{"report_id":"d14ce45b-425a-4f16-ae95-cba6581f1133","version":6,"status":"done","tags":[],"date":"2026-06-02T06:03:44Z","url":{"schema":"http","addr":"mc.itinfolibrary.com","fqdn":"mc.itinfolibrary.com","domain":"itinfolibrary.com","tld":"com"},"ip":{"addr":"54.37.197.40","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"final":{"url":{"schema":"https","addr":"mc.itinfolibrary.com/","fqdn":"mc.itinfolibrary.com","domain":"itinfolibrary.com","tld":"com"},"title":"Email marketing platform | Mailercloud","dom":{"size":7369,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"5acc820d8ed4eee4d0717d4bd00eff5e","sha1":"dbe10ae4c345cf4f5562ab29dca89e3f73eb2909","sha256":"0005e49f9c60659c58c54715d05696ff2b144b56f8b23efe4ca0d1394cd62b65","sha512":"5e64068f3b50318459accab267f7747bb1da2aca5c21bf91b396c1d8e388e6ac786714d902cd56b857368bcc0efea02bce889af1049046fb6ba79ff05a7cdcc6","ssdeep":"192:N5AI666sytp/iGWy4UDHH7aYWDBZ6ZLezO9aJmAVP9Ap:wv4q","tlshash":"44e1502745f3525b3582fa6872b0e7259e619053fd0bcc86be8e035ccf94a5249e778c","dom_hash":"domhashc441698ada362c6b9f1bf127b2f8de59","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"mc.itinfolibrary.com","fqdn":"mc.itinfolibrary.com","domain":"itinfolibrary.com","tld":"com"},"ip":{"addr":"54.37.197.40","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-07T06:03:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"mc.itinfolibrary.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"mc.itinfolibrary.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"mc.itinfolibrary.com","ip":{"addr":"54.37.197.40","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"2019-04-26","domain_rank":0,"first_seen":"2025-10-01T11:32:59.524131Z","last_seen":"2026-04-01T23:52:25.520851Z","alert_count":4,"request_count":2,"received_data":10043,"sent_data":948,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.mailercloud.com","ip":{"addr":"104.26.0.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2011-04-14","domain_rank":0,"first_seen":"2021-03-24T21:35:23Z","last_seen":"2026-05-30T09:39:02.844552Z","alert_count":0,"request_count":1,"received_data":7916,"sent_data":464,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mc.itinfolibrary.com/","fqdn":"mc.itinfolibrary.com","domain":"itinfolibrary.com","tld":"com"},"ip":{"addr":"54.37.197.40","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"e50f6aec18caa729508b24dd578caf2f","sha1":"6af464a9cf38d001e8372a5c85411e39f3870901","sha256":"3ee669a1174c7257d8acb139b628b07fea7bb50679120dd79000a0cec49925f4","sha512":"6b2e10fde94138fa28a43bd773cf27633f993fc8d4cf5280fbf0ed9a4edc79c5c33ec03f6a5cec9c74459e746e6c92f6dcccb3c06e052cd2dc794a04e7b54041","ssdeep":"","tlshash":"f5a0128711815820017b21561220434c192090933c408036b90c13004710841c43d541","size":81,"data":"","first_seen":"2023-03-11T15:36:20Z","last_seen":"2026-06-02T06:03:45.562432Z","times_seen":815,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"mc.itinfolibrary.com/","fqdn":"mc.itinfolibrary.com","domain":"itinfolibrary.com","tld":"com"},"ip":{"addr":"54.37.197.40","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-02T06:03:22.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mc.itinfolibrary.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 23:32:31 GMT","end":"Tue, 21 Jul 2026 23:32:30 GMT"},"fingerprint":{"sha1":"AB:76:8D:D4:80:2B:C0:08:85:43:01:0F:45:64:B9:0F:CD:39:2C:DD","sha256":"70:01:A8:7A:33:24:EA:9E:53:5C:88:91:10:29:87:27:4A:A1:8D:66:88:48:00:BA:E0:33:9D:C0:B1:CF:54:67"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mc.itinfolibrary.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 06:03:22 GMT\r\ncontent-type: text/html; charset=utf-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncontent-security-policy: default-src 'self'; img-src * data:; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://cdn.ampproject.org https://*.cloudflare.com; object-src 'none'; frame-ancestors 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://challenges.cloudflare.com; connect-src 'self' *; worker-src 'self' blob: https://ajax.googleapis.com https://cdn.ampproject.org;\r\nreferrer-policy: no-referrer-when-downgrade\r\npermissions-policy: geolocation=(), microphone=(), camera=()\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\npragma: no-cache\r\nexpires: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7994,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"2a704a592127a4ea4cb9708700cbefd3","sha1":"e8c03d7986565bc44b7fb8007297ea0b78165c07","sha256":"b7ea0853f8e2c614f777008e3fbea9cb9a07132f1ffaf7201c462e776087f8d3","sha512":"52f8d1c850436fde82d34cce86a8dee21b32b3923ccad5bd4181f5f2387e8c791f744cb7da559f6a450841dd82c6dc5c263c0fb4064db0d5106fbf22c5040da1","ssdeep":"192:Z5AI666sytp/iGWy4UDHH7aYWDBZ6ZLezO9aJtlKVPlsQqNlwRP:UvYsCQqNlwRP","tlshash":"7ef131274af3539a3546b67876b1b7059e65c043ed0bcd8abe8e036ccf40a5158d3b8c","first_seen":"2026-06-02T06:03:45.559958Z","last_seen":"2026-06-02T06:03:45.559958Z","times_seen":1,"resource_available":true,"data":null}},"time_used":570,"timings":{"blocked":271,"dns":204,"connect":28,"send":0,"wait":28,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"mc.itinfolibrary.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"mc.itinfolibrary.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.mailercloud.com/img/brand/mailercloud-logo.svg","fqdn":"www.mailercloud.com","domain":"mailercloud.com","tld":"com"},"ip":{"addr":"104.26.0.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.itinfolibrary.com/","date":"2026-06-02T06:03:22.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.mailercloud.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 07 Apr 2026 05:49:40 GMT","end":"Mon, 06 Jul 2026 06:49:24 GMT"},"fingerprint":{"sha1":"8C:C7:4A:68:35:AA:D6:2B:D6:9A:4A:11:6C:2B:A8:2F:63:7A:A8:55","sha256":"04:9F:6A:09:B5:97:69:F8:0B:54:BC:17:70:52:6D:D8:F7:B5:2E:89:18:1D:CA:BD:7F:DB:97:28:0C:A1:8B:C5"}}},"request":{"raw":"GET /img/brand/mailercloud-logo.svg HTTP/1.1\r\nHost: www.mailercloud.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mc.itinfolibrary.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Jun 2026 06:03:22 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding, accept-encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000, immutable\r\ncross-origin-embedder-policy: unsafe-none\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\npermissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(self),clipboard-write=(self),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),usb=()\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MeO1%2FxAjOPJhRfPFSkTg6QRt6Z2meAxiJBhBCvTBXPO%2BPf0n3ffrSabG1v4sEUIfAHdyOIH9NQx92JU%2BHSOf9KgYPJv6EtGQDpKz5AVrLb4O%2BUUrSULVBQ8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nexpect-ct: max-age=86400, enforce\r\ncontent-security-policy: default-src 'self' http: https: data: wss:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; worker-src 'self' blob:; style-src 'self' 'unsafe-inline'   https://*.mailercloud.com https://fonts.googleapis.com https://cdnjs.cloudflare.com https://fast.fonts.net; font-src 'self' data: https://*.mailercloud.com   https://fonts.gstatic.com; img-src 'self' https: http: data: blob:; frame-src 'self' blob: https://*.mailercloud.com https://meetings-eu1.hubspot.com; frame-ancestors 'self'; media-src https:;\r\netag: W/\"3038a9bec00d57bafbf75ae56fd97da2\"\r\ncontent-encoding: br\r\ncf-ray: a054412bac8a56c0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6010,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"67f41a4237de4353fb278974ca173d1b","sha1":"a837d700508b91ed0363719649bd06550506613c","sha256":"ada2a6474a6839846a885f846ca18cf43f34d10deeb5863cb458d3b96e653952","sha512":"0d7ecc40bd09475eea5a34b5c8bcc43263f2906b8d89b7686bd4bb3170487355af8a761f7fba7d03595204961109e5e9edd3e6c0d219a04033115cc32c5d0a8e","ssdeep":"96:+DHSGlkJLbiwh4ROFoTk6OLhIT2m90j+WZaiK/NG5gXnGTMbJ6PVZFp8k54rH:iHDk5biFOIOWqj+i+/NEgXG2J6rtOH","tlshash":"60c18e1d293e170bb143037455e174f5acda9c4a6c182dd3dee91409db8dbb434a7aa4","first_seen":"2025-09-10T10:13:53.893992Z","last_seen":"2026-06-02T06:03:45.561148Z","times_seen":800,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":51,"dns":25,"connect":2,"send":0,"wait":86,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.itinfolibrary.com/public/icon/favicon.ico","fqdn":"mc.itinfolibrary.com","domain":"itinfolibrary.com","tld":"com"},"ip":{"addr":"54.37.197.40","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.itinfolibrary.com/","date":"2026-06-02T06:03:22.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mc.itinfolibrary.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 22 Apr 2026 23:32:31 GMT","end":"Tue, 21 Jul 2026 23:32:30 GMT"},"fingerprint":{"sha1":"AB:76:8D:D4:80:2B:C0:08:85:43:01:0F:45:64:B9:0F:CD:39:2C:DD","sha256":"70:01:A8:7A:33:24:EA:9E:53:5C:88:91:10:29:87:27:4A:A1:8D:66:88:48:00:BA:E0:33:9D:C0:B1:CF:54:67"}}},"request":{"raw":"GET /public/icon/favicon.ico HTTP/1.1\r\nHost: mc.itinfolibrary.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.itinfolibrary.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/plain; charset=utf-8\r\ndate: Tue, 02 Jun 2026 06:03:22 GMT\r\ncontent-length: 19\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncontent-security-policy: default-src 'self'; img-src * data:; style-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://cdn.ampproject.org https://*.cloudflare.com; object-src 'none'; frame-ancestors 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://challenges.cloudflare.com; connect-src 'self' *; worker-src 'self' blob: https://ajax.googleapis.com https://cdn.ampproject.org;\r\nreferrer-policy: no-referrer-when-downgrade\r\npermissions-policy: geolocation=(), microphone=(), camera=()\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\npragma: no-cache\r\nexpires: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"595e88012a6521aae3e12cbebe76eb9e","sha1":"da3968197e7bf67aa45a77515b52ba2710c5fc34","sha256":"b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793","sha512":"fd13c580d15cc5e8b87d97ead633209930e00e85c113c776088e246b47f140efe99bdf6ab02070677445db65410f7e62ec23c71182f9f78e9d0e1b9f7fda0dc3","ssdeep":"","tlshash":"1270000c0a0202082020002822800020080802022a802220000aa00882008000800888","first_seen":"2023-04-05T03:13:11Z","last_seen":"2026-06-03T16:33:15.815688Z","times_seen":35544,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"mc.itinfolibrary.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-02","alert":"Sinkholed","trigger":"mc.itinfolibrary.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}