Report - notaire-gay-friendly.fr/agenzia/

Report Overview

Visited public
2023-12-03 10:03:23
Tags
URL
notaire-gay-friendly.fr/agenzia/
Finishing URL
notaire-gay-friendly.fr/
IP / ASN
185.98.131.142
#16347 ADISTA SAS
Title
NOTAIRES LGBT-FRIENDLY

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

104

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
notaire-gay-friendly.fr	unknown	2014-02-05	2014-10-08 08:13:23	2023-12-03 10:53:24	16 kB	1.0 MB	185.98.131.142
www.notaire-gay-friendly.fr	unknown	2014-02-05	2014-10-08 08:13:23	2023-11-22 13:18:32	3.8 kB	45 kB	185.98.131.142
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-03 07:59:58	451 B	34 kB	142.250.74.74
www.avocat-gay-friendly.fr	unknown	2014-03-19	2014-10-08 18:42:23	2023-11-18 16:28:15	999 B	32 kB	91.216.107.79
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-03 05:48:43	1.1 kB	32 kB	142.250.74.3
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-03 07:56:40	2.9 kB	628 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-03 06:08:10	915 B	196 kB	142.250.74.74
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	2.4 kB	73 kB	142.250.74.132

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed
2023-12-03	medium	notaire-gay-friendly.fr	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	From	Size	First Seen	Last Seen
	www.notaire-gay-friendly.fr/assets/js/custom.js	ScriptElement	1.8 kB	2023-03-26	2024-08-21
Pretty URL www.notaire-gay-friendly.fr/assets/js/custom.js IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 06:17 Last Seen2024-08-21 08:59 Times Seen284 Hash ed0dda14796582c49f76eccf5ae206b9 a371231f433797d4bc95c5fe25b221e5be29973d 5e361ac949c2eb1cedee95730c8dd0d18ba6d3caf3e3eef0dbd8d0a4dfe4444e Loading...

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	ScriptElement	476 kB	2023-11-14	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:02 Last Seen2024-08-20 19:39 Times Seen12206 Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Loading...

	notaire-gay-friendly.fr/newtheme/js/jquery-1.11.3.min.js	ScriptElement	96 kB	2023-03-07	2025-05-09
Pretty URL notaire-gay-friendly.fr/newtheme/js/jquery-1.11.3.min.js IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 03:59 Times Seen8448 Hash f03e5a3bf534f4a738bc350631fd05bd 37b1db88b57438f1072a8ebc7559c909c9d3a682 aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Loading...

	notaire-gay-friendly.fr/	ScriptElement	474 B	2023-03-26	2024-08-21
Pretty URL notaire-gay-friendly.fr/ IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 06:17 Last Seen2024-08-21 08:59 Times Seen284 Hash 498c50f6ada8c7ad78ebe78710745121 4e0106f8429d9b31fa89cb2f7635c4fe9018e021 4cdb7c83dff622ea4160cac3fcc5ff02bbb1ae6c7c2c1b8da9d436bd17e6fc0d Loading...

	notaire-gay-friendly.fr/	ScriptElement	620 B	2023-03-26	2024-08-21
Pretty URL notaire-gay-friendly.fr/ IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 06:17 Last Seen2024-08-21 08:59 Times Seen284 Hash bb5f2e2ae2b843558e3a75ca753a8a9f df8c18c62889735fe0c679ae516916225dd947a8 82969c78cfec41ecf744baec7ad24e06d4fb271f20409eda7f5b18e20853a06e Loading...

	notaire-gay-friendly.fr/newtheme/js/jquery.singlePageNav.min.js	ScriptElement	2.6 kB	2023-03-07	2025-05-05
Pretty URL notaire-gay-friendly.fr/newtheme/js/jquery.singlePageNav.min.js IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-05-05 14:37 Times Seen300 Hash 136efaf3f861e19d4b76848e33d1827d fa74b2ad1714a56b9db920f0552e6d8e70f5e69e a52a28e52628e812dec406f6f5f197bfeb8b7746711a3b944d26280c1066a3fa Loading...

	www.notaire-gay-friendly.fr/assets/js/bootstrap.js	ScriptElement	58 kB	2023-03-07	2025-05-08
Pretty URL www.notaire-gay-friendly.fr/assets/js/bootstrap.js IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-08 20:12 Times Seen974 Hash cf1cf2fce27179c0de8a71c73b378f07 44a69a91c82f22941f0fd8c9f1c459eca33d8dbe d88949ad637b040b893c651e938b80f8a1aabc350c94c01c28e8a38fadab2df3 Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 08:55 Times Seen4634984 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	notaire-gay-friendly.fr/	ScriptElement	540 B	2023-03-26	2024-08-21
Pretty URL notaire-gay-friendly.fr/ IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 06:17 Last Seen2024-08-21 08:59 Times Seen284 Hash 842196e9e41f6dd773bd8770f40d9f0d f2c9d38f7fbca6e5d79bca5caeb4108e4972b9e9 df8532a1481d9e916ccdf08e8fccde228445d463d088ec649a6063f864edbf04 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js	ScriptElement	93 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:26 Times Seen10307 Hash e0e0559014b222245deb26b6ae8bd940 e2f3603e23711f6446f278a411d905623d65201e 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Loading...

	notaire-gay-friendly.fr/	ScriptElement	368 B	2023-04-11	2024-08-21
Pretty URL notaire-gay-friendly.fr/ IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-11 01:55 Last Seen2024-08-21 08:59 Times Seen284 Hash e9975c8107c06b25754d9f229f330846 eed6b30c280ccc47e802cf0f63020dfe912e0f22 5efad8e45db13a383a38808c27049c682db2598a8c47a419338713e1ad589867 Loading...

	notaire-gay-friendly.fr/newtheme/js/datepicker.min.js	ScriptElement	8.5 kB	2023-03-26	2024-10-04
Pretty URL notaire-gay-friendly.fr/newtheme/js/datepicker.min.js IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 00:23 Last Seen2024-10-04 10:53 Times Seen290 Hash 21aff2b9010b7b359dbf92654c33d052 ff4bff61c3a82a6e8a07d1325687cedb4d841cf5 1e84a9c72f005ba2321dbff2925146ff2d29acf854bc56975df8a3c231d0fe9f Loading...

	www.google.com/recaptcha/api.js	ScriptElement	850 B	2023-11-14	2024-08-20
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:30 Last Seen2024-08-20 19:39 Times Seen3579 Hash 57e10dcd72dd2953878092014eae522b 95ba7e48825c26c5d9395ef2edb73e790bce6fa7 c7b54326365940d062bce26ed41579eebcb4946a86ba280790b603926692bd59 Loading...

	notaire-gay-friendly.fr/newtheme/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-05-06
Pretty URL notaire-gay-friendly.fr/newtheme/js/bootstrap.min.js IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16 Last Seen2025-05-06 23:43 Times Seen1074 Hash 46b549bdc90920f18a911f186b9dd75c 3c639c4af5c036a6ee364215bd12c0b12937827d 1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5 Loading...

	notaire-gay-friendly.fr/newtheme/slick/slick.min.js	ScriptElement	43 kB	2023-03-07	2025-05-09
Pretty URL notaire-gay-friendly.fr/newtheme/slick/slick.min.js IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-09 07:28 Times Seen22746 Hash d5a61c749e44e47159af8a6579dda121 3b41b3bc956685015a347a2238e71db29dfa0dbb 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai	ScriptElement	69 B	2023-03-07	2025-05-09
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:49 Times Seen116157 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	notaire-gay-friendly.fr/	ScriptElement	60 B	2023-03-26	2024-08-21
Pretty URL notaire-gay-friendly.fr/ IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 06:17 Last Seen2024-08-21 08:59 Times Seen284 Hash d3374fe6764949817788f64ee5f8e0b4 c2e51fd047a7bd3e169df69a741ddd92a63cc0db 7e46ef7ad20104440e19471b632d1150c1fef896a5abadd161c4edf39f1e1c96 Loading...

	notaire-gay-friendly.fr/newtheme/js/popper.min.js	ScriptElement	19 kB	2023-03-07	2025-05-07
Pretty URL notaire-gay-friendly.fr/newtheme/js/popper.min.js IP 185.98.131.142 ASN #16347 ADISTA SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23 Last Seen2025-05-07 10:49 Times Seen477 Hash 068d64fd1715635226e7a4b91017c6cf ca344d4feda098dc568fea9591be7beefcc6b2aa 072214cac2642148ff8266b18c82fdc64428932369da84dec0562cf01ca58d32 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai	ScriptElement	54 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:57 Last Seen2024-08-20 16:57 Times Seen1 Hash c861c36c0a5f69a5a5dd9c4c3e9d7197 33baa50b28097434fc6d825bede2e4a0aad6e1fe b4ade37955b54d544ef9bf93e3ce31639f88474ad3391eee211a063e92326747 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8d799e5e3b9450dd4c1aef6e122df0de	22 B	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3187 Hash 8d799e5e3b9450dd4c1aef6e122df0de 1c074fc167af588bc86e54b4ceb4017ce0a7791a e69ebca4238490aa2b0c08845343b95b35a04efaca3e62b2732e1ca661bb3374 Loading...

	#2 Eval - cf1dd8609868435e7eb1006b517c1abb	64 B	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3193 Hash cf1dd8609868435e7eb1006b517c1abb 0fb005e6e00be62e448385d3ff0a2513e49f4806 a01b7ce49084f117d7034cc7571519fd95e62401da4c9976d4275da0dd08f8e9 Loading...

	#3 Eval - 224ac2edd48a4d27399a35d4a94d8f17	22 B	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3194 Hash 224ac2edd48a4d27399a35d4a94d8f17 33a0fd7fc8561e1cca8737032f7b24d32c47d171 bd86e6f419efd867fc86701b061f5cab02b0f38086c64d9a8e8f00b98bbc96cb Loading...

	#4 Eval - cf876ca4f502b2fa2671272b6f64b213	17 kB	2023-11-07 15:55	2024-08-20 20:32
Pretty Observations First Seen2023-11-07 15:55 Last Seen2024-08-20 20:32 Times Seen3188 Hash cf876ca4f502b2fa2671272b6f64b213 ab94320e0991ce49c95343610f2d38b5e8c8f28a 8d333c3dd690fdf8b52bf7827ca62cf9e923b844bfae8155bf33b5200b376d92 Loading...

	#5 Eval - 6ec693f23beae12db40073fa956c41e8	24 kB	2023-11-26 00:00	2024-08-20 17:55
Pretty Observations First Seen2023-11-26 00:00 Last Seen2024-08-20 17:55 Times Seen2 Hash 6ec693f23beae12db40073fa956c41e8 028bf0806eedb4337e170f5c0e11b81a86c55690 a8dc68adbfdd68130317849e3569d45f134ddd4f08aee1c3b2e3821bc7f794e9 Loading...

HTTP Transactions (43)

URL IP Response Size

notaire-gay-friendly.fr/

185.98.131.142

200 OK

6.6 kB

URL User Request GET HTTP/2
notaire-gay-friendly.fr/
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4570)
Size
6.6 kB (6647 bytes)
Hash
f9081da14ef08d0af0a7e0c1fad53759
31a1a2d9d1cc540565d5251b47ccf36b923b033f
40ca15678b2e1615ad3bfdeb5d0b0eae70d44b87745aa32440c84edc51f2cc7a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: text/html; charset=UTF-8
content-length: 6647
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

www.notaire-gay-friendly.fr/assets/css/custom.css

185.98.131.142

200 OK

212 B

URL GET HTTP/2
www.notaire-gay-friendly.fr/assets/css/custom.css
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
assembler source, ASCII text
Size
212 B (212 bytes)
Hash
953dd0506678e16a6d746d273ace394c
c5986f6159230209677d953bc60b4734dbb7b96c
a19add01e60b6ec2e39ec0892bb7fd433780be9981fd83dfe24f277a78b0f979

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/custom.css HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: text/css
content-length: 212
last-modified: Tue, 11 Feb 2014 16:43:20 GMT
etag: "169-4f224275d1a00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/font-awesome-4.7.0/css/font-awesome.min.css

185.98.131.142

200 OK

6.7 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/font-awesome-4.7.0/css/font-awesome.min.css
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text, with very long lines (30837)
Size
6.7 kB (6663 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/font-awesome-4.7.0/css/font-awesome.min.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: text/css
content-length: 6663
last-modified: Wed, 22 May 2019 10:34:31 GMT
etag: "7918-5897782c19327-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

www.notaire-gay-friendly.fr/assets/css/bootstrap-theme.css

185.98.131.142

200 OK

1.6 kB

URL GET HTTP/2
www.notaire-gay-friendly.fr/assets/css/bootstrap-theme.css
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text
Size
1.6 kB (1571 bytes)
Hash
f117c407bf70bbd2f4809a8735aadfe0
84ec090aa39ef48043e004d5c85e49bae427a3d9
4d4896d17e4eb70223eff1354e4237a26e8941a14a567d28d6d748b285ca1973

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/bootstrap-theme.css HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: text/css
content-length: 1571
last-modified: Wed, 22 May 2019 11:04:47 GMT
etag: "382c-58977ef00a2a7-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

www.notaire-gay-friendly.fr/assets/css/font-awesome.css

185.98.131.142

200 OK

4.0 kB

URL GET HTTP/2
www.notaire-gay-friendly.fr/assets/css/font-awesome.css
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (301)
Size
4.0 kB (4011 bytes)
Hash
91539a25935ed0246e12b1d070842e1a
cebad4f790f3ba169a0e71b859834beb636f0e99
6b673349ae8ba6eea8339e700c5878762d0f9652311edfad7ee5ce10686361cb

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/font-awesome.css HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: text/css
content-length: 4011
last-modified: Tue, 11 Feb 2014 16:43:20 GMT
etag: "5495-4f224275d1a00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

www.notaire-gay-friendly.fr/assets/css/bootstrap.css

185.98.131.142

200 OK

17 kB

URL GET HTTP/2
www.notaire-gay-friendly.fr/assets/css/bootstrap.css
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
assembler source, ASCII text, with very long lines (318)
Size
17 kB (16819 bytes)
Hash
dfc308aa0d9bceafb90298929a3a4d1a
def55001c78e317e81ccdd2975e660c5b19f767e
8d71ea84cfb913fff4838f4a1f72e0b12989dd40fa9db2ced19abdfef5d969ae

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/bootstrap.css HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: text/css
content-length: 16819
last-modified: Tue, 11 Feb 2014 16:43:20 GMT
etag: "1e276-4f224275d1a00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/css/bootstrap.min.css

185.98.131.142

200 OK

18 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/css/bootstrap.min.css
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text, with very long lines (24311)
Size
18 kB (17661 bytes)
Hash
502a81d36ddf4d15432a7a206a46cb20
067c1bd52c74a56e2e07e766863f455da2c7b678
9b94758240305658fab483c7007f14da44eb407fae8c0d564ba6f398377f1edd

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/css/bootstrap.min.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: text/css
content-length: 17661
last-modified: Sun, 24 Oct 2021 13:01:36 GMT
etag: "1f024-5cf18d82789f1-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/slick/slick.css

185.98.131.142

200 OK

484 B

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/slick/slick.css
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text
Size
484 B (484 bytes)
Hash
f38b2db10e01b1572732a3191d538707
a94a059b3178b4adec09e3281ace2819a30095a4
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/slick/slick.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: text/css
content-length: 484
last-modified: Wed, 22 May 2019 10:34:28 GMT
etag: "6f0-58977829af086-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/css/datepicker.css

185.98.131.142

200 OK

1.0 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/css/datepicker.css
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text
Size
1.0 kB (1049 bytes)
Hash
8b8d3a71ddd354474fcbd1d4e62a6325
21f0f7248365307e8a9d8b5cc0fa027b52cf0565
9c6d66768aaef0665006e12ab553873ae28ace2064aac478741a18dbc72f9599

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/css/datepicker.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: text/css
content-length: 1049
last-modified: Wed, 22 May 2019 10:34:19 GMT
etag: "11e7-58977820ba106-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/css/tooplate-style.css

185.98.131.142

200 OK

4.3 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/css/tooplate-style.css
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text, with very long lines (1338)
Size
4.3 kB (4315 bytes)
Hash
0d051c31311636379abcc2483b9b97cf
6d8a34d4910b08964529853725dfdac96111810e
b394e8b496cf75df21358139585828274126d085333810ad86e5882e175fe525

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/css/tooplate-style.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: text/css
content-length: 4315
last-modified: Mon, 27 May 2019 10:38:17 GMT
etag: "3784-589dc256d3b91-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/slick/slick-theme.css

185.98.131.142

200 OK

767 B

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/slick/slick-theme.css
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
Unicode text, UTF-8 text
Size
767 B (767 bytes)
Hash
f9faba678c4d6dcfdde69e5b11b37a2e
81a434f94f2b1124f3232bb86f2944f82fb23ac0
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/slick/slick-theme.css HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: text/css
content-length: 767
last-modified: Wed, 22 May 2019 10:34:28 GMT
etag: "c49-589778293fb46-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

142.250.74.74

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32072)
Size
33 kB (32954 bytes)
Hash
e0e0559014b222245deb26b6ae8bd940
e2f3603e23711f6446f278a411d905623d65201e
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

HTTP Headers

GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 16:24:11 GMT
expires: Thu, 28 Nov 2024 16:24:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 322732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.avocat-gay-friendly.fr/wp-content/uploads/scroll.png

91.216.107.79

200 OK

1.3 kB

URL GET HTTP/2
www.avocat-gay-friendly.fr/wp-content/uploads/scroll.png
IP
91.216.107.79:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectavocat-gay-friendly.fr
FingerprintF9:35:3F:82:89:2D:C9:28:04:80:E5:99:1F:93:89:51:34:73:97:61
ValidityTue, 07 Nov 2023 04:24:41 GMT - Mon, 05 Feb 2024 04:24:40 GMT

File type
PNG image data, 64 x 64, 8-bit gray+alpha, non-interlaced\012- data
Size
1.3 kB (1331 bytes)
Hash
d9367e36bfaf7cc77e8f98225dfeed5d
72c0c92b96d26f56852fa94a85a112a819871531
97655a8426d9803f7c5915adc26571d562bd4acc1ed8bc752341915830633d36

HTTP Headers

GET /wp-content/uploads/scroll.png HTTP/1.1
Host: www.avocat-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: image/png
content-length: 1331
last-modified: Fri, 21 Jun 2019 15:25:22 GMT
etag: "533-58bd712247686"
accept-ranges: bytes
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/js/jquery.singlePageNav.min.js

185.98.131.142

200 OK

1.0 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/js/jquery.singlePageNav.min.js
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text, with very long lines (2444)
Size
1.0 kB (1019 bytes)
Hash
136efaf3f861e19d4b76848e33d1827d
fa74b2ad1714a56b9db920f0552e6d8e70f5e69e
a52a28e52628e812dec406f6f5f197bfeb8b7746711a3b944d26280c1066a3fa

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/js/jquery.singlePageNav.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: application/javascript
content-length: 1019
last-modified: Wed, 22 May 2019 10:34:26 GMT
etag: "a33-58977827b6266-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

www.notaire-gay-friendly.fr/assets/js/custom.js

185.98.131.142

200 OK

759 B

URL GET HTTP/2
www.notaire-gay-friendly.fr/assets/js/custom.js
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text
Size
759 B (759 bytes)
Hash
ed0dda14796582c49f76eccf5ae206b9
a371231f433797d4bc95c5fe25b221e5be29973d
5e361ac949c2eb1cedee95730c8dd0d18ba6d3caf3e3eef0dbd8d0a4dfe4444e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/custom.js HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: application/javascript
content-length: 759
last-modified: Tue, 11 Feb 2014 16:43:30 GMT
etag: "725-4f22427f5b080-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/js/popper.min.js

185.98.131.142

200 OK

6.6 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/js/popper.min.js
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text, with very long lines (18860)
Size
6.6 kB (6588 bytes)
Hash
068d64fd1715635226e7a4b91017c6cf
ca344d4feda098dc568fea9591be7beefcc6b2aa
072214cac2642148ff8266b18c82fdc64428932369da84dec0562cf01ca58d32

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/js/popper.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: application/javascript
content-length: 6588
last-modified: Wed, 22 May 2019 10:34:27 GMT
etag: "4a58-5897782815da6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/js/datepicker.min.js

185.98.131.142

200 OK

3.1 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/js/datepicker.min.js
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text, with very long lines (8468), with no line terminators
Size
3.1 kB (3130 bytes)
Hash
21aff2b9010b7b359dbf92654c33d052
ff4bff61c3a82a6e8a07d1325687cedb4d841cf5
1e84a9c72f005ba2321dbff2925146ff2d29acf854bc56975df8a3c231d0fe9f

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/js/datepicker.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: application/javascript
content-length: 3130
last-modified: Wed, 22 May 2019 10:34:26 GMT
etag: "2114-58977827353e6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/js/bootstrap.min.js

185.98.131.142

200 OK

13 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/js/bootstrap.min.js
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text, with very long lines (50277)
Size
13 kB (12578 bytes)
Hash
46b549bdc90920f18a911f186b9dd75c
3c639c4af5c036a6ee364215bd12c0b12937827d
1886bc561dec7c44a7541d82377ad81a40ff32496f32ad259884f0790c44d6a5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/js/bootstrap.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: application/javascript
content-length: 12578
last-modified: Wed, 22 May 2019 10:34:26 GMT
etag: "c584-589778274ea26-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

www.notaire-gay-friendly.fr/assets/js/bootstrap.js

185.98.131.142

200 OK

10 kB

URL GET HTTP/2
www.notaire-gay-friendly.fr/assets/js/bootstrap.js
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text
Size
10 kB (10387 bytes)
Hash
cf1cf2fce27179c0de8a71c73b378f07
44a69a91c82f22941f0fd8c9f1c459eca33d8dbe
d88949ad637b040b893c651e938b80f8a1aabc350c94c01c28e8a38fadab2df3

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/bootstrap.js HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: application/javascript
content-length: 10387
last-modified: Tue, 11 Feb 2014 16:43:29 GMT
etag: "e4a5-4f22427e66e40-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/slick/slick.min.js

185.98.131.142

200 OK

10 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/slick/slick.min.js
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text, with very long lines (42862)
Size
10 kB (10108 bytes)
Hash
d5a61c749e44e47159af8a6579dda121
3b41b3bc956685015a347a2238e71db29dfa0dbb
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/slick/slick.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: application/javascript
content-length: 10108
last-modified: Wed, 22 May 2019 10:34:29 GMT
etag: "a76f-5897782a9c566-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/js/jquery-1.11.3.min.js

185.98.131.142

200 OK

32 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/js/jquery-1.11.3.min.js
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
ASCII text, with very long lines (32038)
Size
32 kB (32426 bytes)
Hash
f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/js/jquery-1.11.3.min.js HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: application/javascript
content-length: 32426
last-modified: Wed, 22 May 2019 10:34:26 GMT
etag: "176f8-58977827c1de6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/img/Notaires-Gay-friendly-LBTG.png

185.98.131.142

200 OK

232 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/img/Notaires-Gay-friendly-LBTG.png
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
PNG image data, 550 x 420, 8-bit/color RGB, non-interlaced\012- data
Size
232 kB (232072 bytes)
Hash
2b968a1d26ab5b46949d835e43768cd1
31d2adbdc1023a92e27ff599f355471610df848b
df3045e18777db2b853ee2c2d9f7d0341ce1442ce139fedc88d59eedd279da68

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/img/Notaires-Gay-friendly-LBTG.png HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: image/png
content-length: 232072
last-modified: Wed, 22 May 2019 10:34:24 GMT
etag: "38a88-58977825607e6"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.notaire-gay-friendly.fr/assets/images/Notaires-Gay-friendly-LGBT-logo.svg

185.98.131.142

200 OK

6.1 kB

URL GET HTTP/2
www.notaire-gay-friendly.fr/assets/images/Notaires-Gay-friendly-LGBT-logo.svg
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (6058), with no line terminators
Size
6.1 kB (6058 bytes)
Hash
cbedd94a1aad51f8f91d060eeed2fda0
300df7b9dde86ce8e2518f1ae4d7928e9c5baaaa
3b702050b12f3114a932f69bc0edc8a43f5bd4f76e6a58af4f83c12457df0b58

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/Notaires-Gay-friendly-LGBT-logo.svg HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: image/svg+xml
content-length: 6058
last-modified: Wed, 22 May 2019 11:27:15 GMT
etag: "17aa-589783f5fa5f6"
accept-ranges: bytes
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/img/Medecin-Sante-gay-friendly-LGBT.png

185.98.131.142

200 OK

205 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/img/Medecin-Sante-gay-friendly-LGBT.png
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
PNG image data, 550 x 420, 8-bit/color RGB, non-interlaced\012- data
Size
205 kB (204949 bytes)
Hash
10f713730539d27de360ff3da568ea8c
08aeac4ff9acb53e55e8e86170d4c72c395eec5a
c2231b16188d1f95b00ff5750a6b805cd0e8604262a5945b2f003e200fc1eaa0

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/img/Medecin-Sante-gay-friendly-LGBT.png HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: image/png
content-length: 204949
last-modified: Wed, 22 May 2019 10:34:23 GMT
etag: "32095-58977824c6326"
accept-ranges: bytes
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/img/Avocat-Gay-friendly-LGBT.png

185.98.131.142

200 OK

207 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/img/Avocat-Gay-friendly-LGBT.png
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
PNG image data, 550 x 420, 8-bit/color RGB, non-interlaced\012- data
Size
207 kB (206631 bytes)
Hash
de0c751ab1ef67e1169de390dc7ececb
7dfde1594e0e1a59c52b0e4ba4a361623591e2ba
834e336b18d8b3dd1cc121b6c65760086e45af34cdd9003c1efc8d9921ee2f26

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/img/Avocat-Gay-friendly-LGBT.png HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: image/png
content-length: 206631
last-modified: Wed, 22 May 2019 10:34:21 GMT
etag: "32727-589778226aae6"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.avocat-gay-friendly.fr/wp-content/uploads/CONSEILLER-EN-GESTION-DE-PATRIMOINE.jpg

91.216.107.79

200 OK

30 kB

URL GET HTTP/2
www.avocat-gay-friendly.fr/wp-content/uploads/CONSEILLER-EN-GESTION-DE-PATRIMOINE.jpg
IP
91.216.107.79:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectavocat-gay-friendly.fr
FingerprintF9:35:3F:82:89:2D:C9:28:04:80:E5:99:1F:93:89:51:34:73:97:61
ValidityTue, 07 Nov 2023 04:24:41 GMT - Mon, 05 Feb 2024 04:24:40 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=300, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=276], progressive, precision 8, 276x238, components 3\012- data
Size
30 kB (30436 bytes)
Hash
d05076005eb75fd3cf9d2f27cf30671c
cc77bfcd0595c7b25b1164da023acbfc3bddc2d7
a9acf1bc5c9e0a31c53cb4501e7e0f61fedd14f497ec3607759a4d9491182425

HTTP Headers

GET /wp-content/uploads/CONSEILLER-EN-GESTION-DE-PATRIMOINE.jpg HTTP/1.1
Host: www.avocat-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: image/jpeg
content-length: 30436
last-modified: Thu, 30 May 2019 13:27:12 GMT
etag: "76e4-58a1adb0c438d"
accept-ranges: bytes
X-Firefox-Spdy: h2

notaire-gay-friendly.fr/newtheme/img/Notaire-gay-friendly-LGBT.jpg

185.98.131.142

200 OK

240 kB

URL GET HTTP/2
notaire-gay-friendly.fr/newtheme/img/Notaire-gay-friendly-LGBT.jpg
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x787, components 3\012- data
Size
240 kB (240204 bytes)
Hash
c69ee1fb7137989116fcfcb747827628
df10a8483036a49ca0f591860fe151346317a917
fc7f3d8330764660b40b62939dc8fdbf3448e8b60dda823ef302c379d03955d8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /newtheme/img/Notaire-gay-friendly-LGBT.jpg HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/newtheme/css/tooplate-style.css
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:03 GMT
content-type: image/jpeg
content-length: 240204
last-modified: Wed, 22 May 2019 10:52:21 GMT
etag: "3aa4c-58977c28c438c"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

142.250.74.3

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14940, version 1.0\012- data
Size
15 kB (14940 bytes)
Hash
a46fb7aae99225fdfd9d64b2b8b1063f
1ee50bf5985c1956dde1c06d9b1cec4645ddb92b
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

HTTP Headers

GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://notaire-gay-friendly.fr
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14940
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:58:28 GMT
expires: Fri, 29 Nov 2024 04:58:28 GMT
cache-control: public, max-age=31536000
age: 277475
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.notaire-gay-friendly.fr/assets/img/favicon.png

185.98.131.142

200 OK

2.7 kB

URL GET HTTP/2
www.notaire-gay-friendly.fr/assets/img/favicon.png
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Size
2.7 kB (2746 bytes)
Hash
ac8ecda82f19bd439ec77ed0a86faa45
89f0121d02daab97dfcc8f6c4be2dafe01e0237a
b65dfafb8651ce6a6f3c3b2aeb2e74a65b24cfa13f8fa2286f06d57ee462b581

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/favicon.png HTTP/1.1
Host: www.notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 10:03:04 GMT
content-type: image/png
content-length: 2746
last-modified: Tue, 11 Feb 2014 16:43:28 GMT
etag: "aba-4f22427d72c00"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://notaire-gay-friendly.fr
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 08:27:14 GMT
expires: Mon, 02 Dec 2024 08:27:14 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 5750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
25 kB (24606 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 08:03:16 GMT
expires: Mon, 02 Dec 2024 08:03:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 7188
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 08:27:14 GMT
expires: Mon, 02 Dec 2024 08:27:14 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 5750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.3

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 10:04:07 GMT
expires: Fri, 29 Nov 2024 10:04:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 259137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

142.250.74.74

200 OK

3.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
3.1 kB (3099 bytes)
Hash
d2dd8aff816a40ee4646a5cb2e4cd399
c2f075838badcf306274c349ebc3567f05f46edf
a15132afa7cbe07f0d78fad52c608cefbba1a3e22342f4408125ea2e2a2b399c

HTTP Headers

GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 03 Dec 2023 10:03:03 GMT
date: Sun, 03 Dec 2023 10:03:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat

142.250.74.74

200 OK

191 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (191213 bytes)
Hash
4c7e9685caa134148fe03c82c89c7523
41b6933af2d39ebc2346fe26fd9db1c80a3da343
70fd0c4e8aacd7a2552deb51eb435c91078c04a666515519bc1526bf44a8f310

HTTP Headers

GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 03 Dec 2023 10:03:03 GMT
date: Sun, 03 Dec 2023 10:03:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
25 kB (24606 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 08:03:16 GMT
expires: Mon, 02 Dec 2024 08:03:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 7188
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 08:27:14 GMT
expires: Mon, 02 Dec 2024 08:27:14 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 5750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:37:43 GMT
expires: Wed, 06 Dec 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 303921
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai

142.250.74.132

200 OK

62 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (53845)
Size
62 kB (62391 bytes)
Hash
7bb7d520731d1d968be2035ed453e366
0bba38b6e98ab9f829af8bc34b447aadd327ace0
ab1f4a486d9c5e83ef909928fb475e7d9b6d48137033471042cc3ecbc4ba5a9c

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 10:03:04 GMT
content-security-policy: script-src 'nonce-QoZI5_rEr33u4kSUFoEfdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

notaire-gay-friendly.fr/agenzia/

185.98.131.142

302 Found

28 kB

URL User Request GET HTTP/2
notaire-gay-friendly.fr/agenzia/
IP
185.98.131.142:443
ASN
#16347 ADISTA SAS

Certificate
IssuerLet's Encrypt
Subjectnotaire-gay-friendly.fr
Fingerprint20:0C:A2:3A:A4:D2:50:0E:6B:70:87:7C:10:AC:4D:CA:A7:A7:FD:6F
ValidityThu, 02 Nov 2023 03:05:08 GMT - Wed, 31 Jan 2024 03:05:07 GMT

File type

Size
28 kB (28356 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /agenzia/ HTTP/1.1
Host: notaire-gay-friendly.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 03 Dec 2023 10:03:02 GMT
content-type: text/html; charset=UTF-8
set-cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22701bfdba388fc39595337a29cea487c7%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2291.90.42.154%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A80%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1701597782%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbc57ef408644ed905aa4a1766eeb61d9; expires=Sun, 03-Dec-2023 12:03:02 GMT; Max-Age=7200; path=/
location: /
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js

142.250.74.132

200 OK

850 B

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
ASCII text, with very long lines (850), with no line terminators
Size
850 B (850 bytes)
Hash
57e10dcd72dd2953878092014eae522b
95ba7e48825c26c5d9395ef2edb73e790bce6fa7
c7b54326365940d062bce26ed41579eebcb4946a86ba280790b603926692bd59

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 03 Dec 2023 10:03:03 GMT
date: Sun, 03 Dec 2023 10:03:03 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a

142.250.74.132

200 OK

7.3 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://notaire-gay-friendly.fr/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7483), with no line terminators
Size
7.3 kB (7252 bytes)
Hash
6f1c366dbfe7557f39f30a07048c7e1e
27d62a1e1722a1cb7d7477d3b1ab9846e8ed9e9b
1e3d6f557969c636dd4b9ff96cc8a6f119250bc9f2325caf46a8fd954f819e68

HTTP Headers

GET /recaptcha/api2/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://notaire-gay-friendly.fr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 10:03:04 GMT
content-security-policy: script-src 'nonce-4UixZBMMot5QBvVEr8MP_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed

142.250.74.132

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
b581f6e6ac7eb4d572233bdd384918f8
12a90cd14cfea2286982801538560f638670eaff
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT1s0UAAAAAMSSD5WhpvWZDHKlVDnrnWV6VL7a&co=aHR0cHM6Ly9ub3RhaXJlLWdheS1mcmllbmRseS5mcjo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=w9na23cu4ai
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 03 Dec 2023 10:03:04 GMT
date: Sun, 03 Dec 2023 10:03:04 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by