{"report_id":"96dc7d3a-f666-4656-bb6d-396c0a1c6e53","version":6,"status":"done","tags":[],"date":"2026-05-17T00:30:16Z","url":{"schema":"http","addr":"microsoft365xx1.iceiy.com","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.229","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"microsoft365xx1.iceiy.com/?i=1","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"title":"Iniciar sesiĆ³n en tu cuenta Microsoft","dom":{"size":25422,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"9c0f71f459ce6a9ef6289d09b8770038","sha1":"e67147d03c28a22c0ec62ffa0eb352650e19eb5c","sha256":"7355f2683941d4cb397b118528801c3f2bbdd9310bdffc48f55624c8cb981164","sha512":"31c40b28395565546bc8af652578b660391e77caff8c068eeb4adea59822ff6e4f763109677d0e403fdc8dc67cf528d9364c2b94f8df2044879868b76d510246","ssdeep":"384:k9oDTleymTXFcR1HFcKmzMDkimF77Fmu1IdFhNdFh8w:k9oDTleymTXFcR1HFcKiF/IdFhNdFh8w","tlshash":"d6b28356a5b319637413e4a827f78a063364c003d50bcd293fac938c9f87ada9d9379d","dom_hash":"domhash907373e88df911d29461a464a3109c0e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"microsoft365xx1.iceiy.com","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.229","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-21T00:30:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.freepnglogos.com","ip":{"addr":"78.46.22.25","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2016-10-07","domain_rank":880176,"first_seen":"2017-02-09T09:00:11Z","last_seen":"2026-05-12T02:04:27.624783Z","alert_count":0,"request_count":1,"received_data":46329,"sent_data":495,"comment":"","tags":null,"fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"c.s-microsoft.com","ip":{"addr":"2.18.174.85","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"2012-02-07","domain_rank":46140,"first_seen":"2013-11-06T15:56:27Z","last_seen":"2026-05-14T17:04:27.394038Z","alert_count":0,"request_count":1,"received_data":376,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-10T22:20:44.526759Z","alert_count":0,"request_count":1,"received_data":519,"sent_data":479,"comment":"","tags":null,"fingerprints":null},{"fqdn":"novenci.fr","ip":{"addr":"109.239.119.237","port":443,"asn":34949,"as":"IDLINE SAS","country":"France","country_code":"FR"},"domain_registered":"2001-09-18","domain_rank":3218628,"first_seen":"2026-05-08T03:56:08.247895Z","last_seen":"2026-05-08T03:56:08.247895Z","alert_count":0,"request_count":1,"received_data":4393,"sent_data":499,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.29.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"microsoft365xx1.iceiy.com","ip":{"addr":"185.27.134.229","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2020-12-06","domain_rank":0,"first_seen":"2026-05-17T00:30:16.464665Z","last_seen":"2026-05-17T00:30:16.464665Z","alert_count":16,"request_count":4,"received_data":29060,"sent_data":2004,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-05-10T23:37:20.475816Z","alert_count":0,"request_count":1,"received_data":90461,"sent_data":454,"comment":"","tags":null,"fingerprints":null},{"fqdn":"i.ibb.co","ip":{"addr":"45.43.142.6","port":443,"asn":215751,"as":"Mikhail Fedorov","country":"Israel","country_code":"IL"},"domain_registered":"2010-07-20","domain_rank":21643,"first_seen":"2018-11-25T10:13:48Z","last_seen":"2026-05-14T10:20:16.267533Z","alert_count":0,"request_count":1,"received_data":42346,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-05-10T22:35:57.417067Z","alert_count":0,"request_count":1,"received_data":103026,"sent_data":477,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"microsoft365xx1.iceiy.com/","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.229","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"ad9988dfbb79dd0caf6f63394170dd33","sha1":"961830d10ee2052c439a83c5417e4510c10270be","sha256":"74d8517b40e22256dc5c1b54ffbe784b49adeeb70c946c6f86548d4e98bcdd72","sha512":"c5d0705a69eead8063f784f3756eb3568ad3a7045d334a76199d33b1fdb4f5e5d9f6d77ee940cf6bd6276fbd683f4aa47c57c284e282d7b8f56a8bf2f981949b","ssdeep":"","tlshash":"aaf00278e131a0d94bc19042083ba54fa0262792b412c0bfc44652705ad28dd0646d2f","size":613,"data":"","first_seen":"2026-05-17T00:30:20.595049Z","last_seen":"2026-05-17T01:57:35.651886Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoft365xx1.iceiy.com/aes.js","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.229","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"756722c3542f271367cc3b074113a8ee","sha1":"c5c24b4cfc44d597fb7d82d79a7dcea4a8d07e2b","sha256":"ed1d3bd967abe66cff832561cb911c572a2f85fd6cffc32ef3cec68dbc60c7ce","sha512":"ec3293d425646848dc2cf5d3cebae22b91d99461d3565ed17599af961f6f0062167446f732e91ade94f7e589000cda7e85259a217c5ce571bc11c175435a4290","ssdeep":"","tlshash":"8d1150a5034607bcf6cd0ec8c40a321a21f1c04abe2112c9afb36ae77c3b8840034e26","size":1000,"data":"","first_seen":"2025-03-10T10:15:36.223346Z","last_seen":"2026-05-17T02:02:54.983051Z","times_seen":2032,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoft365xx1.iceiy.com/telgm.js","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.229","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"a514382d6a210000328fa5bab2b6ce4d","sha1":"71fcfba43084e97ab32ce286fbe11356f10c60f9","sha256":"ef762b42c32370a020688f31e30e0ed265b84e9191991c533c5e22b99b036f01","sha512":"c68cda23d16cafa30a420634bde0a611242c8289f5aa6404e0aee00ab19975ed33d2e5e98f18a2f7b6542e0f8f803de8da80aff48eff4a932eb8565e080fa34b","ssdeep":"","tlshash":"97c0126f61570863264556f5ad47181d67c21d9858858c57706987752d0d0a72541c1a","size":188,"data":"","first_seen":"2026-05-17T00:30:20.592752Z","last_seen":"2026-05-17T01:57:35.648181Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-05-17T07:16:35.851136Z","times_seen":239828,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoft365xx1.iceiy.com/?i=1","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.229","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"9d61272ac101619bbabf70bcbee39f43","sha1":"f7dec1a807fd1d2c860994c9cc89bd4fda6a820c","sha256":"d251840c1a8c989706676636fea04460ff659477f9bd7320ef5574de52d24e61","sha512":"26661cf6011e9a3fb101eb8e55cd5247695c5780d63c349ffe9de36054e3e0ab49d4a1a129625085854e2a77c61bdc40e136c19e77824b41cdcfd8442076e0a0","ssdeep":"","tlshash":"ddd0c9e9e8d27874925821a22c3ad0216a395884548fa549f8400409eec630cdb26c30","size":200,"data":"","first_seen":"2025-10-04T05:08:57.547616Z","last_seen":"2026-05-17T04:59:23.225579Z","times_seen":142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoft365xx1.iceiy.com/?i=1","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.229","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"16eca7897fff93f692f1cc52ca6dc695","sha1":"7ffc3b5e25a7e8dadaf1a9a19786e930fc63e875","sha256":"3b6e3d53df98e71f14b38625b547e4daff350cd3d9593b7ff12210d631cab6ec","sha512":"9456c2eff59d0ddaf873994f376be10785ef9afab5c7f2b3a2025d7441e0990151d70a337d02494b88ec8d441bad8eca74d58900a991fbf65a662e223d1efe23","ssdeep":"96:RdFhsWdFh3ZYFxHRpXq/eYivPBZTuzb8xRn+NWuvzBKKgrYg:RdFhsWdFhqqmYivPezb87+NZzEr3","tlshash":"64c11005b8b61da01473f2a927bb8605361150576546ce013ebcdbcc3f2a9a7ba2279f","size":5615,"data":"","first_seen":"2026-05-17T00:30:20.59685Z","last_seen":"2026-05-17T01:57:35.654177Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"microsoft365xx1.iceiy.com/","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.229","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-17T00:29:53.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: microsoft365xx1.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Sun, 17 May 2026 00:29:52 GMT\r\nContent-Type: text/html\r\nContent-Length: 852\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":852,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (852), with no line terminators","md5":"22813e9da7e3f57af15d129e91197291","sha1":"758d25e12179321aec4951a16dad25864322c0e0","sha256":"a95e9e960f2f3f653e1d6444feb87ec4f17212e066b17683a21f0ee29636ac47","sha512":"3544eab7a866b74e43fd5e3235ea4a2953430eaf73bc69f392878812919a76d5d4c4cc757bdd8c6d003df6cfd91dddbb5b1b5a0be153fe93d7352c8ba683c870","ssdeep":"","tlshash":"07015eb8ecb1e0858bc040c0283ae4ae7012a6a2a511c8afc0c242a062d1bcc0e46c3e","first_seen":"2026-05-17T00:30:20.588062Z","last_seen":"2026-05-17T01:57:35.642251Z","times_seen":3,"resource_available":true,"data":null}},"time_used":438,"timings":{"blocked":203,"dns":37,"connect":31,"send":0,"wait":31,"receive":0,"ssl":134},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoft365xx1.iceiy.com/aes.js","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.229","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoft365xx1.iceiy.com/","date":"2026-05-17T00:29:54.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /aes.js HTTP/1.1\r\nHost: microsoft365xx1.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft365xx1.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T07:14:59.945201Z","times_seen":15320232,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoft365xx1.iceiy.com/?i=1","date":"2026-05-17T00:29:54.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft365xx1.iceiy.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31021\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 16 May 2026 18:06:04 GMT\r\nexpires: Sun, 16 May 2027 18:06:04 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 23030\r\nlast-modified: Fri, 08 May 2020 07:05:03 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":89476,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-05-17T07:16:35.851136Z","times_seen":239828,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":131,"dns":0,"connect":14,"send":0,"wait":9,"receive":8,"ssl":122},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i.ibb.co/205FvB7R/AXXXAAX.jpg","fqdn":"i.ibb.co","domain":"ibb.co","tld":"co"},"ip":{"addr":"45.43.142.6","port":443,"asn":215751,"as":"Mikhail Fedorov","country":"Israel","country_code":"IL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoft365xx1.iceiy.com/?i=1","date":"2026-05-17T00:29:54.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ibb.co","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 15 Apr 2026 08:46:45 GMT","end":"Tue, 14 Jul 2026 08:46:44 GMT"},"fingerprint":{"sha1":"AB:FE:0C:54:E2:24:E0:D9:B7:F9:DC:18:02:C9:05:26:34:63:E8:65","sha256":"F0:A7:95:74:CF:C2:BC:7A:69:1D:6A:03:47:B4:D3:2A:76:24:DE:28:F8:31:95:41:B2:F8:86:C9:B3:F8:E3:01"}}},"request":{"raw":"GET /205FvB7R/AXXXAAX.jpg HTTP/1.1\r\nHost: i.ibb.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft365xx1.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 17 May 2026 00:29:54 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 41978\r\nlast-modified: Mon, 12 Jan 2026 16:41:45 GMT\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, OPTIONS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":41978,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 1592x897, components 3","md5":"88eec58aff2c47c14ac3aaf5741469b7","sha1":"b5bc2b266a8c3519c65dc6e7788ebce89328bf11","sha256":"f605108e180cfa966bc4e04db967ebd9634961694e0cfb9c2eb5aaa032d15663","sha512":"a412095095ac986d64570c33fe5cf77eb6be1dfda3af34e30ca15fe0fc7d7582350da94c37a37acf43bc1bf7c2165bf19e52bacabfd62639f619b451ffa9ceb8","ssdeep":"768:9NTJA/JR9JI3Tykrmp2lKw5wVS+2veEkFd7fjmPDM:9EBRL+Tr+mKKwVJ22R77mbM","tlshash":"951318139d0ddb93b019a7ecff0b4c9d6f56270ca8a235fa54724edb2d106126c8a17e","first_seen":"2026-05-08T03:56:12.317278Z","last_seen":"2026-05-17T01:57:35.651225Z","times_seen":5,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":60,"dns":1,"connect":22,"send":0,"wait":22,"receive":37,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"c.s-microsoft.com/favicon.ico?v2","fqdn":"c.s-microsoft.com","domain":"s-microsoft.com","tld":"com"},"ip":{"addr":"2.18.174.85","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoft365xx1.iceiy.com/?i=1","date":"2026-05-17T00:29:54.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.microsoft.com","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 04","organization":"Microsoft Corporation"},"validity":{"start":"Thu, 22 Jan 2026 19:55:21 GMT","end":"Sun, 17 Jan 2027 19:55:21 GMT"},"fingerprint":{"sha1":"AD:A5:F2:7D:8E:CE:C5:41:6F:5F:E1:90:43:31:0D:DD:30:5C:02:4B","sha256":"9F:17:B5:48:F7:D2:4F:30:9D:BC:AA:B5:71:57:6C:0C:A7:3B:80:55:9C:E6:9F:27:FE:29:5F:64:08:CC:57:BF"}}},"request":{"raw":"GET /favicon.ico?v2 HTTP/1.1\r\nHost: c.s-microsoft.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft365xx1.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nx-azure-ref: 20260517T002954Z-r17599dc998nbxhthC1AMShcdc0000000z10000000006u9n\r\ncontent-encoding: gzip\r\ncache-control: max-age=604800\r\nexpires: Sun, 24 May 2026 00:29:54 GMT\r\ndate: Sun, 17 May 2026 00:29:54 GMT\r\naccess-control-allow-methods: GET,POST\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T07:14:59.945201Z","times_seen":15320232,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":88,"connect":1,"send":0,"wait":78,"receive":3,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoft365xx1.iceiy.com/?i=1","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.229","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-17T00:29:54.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /?i=1 HTTP/1.1\r\nHost: microsoft365xx1.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft365xx1.iceiy.com/\r\nCookie: __test=8463a3f22b530466f94c398868905fae\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Sun, 17 May 2026 00:29:53 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 27087\r\nConnection: keep-alive\r\nLast-Modified: Thu, 14 May 2026 19:59:50 GMT\r\nETag: \"69cf-651cc89fa9df3\"\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=2592000, public, proxy-revalidate\r\nExpires: Tue, 16 Jun 2026 00:29:53 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.5.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27087,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"16cdda9371efda46fa8e867dffe24ab7","sha1":"bcaaffe0fe863e7926b23435884fdaf212257f19","sha256":"786afc5d25006379254e52613f76d3f9e89a577ce9a2b01018c87ba866257223","sha512":"216979398ebad1501f6979d1453da92928a33978587355a4b6e0dbc0dbd1604e89727e91a45d62a3732c52c5cba8e36e67d3f73ded6b86a08c35571fc65df1c5","ssdeep":"384:09OHwocOXGFT3PHCkM9Pf/k4ED0yY90yY0S:09OHwocOXGFT3PHCkR4ED0yY90yY0S","tlshash":"ecc25415e5401a536033e3a867f3870afba98113c203862a7ffc938a1fb79559953f9d","first_seen":"2026-05-17T00:30:20.590938Z","last_seen":"2026-05-17T01:57:35.643328Z","times_seen":3,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Segoe+UI:wght@400;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://microsoft365xx1.iceiy.com/?i=1","date":"2026-05-17T00:29:54.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /css2?family=Segoe+UI:wght@400;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft365xx1.iceiy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sun, 17 May 2026 00:29:54 GMT\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T07:14:59.945201Z","times_seen":15320232,"resource_available":true,"data":null}},"time_used":314,"timings":{"blocked":139,"dns":1,"connect":21,"send":0,"wait":31,"receive":0,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://microsoft365xx1.iceiy.com/?i=1","date":"2026-05-17T00:29:54.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft365xx1.iceiy.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 17 May 2026 00:29:54 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 352692\r\nexpires: Fri, 07 May 2027 00:29:54 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TJUtwH%2Ff1NA8kAdSlamcmWpo87hKVWxKfPIy4iE00tHoIcKRmYObfIjKVAE0Bec%2BeFBUdT3Ptygthf3R%2BUWSNkK9IJTBntdrh7UpJRfI5oBxfITk490gA%2FdiBczxOZUEa43fbtHC\"}]}\r\ncf-ray: 9fce82ae5dda56c3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-05-17T06:24:50.498697Z","times_seen":48635,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":22,"dns":1,"connect":1,"send":0,"wait":12,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoft365xx1.iceiy.com/telgm.js","fqdn":"microsoft365xx1.iceiy.com","domain":"iceiy.com","tld":"com"},"ip":{"addr":"185.27.134.229","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoft365xx1.iceiy.com/?i=1","date":"2026-05-17T00:29:54.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iceiy.com","organization":""},"issuer":{"commonName":"ZeroSSL ECC Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 27 Mar 2026 00:00:00 GMT","end":"Thu, 25 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3E:24:71:C4:C4:07:BB:E5:80:30:EC:11:32:67:55:A7:60:0E:D8:39","sha256":"31:12:E9:3C:26:C5:0D:90:79:20:15:74:87:0E:91:26:43:BD:32:93:E3:DF:29:3E:B9:02:99:28:3D:EF:92:43"}}},"request":{"raw":"GET /telgm.js HTTP/1.1\r\nHost: microsoft365xx1.iceiy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft365xx1.iceiy.com/?i=1\r\nCookie: __test=8463a3f22b530466f94c398868905fae\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: openresty\r\nDate: Sun, 17 May 2026 00:29:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 188\r\nConnection: keep-alive\r\nLast-Modified: Thu, 14 May 2026 19:59:50 GMT\r\nETag: \"bc-651cc8a019f1d\"\r\nCache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate\r\nExpires: Tue, 16 Jun 2026 00:29:53 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":188,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"a514382d6a210000328fa5bab2b6ce4d","sha1":"71fcfba43084e97ab32ce286fbe11356f10c60f9","sha256":"ef762b42c32370a020688f31e30e0ed265b84e9191991c533c5e22b99b036f01","sha512":"c68cda23d16cafa30a420634bde0a611242c8289f5aa6404e0aee00ab19975ed33d2e5e98f18a2f7b6542e0f8f803de8da80aff48eff4a932eb8565e080fa34b","ssdeep":"","tlshash":"97c0126f61570863264556f5ad47181d67c21d9858858c57706987752d0d0a72541c1a","first_seen":"2026-05-17T00:30:20.592752Z","last_seen":"2026-05-17T01:57:35.648181Z","times_seen":3,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-17","alert":"Sinkholed","trigger":"microsoft365xx1.iceiy.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"novenci.fr/media/cache/sectiontop/images/materiels-et-outils/microsoft-logo.webp","fqdn":"novenci.fr","domain":"novenci.fr","tld":"fr"},"ip":{"addr":"109.239.119.237","port":443,"asn":34949,"as":"IDLINE SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoft365xx1.iceiy.com/?i=1","date":"2026-05-17T00:29:54.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"novenci.fr","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 06:19:00 GMT","end":"Mon, 10 Aug 2026 06:18:59 GMT"},"fingerprint":{"sha1":"50:B3:37:3E:BA:0B:21:43:6B:7A:DB:38:9E:C9:28:C7:15:9E:97:2E","sha256":"5E:36:5B:62:19:B1:41:4A:D6:6B:83:92:E9:4E:1F:FC:D2:5C:41:F4:EA:12:90:90:79:A0:18:3E:22:8C:C8:9D"}}},"request":{"raw":"GET /media/cache/sectiontop/images/materiels-et-outils/microsoft-logo.webp HTTP/1.1\r\nHost: novenci.fr\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft365xx1.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: image/webp\r\ncross-origin-opener-policy: same-origin\r\ndate: Sun, 17 May 2026 00:29:54 GMT\r\netag: \"69ef7504-eda\"\r\nlast-modified: Mon, 27 Apr 2026 14:39:00 GMT\r\npermissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()\r\nreferrer-policy: strict-origin-when-cross-origin\r\nserver: nginx/1.29.4\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 3802\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.29.4","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3802,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"159cf2b6d328f456048737253f7d6e13","sha1":"d6d068a5fdbe01c868d0d644ce4d6d9ffe02ef07","sha256":"1b4fdffa9ea3b78574a9581ea6cba6e53c11a965885bd603c3ab4a269cd41fd1","sha512":"2b761a6a4be92fc40bf7429e7971eef2a88aca9bf0bf27949df0c1565c0ff0623b8ebc730efbcdf93ed0d7f3170e6e0f252433c280e1872e195b4ccc6f3df1ad","ssdeep":"","tlshash":"fb718d9b1557eb38bc512b1aa30b938122876758ad4cf93b84d00d85567e7610a8a8e2","first_seen":"2026-05-08T03:56:12.313196Z","last_seen":"2026-05-17T01:57:35.646221Z","times_seen":5,"resource_available":false,"data":null}},"time_used":389,"timings":{"blocked":171,"dns":77,"connect":36,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.freepnglogos.com/uploads/microsoft-logo-png-transparent-background-1.png","fqdn":"www.freepnglogos.com","domain":"freepnglogos.com","tld":"com"},"ip":{"addr":"78.46.22.25","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoft365xx1.iceiy.com/?i=1","date":"2026-05-17T00:29:54.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"freepnglogos.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 03:36:54 GMT","end":"Mon, 03 Aug 2026 03:36:53 GMT"},"fingerprint":{"sha1":"EE:23:79:61:B6:BD:EB:9E:F3:33:21:B3:72:F3:D3:8D:A3:0B:31:0C","sha256":"69:13:91:15:6A:72:5C:D8:32:88:8B:76:F0:22:C2:9B:4A:F1:44:6F:DA:AB:4D:4E:9C:1B:B6:FB:86:CB:88:59"}}},"request":{"raw":"GET /uploads/microsoft-logo-png-transparent-background-1.png HTTP/1.1\r\nHost: www.freepnglogos.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoft365xx1.iceiy.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Sun, 17 May 2026 00:29:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 46043\r\nlast-modified: Sat, 20 Aug 2022 14:09:47 GMT\r\netag: \"6300eb2b-b3db\"\r\ncache-control: no-cache, must-revalidate\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46043,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5471 x 1280, 8-bit/color RGBA, non-interlaced","md5":"c117a0bda103aeb25c145a71b0b8ac5a","sha1":"3dd6e5ccf39e92e840404bdab510c8d67bd6e768","sha256":"4bad04d35478f23907ff0e6433a492400840cec4fbd6a487752dd5bdcbbca029","sha512":"73136f1a544983f8ed0e909d0811bbf7fd61ccbeb84bb2023af56943949ea082306576bff227fc71c864d2022e429059231aa082d19977dead2de25c07e17bc8","ssdeep":"768:sgFuRUyAenFPQDYEP6BI1fdR9QgPla9qO:sfZZiPpLR9d9a9qO","tlshash":"1f2329b54c9b89f5c10d4876dc789fa972f81ade6224332d433e7a3d78963ca6004add","first_seen":"2023-11-03T14:17:52Z","last_seen":"2026-05-17T04:59:23.224917Z","times_seen":181,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":95,"dns":13,"connect":40,"send":0,"wait":66,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}