{"report_id":"a70f6eca-6354-4c34-a9f0-4c5e0e040cc5","version":6,"status":"done","tags":[],"date":"2026-05-18T03:38:34Z","url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":0,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"title":"elevage-des-bles.com/bniyycir/dfsj/","dom":{"size":1787,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"e9bcfbd507de1da364f0ad5e7ea373f0","sha1":"9c5726d59cde57b5a4d8346f04a262df6a8524b7","sha256":"0398daa9575ba4fb691baa5df58b2887d8814f33eabed52c7f693a79f51ae5ff","sha512":"f5c7f290ae73d8cde74b0ab71bfdd78d5f7a3668b2fd43020378f8e0a0ce2be456f3bfcbf9d1eb97f3fb1d76f9fc80b5104b98885c0c24670e4358e72930f542","ssdeep":"","tlshash":"1531a853f4541c5ef3328761a8daf80583e2f625851c68a0f4ee74ae59d4fc281e727e","dom_hash":"domhashdb906e9700822a8148a44951f11eccbc","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":0,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-22T03:38:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-18","alert":"Phishing Block","trigger":"elevage-des-bles.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"elevage-des-bles.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"elevage-des-bles.com","ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":18,"request_count":9,"received_data":334310,"sent_data":4667,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/assets/js/CRKdQYY6.js","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c8228e92aba54c134eb2389db38261fa","sha1":"11b38192b0e885fbc4c0d3e5e062ed0146da5378","sha256":"6984a1bbdb2a28cc2a40734ea08ef18ec6781e03535dae078dcc97f787ee9957","sha512":"4843e2ba4010a3d4f87cb46100588b2d250d9713022d875ddf3152d1ce3bb156216c801e7d2b372a9fcc7684adb9e36230d6cfee52a8e5426ba61aff8f3756a3","ssdeep":"768:YzJENSox0h6wlGVpUQJaFJCy+K7WE+0cGzksqfz1Bc7DxnywTM95JhKS6DSBiU2b:HePQ9c3wMv","tlshash":"f903fac8b261546683e2a1a380750203f33899557408865cbb2ceef7ad7eeca7173f75","size":41156,"data":"","first_seen":"2025-06-26T16:12:55.034925Z","last_seen":"2026-05-18T03:38:38.91218Z","times_seen":13232,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-05-18T05:39:36.30215Z","times_seen":219647,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-05-18T05:39:36.301271Z","times_seen":660272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"71a0128471d6e4004b7320e40437448490396c60348c848051048c721c651108236c1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-05-18T05:39:36.30215Z","times_seen":219647,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"428004d533c350004753117c04571cc4d034447014444d405040d4531c570315115c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-05-18T05:39:36.301271Z","times_seen":660272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/assets/js/CbtgdPhf.js","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f8a8632f25fc1c3e23d94b50bdd30da1","sha1":"5682863aad08ed655ef495cf9df47670c1ee3c99","sha256":"d0fb2d1dc8bc746f546ce0add0104241eecbdf7b7054ce2e2f05844557de97fc","sha512":"37a89b77f4b6c4df1372fe30c28224005c345b8d50dfebd8ad2474f4160737446500f33a193691e2459bd9903db7a3d7223f32bfa20631dc32c621ac8b9d4d30","ssdeep":"3072:YA1jGAluQUVTCNDJxY+SfORAUg/U3kIEj2y46yLyBZ/1bl4k:YoGAmEDJDMORAUg/qy46+yb1bT","tlshash":"933439dd7286b0a253b324f1013f100bf27a296a7449d498f19dd8ca3cb9649927bf7d","size":242574,"data":"","first_seen":"2026-01-17T05:55:25.857749Z","last_seen":"2026-05-18T03:38:38.914607Z","times_seen":112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/assets/css/CWKIglBF.css","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://elevage-des-bles.com/bniyycir/dfsj/","date":"2026-05-18T03:38:12.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elevage-des-bles.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 07:34:09 GMT","end":"Sat, 15 Aug 2026 07:34:08 GMT"},"fingerprint":{"sha1":"A3:1D:B6:EF:BD:BB:C2:EA:30:90:80:69:CB:0D:3A:3B:E6:C2:59:D3","sha256":"30:1C:EE:EE:B2:61:FF:40:17:4C:BA:B8:C1:C8:BD:79:C6:82:A1:68:14:F0:F6:2F:57:7B:4D:C3:3F:97:02:BF"}}},"request":{"raw":"GET /bniyycir/dfsj/assets/css/CWKIglBF.css HTTP/1.1\r\nHost: elevage-des-bles.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://elevage-des-bles.com/bniyycir/dfsj/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Mon, 18 May 2026 03:38:13 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 02 Dec 2025 16:35:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"692f1536-5422\"\r\nExpires: Wed, 17 Jun 2026 03:38:13 GMT\r\nCache-Control: max-age=2592000, public, max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21538,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20108)","md5":"13d6bd63c8f99f179332a87e39c72026","sha1":"046fe6825f75b508a7489a3f675ff51a21d86228","sha256":"e70d606b957cb6b8898562ec303ecf9c7344943a77291236ed4e1ccde398ce24","sha512":"4e8c7de53109ff5e330e745122919271834a2f0e56910a969d4523eb35e5c28f80bd4d263369dc6a334be30bb410d29022677ce03edfae0643b26753c4ff1c35","ssdeep":"192:bbxwOW9JyW9Jy4y3NpEpTgyxr4T+zA+x731X/T/HZNReLb3Izh:RwopEp1PzLX/T/HZNRLh","tlshash":"13a2331e6e1405767d5380f6f5e5eb49b21ab0c6ef26a7febd822500d7c63a61c82708","first_seen":"2026-01-17T05:55:25.860639Z","last_seen":"2026-05-18T03:38:38.910595Z","times_seen":112,"resource_available":false,"data":null}},"time_used":506,"timings":{"blocked":200,"dns":1,"connect":96,"send":0,"wait":99,"receive":1,"ssl":106},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-18","alert":"Phishing Block","trigger":"elevage-des-bles.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"elevage-des-bles.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/favicon.ico","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://elevage-des-bles.com/bniyycir/dfsj/","date":"2026-05-18T03:38:13.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elevage-des-bles.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 07:34:09 GMT","end":"Sat, 15 Aug 2026 07:34:08 GMT"},"fingerprint":{"sha1":"A3:1D:B6:EF:BD:BB:C2:EA:30:90:80:69:CB:0D:3A:3B:E6:C2:59:D3","sha256":"30:1C:EE:EE:B2:61:FF:40:17:4C:BA:B8:C1:C8:BD:79:C6:82:A1:68:14:F0:F6:2F:57:7B:4D:C3:3F:97:02:BF"}}},"request":{"raw":"GET /bniyycir/dfsj/favicon.ico HTTP/1.1\r\nHost: elevage-des-bles.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://elevage-des-bles.com/bniyycir/dfsj/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Mon, 18 May 2026 03:38:13 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 22382\r\nLast-Modified: Sun, 02 Nov 2025 11:47:18 GMT\r\nConnection: keep-alive\r\nETag: \"690744c6-576e\"\r\nExpires: Wed, 17 Jun 2026 03:38:13 GMT\r\nCache-Control: max-age=2592000, public, max-age=2592000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22382,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"891e510219786f543ca998282ed99f45","sha1":"19fe2ff6a2418bcb44b02308b998cef84199ee08","sha256":"e4bdf72e2f803f7e19907c12f407ac7f7cd5f1f94bfd730b9be24b0d49191b48","sha512":"e6729e7e1ed1909297317e249adb7af6c230b2a7082ea792c7776fa5037c8ed8aaf02bcc4015334b6c439732f965ce19291ffe863126d0c20bed9a0c89c4a95b","ssdeep":"48:sSY37LOM5M80I15CEARV/acnFNOpaF/vXE:sSw7LOekI1EE+fPOpaF30","tlshash":"4ea290bf6358f8d5d25d4ee0c91d82fc16196e20f8e0858f2a303e7d76b9ee28401617","first_seen":"2023-04-12T07:52:52Z","last_seen":"2026-05-18T03:38:38.911041Z","times_seen":14846,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"elevage-des-bles.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-18","alert":"Phishing Block","trigger":"elevage-des-bles.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/open/?apiName=8%2FMVRL7DpdYFJ0SZkVX%2FTKsPpW7dpCyr2WbXsK%2FdHFfUsi6reK1dRLc39vEYrcEx","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://elevage-des-bles.com/bniyycir/dfsj/","date":"2026-05-18T03:38:13.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elevage-des-bles.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 07:34:09 GMT","end":"Sat, 15 Aug 2026 07:34:08 GMT"},"fingerprint":{"sha1":"A3:1D:B6:EF:BD:BB:C2:EA:30:90:80:69:CB:0D:3A:3B:E6:C2:59:D3","sha256":"30:1C:EE:EE:B2:61:FF:40:17:4C:BA:B8:C1:C8:BD:79:C6:82:A1:68:14:F0:F6:2F:57:7B:4D:C3:3F:97:02:BF"}}},"request":{"raw":"POST /open/?apiName=8%2FMVRL7DpdYFJ0SZkVX%2FTKsPpW7dpCyr2WbXsK%2FdHFfUsi6reK1dRLc39vEYrcEx HTTP/1.1\r\nHost: elevage-des-bles.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 3655\r\nOrigin: https://elevage-des-bles.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://elevage-des-bles.com/bniyycir/dfsj/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":3655,"data":"{\"data\":\"yNjK3jASDlZ98aVzGGesJpjSAy3DmYyuLXbRWuqZZYiaH3cr2YhLFcPOKuE%2FdfS%2B6rh0y8Dyk3gmoy2oM%2BdXB14AUhDyMSrtMYbACb%2F84w4gLNm7iyfS1uT04ufMA3%2BqCehcaWnNe0OA1MlMToEgm5DpzuK%2BZomRb0%2FfLRO9J2UYFrRM2VX008RmKLDM5WVxlrysT0YraDwaaOzXK9g23CIk8NKLqnmNNuYzmfmZDqv2He6gHJFBzUuAqkk2oYdBSPFtgFV1WR1Q%2BeJAfnnKexsEw8aEu5O2RWb9H3DT5ASRUIvuERn4%2Fr0yJzg6DHHSzdP5ef34nYE0xzR%2FKHb%2BQFyGTPLdGdirvcbn%2BzTEehIKvlJkhwtLcPbWzC3AgbRBvzTdG1RzaEDhvbXrY7GYN%2F%2BdbWFN2T5YEpyND258Ad%2FBfz9e0K9Tq4FLZkIJvSWpHMZK2QCORkdoW%2FXIWnasL4vk2niUVhhFbyPHnwNa%2FxO%2Fpc5fgZr9DQp2%2FZ%2F7hiy1zQLmD5CxXaaiQkuHXAB72WREEppjVKApo4pKDiSm6ntsotASnGx%2BqvPCGFy5ZCXxP5sKpS58iwB32SMsQIphdogKe4%2BfTums7MOxs5pqtH8Qxjo1lyXScCrSLZxhFB9APeEDPwj6bgJZFlY%2B0ZUG4FaLAW4veUnFjYq4YcZSNklRble4xhGoSnnYZmsY9sNLjfogDkyRUTRTi2hbP62CeiPS23LAI6MeNTwlNsUitjzn2%2B3aKgF%2Fj5urTbuxwzia8qc4u92S%2BESPIsyg1WWZNijzczOe3191lg%2B6ax%2BfUgnZ4QTHztKiVOJcHgxa%2Bpjr7KskKDn%2F205CfckmiagBBcfe1naZoEvRFVrOkGX2daZeIKmdnLaPwE7EZCEBuAx4hRrXvuXPmcbHvEcx2QZIcUICbqNtVVnNCG4iL0L3y62yW%2FUOw41x4YFiiBVOIjgxouShzlchJdV2P3yFdsqMGG%2Fom3Sh4f%2FrVfXSmMwmmXUpvDF%2B%2ByeApPlDvzlr3KEaeDqcVItCLu9xVJKdCp1KZ%2FbDwrBypuoJAWMQo%2B1gW0I6IFZCbcZTB4yWqxcPIJPYOCOvma1aJqoqAp2o9Zd17s8hjYyjVHpjZToARvl833Z1MqA34mdB85dilFICFaXeRngCeTMTgwfv1H3OslZF8216paWomIHo1n%2BvKB4%2BggOgDCEymPGavXHeoKTJ8RyIBcphDKjTFd1bBJ1JnSlmBt%2FgSTHcjOmoinUA9Yn6Eym8t%2F1wRuA0htRMon111G%2Bsf5%2Fi4HUqB%2FFCYWPm3bW%2FzjfPwdfzsqkgMagtcnf8HXKqs%2FZnBfFp6M9CFBiJ%2BPvJf3SA332Mz5iIUcaXXSkCiHLBoB5S4UqltRGAkkqeZuJ118Shx8JdQKNZ%2Bx1sNJu5fzfns2u%2Ba3laU4%2F09YC9k6s5mGJDSrWkyc3tNHaRIpgu01%2FRnlJVJ942SBEWXFe%2B2o9oTQj8FsNyTeGcbnnOpPtesmC7xM0uq%2FP%2F%2BImQUV862X%2B%2FN5MHA66ZYa8Gx5cwpPfQupqpnqQjzrQ9pwrmyxpHatAwxBoMWTnWvhRqVvneZvsbF%2FQhJNyqDqikboGhkj%2Fbc3W0I05d18cX0%2BgK2ytwOEyum%2F1JeHDy0PKk6Z9Zl4KhHy1QH67OofxfLrEvmWvPOxmJQFVEfKX6P%2FyHafRg6Llxtq3T79NF3ryN09mVM9M9uZJ6czV%2F3KwIuUpm7rWP%2FVQfn%2FVkCPygBpbRUcvgveG1O3TwkZRRRgXYda5F8D%2FHqwS3AiSSRnJfDp4RUNxBVhM57EQYXTG3WWYXRznphQjWRaacUs04TcaLgcXfVOY758Z%2Fo3KoSz7chbp0UhmtuByOhzdQXow1Cod11dIhzk6brAJvTjOtU5pEx8fFuylOKFTIJDr7gPCeHex%2F9rURp%2F39b9zgn2JNLd2BpCP1rJRFwdsmA%2FJdyNoEJQmBOlBbSJY4rxRiK%2B5g5exNlBoqBc7XdRBX7sbxhRdhZjUlZMcUCxkN7IgENAyCk63szqjCnioNvs55vrtfsV5AvabJ%2F0zBVRTSYcwd81HEfJ1A3BwP%2Bcel7PfWM3hRGburBhE4M8m%2BnxNxvM9alCJecbTRua09QHilAET0uQ7CHu6L3nq%2BSqamjGWIRLJ7yNpiCapVu8mPJHVD0ygFECe0sVzv0OwQPG%2FXXsByBLGCiH%2FJHhUJCUoh8v6wdyfz%2FfAmbVKYV3glF1hQTFI%2FO2HxsqZfKE7NlzWxtQNYzOB4H1adcelYe6GXqXYB67rfAsd3EJKBQGXVGMGy5OXEKEqxGLngrCcfxOEg%2BAAQzd8%2FGvAGu%2F9v03GUKkyafKn2eXNsnHZmxZwrfWaEMgaox1W3%2FP4g%2BUAnDi7Fz85IIGs2k37w53qRbpG2y0s1xZEhanHMM5WfifppLIMzCirQKuplW%2But27F%2FtY90ms8gYPOpwux0QmtSKY3JcE%2BocbAYNTy75vu8TBOlvWPk3a0pMnERJ2k38%2Fy8QU9JkZKIlNBL%2FSObq4ael5w%2FNREGgz0nzUVY4qF5T0Ota19d5v6R3YeFemOTCxd300zoS80z8Uj%2FBocXmGs1lDSZHzmDLvQhdVL3MY5Tao%2Bk8xbxWnopiG1AxWwPn%2FoIn5El2625w4LGXBFTP4iIxV4XVgT1Miq0uaGr6aagETxF0jg0g0qyGTbuQt0DCXRWxTs3JNsA3KmBHe%2BeNFtfYRW2R9lyydCvQhGgbCBmvvHXZoJdU8Z9Ljy%2FNykp1oh84r6KDzKjjGtKlqx8j1Dks88Hvgye46tfvYS2WiSGeHuirRlaXWdowS4rSfmgMOMbmp0t05t23VQU47LiJ5yJGxVldOKjkJZQWPmyaFO8SXMqS%2FxMOzs2%2BdSPV6P47a0PUdwK5nmckw6T02wzwRZP3oILrsnnopd%2FFrVyPzM1AllpRJfGmfstzMMxAwPtbBXKj8xW%2FrdeHbvUbnjECYj4GKrllWyTBpZ428etl%2FRleX1KT%2BCB08GZ%2BAlJel1YdUEX1EMovJ4o2J2WCOhDvsqSaPQLeDHqrjZ7H5OkZj3qw1nyvEscPlAOu2SmpR7TWlx88NZHAbVPj2%2BoE4KlvXSDA1bTPWcoNs6j7EIywBHf5uPP7jvhrgvX4BkXlM3zY8p61p9RzEaZsa4g4vX7HQCX6RjS8Nq6eOz9o0Q2TfyPfOgj8nZ8dzSdf3VZ0VemSKYuZHPyk86RV8l%2FQp9l6e4RUdF2UXuxze%2B2V2mHvrEgfm%2BfrL%2BrmO%2FCbmzP%2BqyM6YygM%2F12HrntQ2VmHnXlPhIrkrkqQ8YiNBRyf1YcXSJ7Cd5vun73tbc7SN4ZcJ4yvk5sfd%2BmmeIBl8F6ENoJLluAUX1ETUiCaUpEnRWzVKNEIUfkS7xj4iXu1%2BRkNHVgeVivfGeNPpp0Pxqq5Q%3D%3D\"}"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Mon, 18 May 2026 03:38:14 GMT\r\nContent-Type: application/json; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin\r\nAccess-Control-Allow-Origin: https://elevage-des-bles.com\r\nset-cookie: locale=en-us; path=/; max-age=31557600; expires=Tue, 18 May 2027 09:38:14 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"e0a4a09f97c732edeabd8580d721e7c2","sha1":"f0e11c0e56128ba246d782c8678a2f88f4e2391b","sha256":"8bc55f760a8ad956e66394c3a32b26711b660c74d20d358b35ec1e3b2ba2c728","sha512":"1eca591203c21924c9b9582a162a01001acf4b5f1449f7842a0d171e99b265a34ca9bc7eb61d77ce4601e20e8d51748cc29b8d6df0072a6b9b91b6c6da0dc41c","ssdeep":"","tlshash":"9b800082020cace823233802320e2a8820e830a0c2802aaaac2c023c8f08c28e083220","first_seen":"2025-06-24T22:10:16.160171Z","last_seen":"2026-05-18T06:08:15.586919Z","times_seen":42718,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":110,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-18","alert":"Phishing Block","trigger":"elevage-des-bles.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"elevage-des-bles.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/assets/js/CRKdQYY6.js","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://elevage-des-bles.com/bniyycir/dfsj/","date":"2026-05-18T03:38:14.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elevage-des-bles.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 07:34:09 GMT","end":"Sat, 15 Aug 2026 07:34:08 GMT"},"fingerprint":{"sha1":"A3:1D:B6:EF:BD:BB:C2:EA:30:90:80:69:CB:0D:3A:3B:E6:C2:59:D3","sha256":"30:1C:EE:EE:B2:61:FF:40:17:4C:BA:B8:C1:C8:BD:79:C6:82:A1:68:14:F0:F6:2F:57:7B:4D:C3:3F:97:02:BF"}}},"request":{"raw":"GET /bniyycir/dfsj/assets/js/CRKdQYY6.js HTTP/1.1\r\nHost: elevage-des-bles.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://elevage-des-bles.com/bniyycir/dfsj/assets/js/CbtgdPhf.js\r\nCookie: locale=en-us\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Mon, 18 May 2026 03:38:14 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 02 Dec 2025 16:35:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"692f1536-a0c4\"\r\nExpires: Wed, 17 Jun 2026 03:38:14 GMT\r\nCache-Control: max-age=2592000, public, max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41156,"size_decoded":0,"mime_type":"application/javascript","magic":"data","md5":"c8228e92aba54c134eb2389db38261fa","sha1":"11b38192b0e885fbc4c0d3e5e062ed0146da5378","sha256":"6984a1bbdb2a28cc2a40734ea08ef18ec6781e03535dae078dcc97f787ee9957","sha512":"4843e2ba4010a3d4f87cb46100588b2d250d9713022d875ddf3152d1ce3bb156216c801e7d2b372a9fcc7684adb9e36230d6cfee52a8e5426ba61aff8f3756a3","ssdeep":"768:YzJENSox0h6wlGVpUQJaFJCy+K7WE+0cGzksqfz1Bc7DxnywTM95JhKS6DSBiU2b:HePQ9c3wMv","tlshash":"f903fac8b261546683e2a1a380750203f33899557408865cbb2ceef7ad7eeca7173f75","first_seen":"2025-06-26T16:12:55.034925Z","last_seen":"2026-05-18T03:38:38.91218Z","times_seen":13232,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":198,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-18","alert":"Phishing Block","trigger":"elevage-des-bles.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"elevage-des-bles.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/open/?apiName=oWcpgi%2B8y9yv9%2FGY3ZqXxiQnTOMBJFPYHTeJ7Tr6JCk2jihOg9%2FDwaPxcUKS7Of1","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://elevage-des-bles.com/bniyycir/dfsj/","date":"2026-05-18T03:38:14.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elevage-des-bles.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 07:34:09 GMT","end":"Sat, 15 Aug 2026 07:34:08 GMT"},"fingerprint":{"sha1":"A3:1D:B6:EF:BD:BB:C2:EA:30:90:80:69:CB:0D:3A:3B:E6:C2:59:D3","sha256":"30:1C:EE:EE:B2:61:FF:40:17:4C:BA:B8:C1:C8:BD:79:C6:82:A1:68:14:F0:F6:2F:57:7B:4D:C3:3F:97:02:BF"}}},"request":{"raw":"POST /open/?apiName=oWcpgi%2B8y9yv9%2FGY3ZqXxiQnTOMBJFPYHTeJ7Tr6JCk2jihOg9%2FDwaPxcUKS7Of1 HTTP/1.1\r\nHost: elevage-des-bles.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 617\r\nOrigin: https://elevage-des-bles.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://elevage-des-bles.com/bniyycir/dfsj/\r\nCookie: locale=en-us\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":617,"data":"{\"data\":\"5An%2Fu%2BFcxfmRoKMIdVQJ0rB4kIdE%2BsVXgNnUucGEuDOpDXZZAvkdJDFHgiomwVW66MhA%2FLiuXwzKfMEvUX8YglSowqCOy57nOADPyclGbAl6ZP0ozETFkyB%2Bj7Vy5wQY2Sns61RopbTDqYQJWxWi7DVauvOjXYq6t4iIiov47C78%2FQNTxjiqH1%2BJAuiovLUkRg0jpjoAIZNPUSgk1d79ft%2BUUV1t5EAxTvsmTwh%2FhEqnDWp9JsB%2FF%2BET6n4JWmsYEDlDsT1nlPnfwPHghYZnXrqtQ2bG2VNwz%2BLg%2BdF7lFtAofAuqhfMoKJaLlMX%2FjIi3vZXxiK44RIP%2BpP%2FEXHErmCa%2BdbZ2jokbtaHMaPUEbGOmz4fg7zE%2FHFZfySDexgqRdWV2%2FENHg51VhVFHvkCUTijl%2B4OWaGe1GUC1FiIVFIvpfdMV3%2BNgTdm2Rhy8BaTGLaqqw1CUJYZZ0nf00DoVduDlu7qyY4M69vRrawX5ZLsgiwxAK12mWAWkUJldIdICIbOQqDLH%2FYfSOMz1wmZb2u2lpCY%2Foyxwj%2BErrDjsWI%3D\"}"}},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.3\r\nDate: Mon, 18 May 2026 03:38:15 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 9\r\nConnection: keep-alive\r\nVary: Origin\r\nAccess-Control-Allow-Origin: https://elevage-des-bles.com\r\nset-cookie: locale=en-us; path=/; max-age=31557600; expires=Tue, 18 May 2027 09:38:15 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"9d1ead73e678fa2f51a70a933b0bf017","sha1":"d205cbd6783332a212c5ae92d73c77178c2d2f28","sha256":"0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5","sha512":"935b3d516e996f6d25948ba8a54c1b7f70f7f0e3f517e36481fdf0196c2c5cfc2841f86e891f3df9517746b7fb605db47cdded1b8ff78d9482ddaa621db43a34","ssdeep":"","tlshash":"a250000c0003c3cc0000003030c0000000000300300000300000c000000000000c000c","first_seen":"2023-03-08T03:03:03Z","last_seen":"2026-05-18T05:46:12.739106Z","times_seen":79652,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-18","alert":"Phishing Block","trigger":"elevage-des-bles.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"elevage-des-bles.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-18T03:38:12.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elevage-des-bles.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 07:34:09 GMT","end":"Sat, 15 Aug 2026 07:34:08 GMT"},"fingerprint":{"sha1":"A3:1D:B6:EF:BD:BB:C2:EA:30:90:80:69:CB:0D:3A:3B:E6:C2:59:D3","sha256":"30:1C:EE:EE:B2:61:FF:40:17:4C:BA:B8:C1:C8:BD:79:C6:82:A1:68:14:F0:F6:2F:57:7B:4D:C3:3F:97:02:BF"}}},"request":{"raw":"GET /bniyycir/dfsj HTTP/1.1\r\nHost: elevage-des-bles.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.28.3\r\nDate: Mon, 18 May 2026 03:38:12 GMT\r\nContent-Type: text/html\r\nContent-Length: 169\r\nLocation: https://elevage-des-bles.com/bniyycir/dfsj/\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1787,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-18T05:40:50.377788Z","times_seen":15370036,"resource_available":true,"data":null}},"time_used":663,"timings":{"blocked":280,"dns":78,"connect":97,"send":0,"wait":98,"receive":0,"ssl":108},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-18","alert":"Phishing Block","trigger":"elevage-des-bles.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"elevage-des-bles.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-18T03:38:12.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elevage-des-bles.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 07:34:09 GMT","end":"Sat, 15 Aug 2026 07:34:08 GMT"},"fingerprint":{"sha1":"A3:1D:B6:EF:BD:BB:C2:EA:30:90:80:69:CB:0D:3A:3B:E6:C2:59:D3","sha256":"30:1C:EE:EE:B2:61:FF:40:17:4C:BA:B8:C1:C8:BD:79:C6:82:A1:68:14:F0:F6:2F:57:7B:4D:C3:3F:97:02:BF"}}},"request":{"raw":"GET /bniyycir/dfsj/ HTTP/1.1\r\nHost: elevage-des-bles.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Mon, 18 May 2026 03:38:12 GMT\r\nContent-Type: text/html\r\nLast-Modified: Tue, 02 Dec 2025 16:35:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"692f1536-6fb\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1787,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"5431e1fe86f22d1617cf988f45c2274e","sha1":"250228f6376fa2204817c9f90509243fb90ce9d9","sha256":"a094f82c6c49af1e8f90ffb46f009e247fa26f9c650aa993d94a09cd0d75194e","sha512":"151e27d59e5f2f6d7f85c8d82f3efc820ac8b30a1a98737c0f52c005c400be3ab2b0081ccf4298aeca6e4bdcc678cafa6b57e71c9f5000d7969e1a90f3201bd6","ssdeep":"","tlshash":"27319753f4501d5ef23283a5e8daf80582a2f624c51c2890f0ee78aa4cc5fd292d727e","first_seen":"2026-01-17T05:55:25.855238Z","last_seen":"2026-05-18T03:38:38.914034Z","times_seen":112,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"elevage-des-bles.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-18","alert":"Phishing Block","trigger":"elevage-des-bles.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/bniyycir/dfsj/assets/js/CbtgdPhf.js","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://elevage-des-bles.com/bniyycir/dfsj/","date":"2026-05-18T03:38:12.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elevage-des-bles.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 07:34:09 GMT","end":"Sat, 15 Aug 2026 07:34:08 GMT"},"fingerprint":{"sha1":"A3:1D:B6:EF:BD:BB:C2:EA:30:90:80:69:CB:0D:3A:3B:E6:C2:59:D3","sha256":"30:1C:EE:EE:B2:61:FF:40:17:4C:BA:B8:C1:C8:BD:79:C6:82:A1:68:14:F0:F6:2F:57:7B:4D:C3:3F:97:02:BF"}}},"request":{"raw":"GET /bniyycir/dfsj/assets/js/CbtgdPhf.js HTTP/1.1\r\nHost: elevage-des-bles.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://elevage-des-bles.com/bniyycir/dfsj/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.3\r\nDate: Mon, 18 May 2026 03:38:12 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 02 Dec 2025 16:35:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"692f1536-3b38e\"\r\nExpires: Wed, 17 Jun 2026 03:38:12 GMT\r\nCache-Control: max-age=2592000, public, max-age=2592000\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":242574,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (26372)","md5":"f8a8632f25fc1c3e23d94b50bdd30da1","sha1":"5682863aad08ed655ef495cf9df47670c1ee3c99","sha256":"d0fb2d1dc8bc746f546ce0add0104241eecbdf7b7054ce2e2f05844557de97fc","sha512":"37a89b77f4b6c4df1372fe30c28224005c345b8d50dfebd8ad2474f4160737446500f33a193691e2459bd9903db7a3d7223f32bfa20631dc32c621ac8b9d4d30","ssdeep":"3072:YA1jGAluQUVTCNDJxY+SfORAUg/U3kIEj2y46yLyBZ/1bl4k:YoGAmEDJDMORAUg/qy46+yb1bT","tlshash":"933439dd7286b0a253b324f1013f100bf27a296a7449d498f19dd8ca3cb9649927bf7d","first_seen":"2026-01-17T05:55:25.857749Z","last_seen":"2026-05-18T03:38:38.914607Z","times_seen":112,"resource_available":true,"data":null}},"time_used":394,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":197,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-18","alert":"Phishing Block","trigger":"elevage-des-bles.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"elevage-des-bles.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"elevage-des-bles.com/77hjewsayjy.png","fqdn":"elevage-des-bles.com","domain":"elevage-des-bles.com","tld":"com"},"ip":{"addr":"107.172.153.115","port":443,"asn":36352,"as":"AS-COLOCROSSING","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://elevage-des-bles.com/bniyycir/dfsj/","date":"2026-05-18T03:38:13.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elevage-des-bles.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 17 May 2026 07:34:09 GMT","end":"Sat, 15 Aug 2026 07:34:08 GMT"},"fingerprint":{"sha1":"A3:1D:B6:EF:BD:BB:C2:EA:30:90:80:69:CB:0D:3A:3B:E6:C2:59:D3","sha256":"30:1C:EE:EE:B2:61:FF:40:17:4C:BA:B8:C1:C8:BD:79:C6:82:A1:68:14:F0:F6:2F:57:7B:4D:C3:3F:97:02:BF"}}},"request":{"raw":"GET /77hjewsayjy.png HTTP/1.1\r\nHost: elevage-des-bles.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://elevage-des-bles.com/bniyycir/dfsj/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx/1.28.3\r\nDate: Mon, 18 May 2026 03:38:13 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx:1.28.3","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"eb1be3f5478c6751f0de6e9128fecbf2","sha1":"94b9d1087b2551a6ab432abc63d64cafb5c212ad","sha256":"6e95d3011ecc51a72fec8b2a8e5b06b4e134c2b2cfe513bfce42d9029c6c8dd1","sha512":"78753808ec755c160823978aa8ebcc391c7c2c71a0b27c2271f2aa0be61349fff888e3775a9fbe9bef7f22d01adb60e1480356fa4654999ee40e6439e32f28e4","ssdeep":"","tlshash":"61c02b7d3513bc4cc5a3317422c37090c0da833764ba81128440810331cf3998ac3397","first_seen":"2026-03-26T19:37:59.367855Z","last_seen":"2026-05-18T06:08:11.947567Z","times_seen":1138,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-18","alert":"Sinkholed","trigger":"elevage-des-bles.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-18","alert":"Phishing Block","trigger":"elevage-des-bles.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}