054,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2fff9adf3097c217f1849b01babba2fb","sha1":"7e8144a89322cb04e7fbcc57817f802423cadb9b","sha256":"86a4a9a96396b1de82e1616e6c1c62a2185f808328816c40e2abb03c37c4e965","sha512":"8e33897427026d426ba2f8f89053ae014d30af0a9cf24588e0620448cad2c75bee21e4672318daf7286b30193bb2fb6e8d3c5327d900fe49cd809c6ab32c4a1b","ssdeep":"","tlshash":"b11112b1e6a4ccf8a5659df4adf3b55e572834dbb70101fc9071a06248d75f4a301d89","first_seen":"2024-03-19T15:11:55Z","last_seen":"2026-04-30T10:52:53.259246Z","times_seen":528,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"id-r35dx.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}}]}