{"report_id":"cb78062e-abad-4f81-9668-05b85f6c6189","version":6,"status":"done","tags":["phishing","credit_agricole","finacial"],"date":"2026-04-28T13:34:25Z","url":{"schema":"http","addr":"agence-agency.net","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":0,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"final":{"url":{"schema":"https","addr":"agence-agency.net/","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"title":"Accès CR - Crédit Agricole","dom":{"size":30413,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1816)","md5":"2d63f4a3292a9f60c921650adfa18895","sha1":"bd826b7fe7e692d81e3ad4914222b506fbaa1b10","sha256":"79f7f54ff42741690b29df3439295954a0bb0c8525c7b82d5ff61a7f54c30ce8","sha512":"c047523fbac8d5861d88532ed3b4efffe2cb2caec65e80bfae5f1418b9d4b9baeef93f7cd60270172f3098f55d5f59ea1a02215c77b4c2e4343258b0eec4899d","ssdeep":"384:D0GvapaWraDhdQeOfQpQfVTChIqe/tBPuO:rapaqaDhdQeOfQpQfVuhIqe/t7","tlshash":"aad2513160f0183b07938581b6655b1a2f9aeb0bca4e5550baec0bd55ff3ca1de0f62d","dom_hash":"domhash391824913f13ebc9a8a39fd9da592887","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"agence-agency.net","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":0,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T13:34:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]},"summary":[{"fqdn":"agence-agency.net","ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"domain_registered":"2026-04-02","domain_rank":0,"first_seen":"2026-04-28T02:01:48.547981Z","last_seen":"2026-04-28T02:01:48.547981Z","alert_count":65,"request_count":13,"received_data":860047,"sent_data":6841,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Adobe Experience Manager","description":"Adobe Experience Manager (AEM) is a content management solution for building websites, mobile apps and forms.","website":"https://www.adobe.com/marketing/experience-manager.html","common_platform_enumeration":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*","icon":"Adobe Experience Platform.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"agence-agency.net/assets/fonts/Montserrat-Regular.woff2","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/fonts/Montserrat-Regular.woff2 HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/assets/css/fonts.css\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:01 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"15374-6477b35b70400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 86900\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":86900,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 86900, version 7.14548","md5":"e16f24733a7991e6832ed140c2723077","sha1":"922448f973b90fefd12c2fcddfbf09c536ee4a02","sha256":"c2b2cb00987bfe82494d234b5de4a36d217d20536e37e1b98423cc64efefca43","sha512":"c020b1239ade21b34bec28898bb9b8eed381de9981b978b572cfe56ac07bcf056e74e4477486a4776fef4e87707f2121bbfc940a4746e33ae8e29a1275c4b90b","ssdeep":"1536:KQc2aO6Ribyhv6CZGPONpy54FSqjDASY5XcmxNI5sZ1Tm0LTDZnPhk:KQc2abiFsGGX84zjDASSxOKjk","tlshash":"de83026bb40aa8a1e035e1f8bf0a24b3cfb3aa312c7057f95c277847eda69c4095d155","first_seen":"2023-05-09T13:31:38Z","last_seen":"2026-06-07T02:29:48.79327Z","times_seen":672,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":35,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/assets/images/icone_ca_pwa.png","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/images/icone_ca_pwa.png HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:01 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"2d1a-6477b35b70400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 11546\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11546,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"1672798339d9857c71d319a441c13ece","sha1":"ba562e9eb51185f653d43093a285c78d34bdc346","sha256":"3358b6f2d9351fd1fec303210400a4514cc55a851ad97d202cfc0f840e3f54a7","sha512":"f20faf492e686e02ff0139f59511b7a6583d47e61003700a80607d5f585f7121bfdb7955abb988723ccc1e9ce8ad69eb322f4225739aa433781394150ee2f6ee","ssdeep":"192:bhkNfsCxwlNenbnSbGvDSpcHXgf1hSOqgs8vVJKui32ycCO+DIvwVmvzNGtANur7:b6RQceSHXQ1o62H3ATwWHurpsCjt","tlshash":"0932bf8c977552f0930d66b9d2ba86e9893576090b81270bb5a818bdef4dc24b044aff","first_seen":"2023-07-01T05:24:01Z","last_seen":"2026-06-07T02:29:48.778202Z","times_seen":122,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/assets/css/dep.css","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/css/dep.css HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:00 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"29381-6477b35b70400-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Powered-By: PleskLin\r\nContent-Length: 20517\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":168833,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (1672)","md5":"0a220dedca1dd6a99ed78120ee7cf719","sha1":"9cb2469f8deeb980010c83914b58c411aa06413f","sha256":"0540a72dfc9dcb89dcfaf6f96bb578de7d4faa33d3d4cf350b33aa7548691058","sha512":"073489f8942300aa155d611fbe7599175580490123b088c24150c5249c791cbc3291f1cc6e9f307e453150a4ae804f50c3a09c20b85668cc42754e0afb444c5f","ssdeep":"3072:bzOs7zZt/Hxf4fz9kIOUAU/QKahzOjzO3zODzOF:/P7NcV/QKadkaUq","tlshash":"43f3a77602b31694683b98072bcf1e0a73795423880bdd99facf95444f896ba55c3f8f","first_seen":"2025-05-26T12:14:13.961913Z","last_seen":"2026-06-07T02:29:48.774331Z","times_seen":25,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":37,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/assets/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:00 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"580d-6477b35b70400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 22541\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":22541,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8a6438815d53936ba84ffbef78c8bcfc","sha1":"e178faa510c663b51d88b5979bbc53c73fcaf3e1","sha256":"5c44321c0ba44a1fa665ba4c928fbebd869a3082c458bd2d20a0d07a4e5fcc24","sha512":"3f1f451e53225e4ae8bbf17928afb2c39c0b53d53efe11e43441b0f2a2daf266b79c101ff65bedbac17ce6fad1eb7cfda71024bfa70e937b8d8420d2573b7e04","ssdeep":"384:80T7cbFOm/vXADhP6xypgGcFzcGmuJZ7aDLNOe4GiTM3+:fTIEh/SFzc5EZ7cLNH4GiTM3+","tlshash":"b5a201571308e7faaee1065c9b39189179dadc8be030f1d0aa7f2417d14dcd4a4acbad","first_seen":"2023-05-09T12:54:21Z","last_seen":"2026-06-07T02:29:48.777369Z","times_seen":876,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":89,"dns":1,"connect":30,"send":0,"wait":34,"receive":32,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/assets/images/logo-cadif-part-60-60.svg","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/images/logo-cadif-part-60-60.svg HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:00 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"3f78-6477b35b70400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 16248\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":16248,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"267925c136126fd813e021bb85ef59d8","sha1":"a6bae108371ab294c00d28c01f3e415feb7ed36f","sha256":"4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9","sha512":"b50c1d4c0f8d5f5eb73edf0652be6a236ea6f423fa98ed00687433ad0ca79f6241ebea29bde321c04508c06f197742a86fa9e93cff1843f6b5303b6231a6ea22","ssdeep":"384:8J0Wk6anSgin0suJ49kx4pytVNRYHwnI2np8yqKgpDTGbwn3sRKd:a0EOS3YJiktDAH8VnpeNp3Gbwn6Kd","tlshash":"ab722242c2a597b99dc3032e82741c9a3cd69cab7471f3bc68af1457d55ccd082ac6bb","first_seen":"2023-05-11T22:53:36Z","last_seen":"2026-06-07T02:29:48.788445Z","times_seen":809,"resource_available":false,"data":null}},"time_used":249,"timings":{"blocked":86,"dns":1,"connect":31,"send":0,"wait":34,"receive":32,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/assets/fonts/OpenSans-Regular.woff2","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/fonts/OpenSans-Regular.woff2 HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/assets/css/fonts.css\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:01 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"c404-6477b35b70400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 50180\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":50180,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 50180, version 1.0","md5":"a725497524525c361f0d545e4e8ec577","sha1":"b0135a2d4e69e1a7aeb1d269c9ee43e37fdcc29f","sha256":"893f7f57805f1a70e7cb63621dcc596e49fc87551d1231c7756b7a958bac931b","sha512":"d244234de9e160ff3abd5c998e02c43dad1e7fc3d4e49f8f1a8eea4606e81cd3674151dfee57761d5ca9ade97ba4aa25a26b48cbd326ecbfccba28ea90d7d66e","ssdeep":"1536:3E10IlQjT2ICysxLhauTP0gYoXzJ7uHIpJPPsy1Dlwmo:3E6BX2ImxkuLHY6zJaeR/1Zg","tlshash":"0d33f29093cb15227235c6f4e66d69f5bd762c812a1c5d7a06fa48e2c8f7d0f38f8960","first_seen":"2023-04-16T07:55:56Z","last_seen":"2026-06-07T02:29:48.781884Z","times_seen":2004,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/assets/fonts/Montserrat-Bold.woff2","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/fonts/Montserrat-Bold.woff2 HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/assets/css/fonts.css\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:01 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"15314-6477b35b70400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 86804\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":86804,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 86804, version 7.14548","md5":"5d01e6b586c901792ba220af37c171f4","sha1":"5e15bf15ff929945bd1b140c15da631142fd23ac","sha256":"294653dc1466dcda027c8ff4d80f7bc8fb074fc0daacab9afde68c1f7646bb1d","sha512":"793e2e3d212f618bbec61754965de4de5134355701c3caf2e77e258c33b573c65aeb5111727991452371c37d0ec93d40cf72594c94c1f0bc8b7ee74048bdcfdf","ssdeep":"1536:V/JGyMjkZNYqRi7CRqTX6WTkSPNJR0tE3iz0PwT3zuZOBdCmW2YoCznDO4wL1fhj:VBGChqb6WTLPzR0oiTT36QluDXm1fhGQ","tlshash":"688302c8f5bbb825cea4237f06a5b90e6d427d4c0da241dca8b76b8e2db81d7c573404","first_seen":"2023-05-09T13:31:38Z","last_seen":"2026-06-07T02:29:48.783024Z","times_seen":835,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":32,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/assets/fonts/npcicons-crunchy-r2401.woff2","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/fonts/npcicons-crunchy-r2401.woff2 HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/assets/css/fonts.css\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:01 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"f898-6477b35b70400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 63640\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":63640,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 63640, version 1.0","md5":"108c70331f4db7cee55cf954b544eab8","sha1":"2cab432ee37fe60d4b3e111e274c12d16cd95238","sha256":"3de91700b0970842a5cee28d7aee5f05bca56fa1951377a4e9470b19c3afc269","sha512":"69cb633464d1eb20e7732de28588e7747f4feaeaa18f168f06ed3cdb6478c569a0ebcbc23d085ed6ff43ccdad32c685b9a4e346fe7d5a681a7dda78a10877065","ssdeep":"1536:/BKEMLkKZnLT1OglLuz8oH3OaZqlZa+Cu/:/stdjOgtF+BZdVu/","tlshash":"44530289356e8dc495f11bd734a37ba889b1fd949d90cb996904f34ca2cc8d3603bb61","first_seen":"2024-02-06T14:34:10Z","last_seen":"2026-06-07T02:29:48.778992Z","times_seen":31,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":49,"dns":0,"connect":0,"send":0,"wait":32,"receive":63,"ssl":34},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/assets/fonts/OpenSans-SemiBold.woff2","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/fonts/OpenSans-SemiBold.woff2 HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/assets/css/fonts.css\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:01 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"cbdc-6477b35b70400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 52188\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: font/woff2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":52188,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 52188, version 1.0","md5":"dbee1c4201517c33a8c7269601afc5c7","sha1":"2ed85013b2fd9b904264bebfa842a25b9f8259b4","sha256":"0617aa7cdb72567c16c28fee6d42a6cc466df1e02212f98596b5cb429b6a173c","sha512":"a1d6d2669709d42446345b8e3e487b33f6c5d5a0905e95a9d9d1ff9915563091a766786005d2f9fc3e0a06532db7a5efbdac7131a5adaee8596a80abc7924b1b","ssdeep":"1536:nLU265iFQ3SYtzjTc9HXFqiqIA4Ik2Dxz+4l/6Z:Lt6Ye3ftz0SkkzxG","tlshash":"4d3302505e3068f8ffe45e7b81972c3a690a161058f14c944befd2de4ad1e11dcd17ad","first_seen":"2023-05-30T00:22:58Z","last_seen":"2026-06-07T02:29:48.770278Z","times_seen":686,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":37,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T13:34:03.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:00 GMT\r\nServer: Apache\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nSet-Cookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u; path=/\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Powered-By: PHP/8.3.30, PleskLin\r\nContent-Length: 5233\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Adobe Experience Manager","description":"Adobe Experience Manager (AEM) is a content management solution for building websites, mobile apps and forms.","website":"https://www.adobe.com/marketing/experience-manager.html","common_platform_enumeration":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*","icon":"Adobe Experience Platform.svg","categories":["CMS"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":34715,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1417)","md5":"e9474d7ccb0e529e96e84fce759d99f2","sha1":"6df41fc624c7aeea6eb7cd4d4a92e6bba485e5d1","sha256":"a945abf79a332e5e6b9d7041ed46e1896290beaa4494930144daad316065ef0b","sha512":"5ec22556f26c5750d16f2aac547ed98baa15bd3ade4dc780b1d400268d1a7ca243392cc2efc2fbca40bcbae6aee9d541be24d895fceaae66f2a6a533b97560bc","ssdeep":"384:B0PHaBaY3aF5hQ+ObKzKZlbKOSe9A277rTM:4aBaMaF5hQ+ObKzKZlOOSe9TM","tlshash":"15f25f3120f0187a07974581fa755b1a2f9aeb0bda4e5510baec0bd15ff3ca1da0f62d","first_seen":"2025-05-26T12:14:13.970396Z","last_seen":"2026-06-07T02:29:48.771748Z","times_seen":25,"resource_available":true,"data":null}},"time_used":362,"timings":{"blocked":163,"dns":94,"connect":30,"send":0,"wait":34,"receive":2,"ssl":36},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/assets/css/fonts.css","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/css/fonts.css HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:00 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"881-6477b35b70400-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Powered-By: PleskLin\r\nContent-Length: 373\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":2177,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (353)","md5":"9b953af7f089ec23d9538b434d4d915b","sha1":"877f773b1344788a1e977a1d6ca618f41e47b202","sha256":"66491e75dc89ccaa6cb53b0966b8f734544bb3761ad7e578ca621ced6d98b664","sha512":"c7709670f0ae201d0e5209b9c3495c128578b179e948cc34972a9215788254f2950dc90be139b6d38140a62feee79eff6b46c00fdc41c1888c7ec481446f8e02","ssdeep":"","tlshash":"e841f310d28b3613e9110c4f77ea7b251f1e343f3028d443b62c5a969eb2ea5a1a5f5f","first_seen":"2025-05-26T12:14:13.971929Z","last_seen":"2026-06-07T02:29:48.772518Z","times_seen":25,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/assets/images/CA_Logo_seul-1.svg","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/images/CA_Logo_seul-1.svg HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:00 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"3f78-6477b35b70400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 16248\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":16248,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"267925c136126fd813e021bb85ef59d8","sha1":"a6bae108371ab294c00d28c01f3e415feb7ed36f","sha256":"4a3b0d2a941677f6fb37a438d20deacc3cea1d6fdc728f72cf3d7ca099cc0ca9","sha512":"b50c1d4c0f8d5f5eb73edf0652be6a236ea6f423fa98ed00687433ad0ca79f6241ebea29bde321c04508c06f197742a86fa9e93cff1843f6b5303b6231a6ea22","ssdeep":"384:8J0Wk6anSgin0suJ49kx4pytVNRYHwnI2np8yqKgpDTGbwn3sRKd:a0EOS3YJiktDAH8VnpeNp3Gbwn6Kd","tlshash":"ab722242c2a597b99dc3032e82741c9a3cd69cab7471f3bc68af1457d55ccd082ac6bb","first_seen":"2023-05-11T22:53:36Z","last_seen":"2026-06-07T02:29:48.788445Z","times_seen":809,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":87,"dns":1,"connect":34,"send":0,"wait":33,"receive":31,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}},{"url":{"schema":"https","addr":"agence-agency.net/assets/images/acces_cr_part_carre.jpg","fqdn":"agence-agency.net","domain":"agence-agency.net","tld":"net"},"ip":{"addr":"185.99.98.9","port":443,"asn":29066,"as":"velia.net Internetdienste GmbH","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://agence-agency.net/","date":"2026-04-28T13:34:04.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agence-agency.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 14:46:03 GMT","end":"Wed, 22 Jul 2026 14:46:02 GMT"},"fingerprint":{"sha1":"A2:0A:33:D9:91:8D:D6:0A:81:C0:37:1F:F7:93:D9:7D:38:29:F3:44","sha256":"A0:28:88:88:80:80:61:E8:A8:32:8D:2E:7C:FF:7D:A7:45:30:88:07:CF:8F:F5:D0:17:DE:B8:0D:49:CB:10:AC"}}},"request":{"raw":"GET /assets/images/acces_cr_part_carre.jpg HTTP/1.1\r\nHost: agence-agency.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://agence-agency.net/\r\nCookie: PHPSESSID=v3ss0h2tq2acluladv3h08ou8u\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 28 Apr 2026 13:34:00 GMT\r\nServer: Apache\r\nLast-Modified: Sat, 03 Jan 2026 12:46:08 GMT\r\nETag: \"3b8cf-6477b35b70400\"\r\nAccept-Ranges: bytes\r\nContent-Length: 243919\r\nX-Powered-By: PleskLin\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/jpeg\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":243919,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=791, bps=218, PhotometricInterpretation=RGB, description=Diverse culture people using mobile smartphone outdoor - Happy friends having fun with technology trends - Youth, new generatio, manufacturer=SONY, model=ILCE-7M2, orientation=upper-left, width=1326], progressive, precision 8, 960x960, components 3","md5":"b259c4797d838add41da1047021d2480","sha1":"13de10f5a348efa8ff3d856f2e347eeff8a33579","sha256":"c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8","sha512":"bda9659c388a30ca6bc9ea1a7fa341fd8a10f0e46e581350e07659d0fffb3c28e89b0f8d68646dbcc8a4e72fb88dc06137e2bbe7dfddf8ecb8e7d169936a9b69","ssdeep":"6144:Hduec9C93xTGHicdM2vq8f3hloWeHI+MrlcZeuX:o86H/d68oWeoxrlcZnX","tlshash":"0c3412369f4adc83d0d014b5c5a4c347f102196aaaf3c206b7bcf5993fbb9948d58683","first_seen":"2023-05-01T22:58:44Z","last_seen":"2026-06-07T02:29:48.791436Z","times_seen":691,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-28","alert":"Phishing Block","trigger":"agence-agency.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"agence-agency.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Credit Agricole","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Credit Agricole phishing","tags":["phishing","credit_agricole","finacial"],"meta":null}]}}]}