{"report_id":"28a02711-9bfd-46e2-bb4d-63cb10bbe514","version":0,"status":"done","tags":[],"date":"2026-06-23T12:29:12Z","url":{"schema":"http","addr":"clientlogin.eistee-mediart.de","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"46.30.213.97","port":0,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"final":{"url":{"schema":"http","addr":"clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"title":"Log in to your PayPaI account","dom":{"size":1552,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"ffae5540428b950403a12e8ab8456af0","sha1":"33bf90cf8121d7d7671655c777905a19aea1d063","sha256":"2c11e680efebd0cb33b9b21a5ea05e43b2ef56d291c13467e9c40e3f739387a6","sha512":"771f604de212f3dc2d74b1ff238b4029fa5ae059aafa8dfca2cd3b501592e121951b9f1fcc23de4c7af4e31707cd75ba650d1f865fe22223f8fb1cfcfde295df","ssdeep":"","tlshash":"35314215a3fd959b007240e095f27d082c7be907ba079c44c1f456ad2feee8e515322c","dom_hash":"domhash9b9d334d003eccd5e5c390728b2c7ae0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"clientlogin.eistee-mediart.de","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"46.30.213.97","port":0,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-28T12:29:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"clientlogin.eistee-mediart.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"clientlogin.eistee-mediart.de","ip":{"addr":"46.30.213.97","port":80,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-22T21:07:26.513652Z","last_seen":"2026-06-22T21:07:26.513652Z","alert_count":8,"request_count":8,"received_data":110700,"sent_data":4230,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"PHP:8.0.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.1.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"clientlogin.eistee-mediart.de/js/jquery-3.1.1.min.js","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"46.30.213.97","port":80,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"introduction_type":"scriptElement","is_inline":false,"md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","size":86709,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-06-27T20:06:59.497732Z","times_seen":144225,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"46.30.213.97","port":80,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"introduction_type":"scriptElement","is_inline":true,"md5":"a79af294579268b7041b2d351d9220a2","sha1":"e256a64797834b02d04d36520576862f5b7cef8b","sha256":"0ebb1bad9329c65b06eb3eb597031d888f230bf361d8d4455877141d6f9e921c","sha512":"6e7629c2712db00fabecb15707121cc9c3b09bd6a560db12ac4a932476097b29e557ccb80d998d0e2460ded96466238edaa306b910d580d6dd438fe0901ba109","ssdeep":"","tlshash":"31e0205af1ed7355407f61bd56bb7558363a3cc77a0b2d05d47d08614f6518d2012f1c","size":340,"data":"","first_seen":"2026-06-23T08:07:23.371683Z","last_seen":"2026-06-25T10:56:40.398887Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"clientlogin.eistee-mediart.de/img/logo.svg","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"46.30.213.97","port":80,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930","date":"2026-06-23T12:28:43.780Z","timestamp":1782217723780,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /img/logo.svg HTTP/1.1\r\nHost: clientlogin.eistee-mediart.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930\r\nCookie: PHPSESSID=6141db0c671cb960256b4d39beec9801\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 23 Jun 2026 12:28:43 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 09 Feb 2018 16:09:04 GMT\r\nETag: \"131a-564c9bf5239af\"\r\nAccept-Ranges: bytes\r\nContent-Length: 4890\r\nContent-Type: image/svg+xml\r\nX-Varnish: 63708855579\r\nAge: 0\r\nVia: 1.1 webcache2 (Varnish/trunk)\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":4890,"size_decoded":5201,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9524bddc8ac6aa07a474707525357e81","sha1":"35d7ed0ab9add122adfe22e0ef17a0177a8fcb1f","sha256":"17d949ef8f2a0abe7289d7af4bb7d55fb2e25873adb8567e15ec1133d9388a08","sha512":"6635c53f34f0c20555368b99e7c83f423403ad414109019d3eb03f7e5f47fab0281d71c91677a4e7d160889c646255ff37d509895b59981f9bc3734abb46affa","ssdeep":"96:7OKftjFo87sFZFDJzdEkwhTmPSW7Y6Mdnp6M1TlJNZvy:SotjFokePT6PTS","tlshash":"08a185cb537cd5c8bdd42ab9ed3826c23bbaf6ac9624e294d30f4d10614ad835238d58","first_seen":"2023-05-06T07:15:58Z","last_seen":"2026-06-25T10:56:40.398134Z","times_seen":30,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":1,"dns":0,"connect":14,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"clientlogin.eistee-mediart.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"clientlogin.eistee-mediart.de/img/icon_loader_med.gif","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"46.30.213.97","port":80,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930","date":"2026-06-23T12:28:43.784Z","timestamp":1782217723784,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /img/icon_loader_med.gif HTTP/1.1\r\nHost: clientlogin.eistee-mediart.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930\r\nCookie: PHPSESSID=6141db0c671cb960256b4d39beec9801\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 23 Jun 2026 12:28:43 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 09 Feb 2018 16:09:03 GMT\r\nETag: \"1e34-564c9bf44cbda\"\r\nAccept-Ranges: bytes\r\nContent-Length: 7732\r\nContent-Type: image/gif\r\nX-Varnish: 64707723982\r\nAge: 0\r\nVia: 1.1 webcache2 (Varnish/trunk)\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":7732,"size_decoded":8039,"mime_type":"image/gif","magic":"GIF image data, version 89a, 48 x 48","md5":"d77c7be43fa0d7a974d949c827b93e5f","sha1":"24ec2252aebce0906f18859a01bbe03735398b38","sha256":"d1ae7277d8ad6c4ecfb1f2269db1cfd85a04c8e2b97a3c2bf4c65fa622fe9e08","sha512":"d81b04a1e0cbaea296f69dad746199b6350c2be89525c5bdedf62d8c91ba70f1af62c44b5773e503188f2e4d76a0d2af3032fc12d319429f2c026f1fafce673b","ssdeep":"192:TXimh4MWmEzCvsXbbkUoUFYBLT2KanNw1CcKu:TyIVoC03kUoPTarU","tlshash":"4bf16cf8a729c65ccd53ab3f2dc187b70c7158d0450e088365a1ed9e0e4b2d83a3b9d1","first_seen":"2023-12-05T14:55:58Z","last_seen":"2026-06-25T10:56:40.390594Z","times_seen":26,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":1,"dns":0,"connect":14,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"clientlogin.eistee-mediart.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"clientlogin.eistee-mediart.de/img/mou.png","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"46.30.213.97","port":80,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930","date":"2026-06-23T12:28:43.849Z","timestamp":1782217723849,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /img/mou.png HTTP/1.1\r\nHost: clientlogin.eistee-mediart.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930\r\nCookie: PHPSESSID=6141db0c671cb960256b4d39beec9801\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 23 Jun 2026 12:28:43 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 09 Feb 2018 16:09:04 GMT\r\nETag: \"ed0-564c9bf576f88\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3792\r\nContent-Type: image/png\r\nX-Varnish: 64383688822\r\nAge: 0\r\nVia: 1.1 webcache2 (Varnish/trunk)\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":3792,"size_decoded":4098,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"882c80b33b2ee0c6a5993064b27ce41c","sha1":"8f0e69396e6b1c9b303610e156ed294d6ba78755","sha256":"3386b2efc8048d2ad28c0a02ee3b4ecf7589c584c9ec486c07fc5b0203afb47e","sha512":"f6d4f0142a61dedae7b2cb0e14af19022fba9316792db95994125df9fe46149a1b7311b88b299b454b2e8cf24b6bfbe96b2a50d9e4c04a3e83e8376b6d1b89a4","ssdeep":"","tlshash":"ca71c640f772b9c2b24ca5b838fa63846a036f40e7c0e7ed7185c0962e626a358570da","first_seen":"2023-08-25T13:15:11Z","last_seen":"2026-06-25T10:56:40.391477Z","times_seen":32,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"clientlogin.eistee-mediart.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clientlogin.eistee-mediart.de/","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-23T12:28:40.975Z","timestamp":1782217720975,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: clientlogin.eistee-mediart.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T20:17:43.334641Z","times_seen":16769159,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"clientlogin.eistee-mediart.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"clientlogin.eistee-mediart.de/","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"46.30.213.97","port":80,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-23T12:28:43.558Z","timestamp":1782217723558,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: clientlogin.eistee-mediart.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Tue, 23 Jun 2026 12:28:43 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/8.0.30\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nSet-Cookie: PHPSESSID=6141db0c671cb960256b4d39beec9801; path=/\r\nlocation: ./login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930\r\nContent-Length: 0\r\nContent-Type: text/html; charset=UTF-8\r\nX-Varnish: 64554536874\r\nAge: 0\r\nVia: 1.1 webcache2 (Varnish/trunk)\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.0.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T20:17:43.334641Z","times_seen":16769159,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":4,"connect":8,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"clientlogin.eistee-mediart.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"46.30.213.97","port":80,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-23T12:28:43.587Z","timestamp":1782217723587,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930 HTTP/1.1\r\nHost: clientlogin.eistee-mediart.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=6141db0c671cb960256b4d39beec9801\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 23 Jun 2026 12:28:43 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/8.0.30\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Type: text/html; charset=UTF-8\r\nX-Varnish: 64554536876\r\nAge: 0\r\nVia: 1.1 webcache2 (Varnish/trunk)\r\nConnection: keep-alive\r\nTransfer-Encoding: chunked\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:8.0.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:3.1.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":1583,"size_decoded":1197,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text","md5":"ffc77f81dbacf778add094739afc93c7","sha1":"8f04d7295b6c2b8e469dffe6d2840942f5480390","sha256":"ec35e40ddffd1a627e1e1186ca502edd2332fb7a5a81037bb2d2c2f6b564b24e","sha512":"b065214ee20a6236e8b0eb49660d21a339de40e80421725353adc418108afb1c2e9c512d355f88856187bbaa0204cf72151eb8485e507312430af3f7acb74e73","ssdeep":"","tlshash":"df313c19a3fd998b003240e165a2bc083c7ba906ba039c80c1f567fd2feee8d5553628","first_seen":"2026-06-23T08:07:23.35632Z","last_seen":"2026-06-25T10:56:40.394525Z","times_seen":28,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"clientlogin.eistee-mediart.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"clientlogin.eistee-mediart.de/css/style.css","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"46.30.213.97","port":80,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930","date":"2026-06-23T12:28:43.774Z","timestamp":1782217723774,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: clientlogin.eistee-mediart.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930\r\nCookie: PHPSESSID=6141db0c671cb960256b4d39beec9801\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 23 Jun 2026 12:28:43 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 09 Feb 2018 16:08:55 GMT\r\nETag: \"d57-564c9bec00f33-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 866\r\nContent-Type: text/css\r\nX-Varnish: 64694616700\r\nAge: 0\r\nVia: 1.1 webcache2 (Varnish/trunk)\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3415,"size_decoded":1222,"mime_type":"text/css","magic":"ASCII text","md5":"f880b115fb39944af435034d77d8d533","sha1":"391eb78410524cc17404b8d5368e66bbd27f746e","sha256":"711a3a5a87f77cb42a3039f9e7db3d2f94417979c1af11cfdcd9055228f224d1","sha512":"ee9852934b572fe94ca8ad23a2dfd886855123fb4f06061b9eff6995db1a9d1b1671b576248c7bb998676c8f1acb595c800e8a5aeefdbd571720c1153deceded","ssdeep":"","tlshash":"6f61e06269030d81b517a49837a3abd2211f8943992fd57a3e92b65ccfdf2d441f2f4c","first_seen":"2026-06-23T08:07:23.359931Z","last_seen":"2026-06-25T10:56:40.395486Z","times_seen":28,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"clientlogin.eistee-mediart.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"clientlogin.eistee-mediart.de/js/jquery-3.1.1.min.js","fqdn":"clientlogin.eistee-mediart.de","domain":"eistee-mediart.de","tld":"de"},"ip":{"addr":"46.30.213.97","port":80,"asn":51468,"as":"One.com A/S","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930","date":"2026-06-23T12:28:43.776Z","timestamp":1782217723776,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/jquery-3.1.1.min.js HTTP/1.1\r\nHost: clientlogin.eistee-mediart.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://clientlogin.eistee-mediart.de/login.php?websrc=77dab160d987730dc452ffcdb621579a\u0026dispatched=26\u0026id=2486283930\r\nCookie: PHPSESSID=6141db0c671cb960256b4d39beec9801\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Tue, 23 Jun 2026 12:28:43 GMT\r\nServer: Apache\r\nLast-Modified: Fri, 09 Feb 2018 16:09:10 GMT\r\nETag: \"152b5-564c9bfb2471a-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 30080\r\nContent-Type: text/javascript\r\nX-Varnish: 64694616702\r\nAge: 0\r\nVia: 1.1 webcache2 (Varnish/trunk)\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":86709,"size_decoded":30447,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32030)","md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-06-27T20:06:59.497732Z","times_seen":144225,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":14,"send":0,"wait":14,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-23","alert":"Sinkholed","trigger":"clientlogin.eistee-mediart.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}