{"report_id":"7f8f0807-fcb4-4f16-8be9-275c58ba4be2","version":6,"status":"done","tags":[],"date":"2025-12-02T13:37:17Z","url":{"schema":"http","addr":"bodah2.de/","fqdn":"bodah2.de","domain":"bodah2.de","tld":"de"},"ip":{"addr":"172.67.217.41","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bodah2.de/login","fqdn":"bodah2.de","domain":"bodah2.de","tld":"de"},"title":"Happy Community","dom":{"size":3049,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"be5705a90c2f63da2ffe74401ca81f38","sha1":"bcfe787aca882bbdb4d7320539a00b25f5bb1fbc","sha256":"f3ce0fe8f7c691df2dc3e06e27e09230ecdb395b2732d3df29328b7c82f61365","sha512":"c23017947e5ae8adf2630a279226d5ce25f5fb792fb3135e6abf1d031fdbbc03a50468d21eab217a68a613dc06ba6ece1fd933316653542ced9b37fed91923e3","ssdeep":"","tlshash":"f651302051e989674aa313788afa9304ec6ac53393009c45fddc29d67fc5f464673e2c","dom_hash":"domhashca37d2a697185447533c2633f6ddabec","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bodah2.de/","fqdn":"bodah2.de","domain":"bodah2.de","tld":"de"},"ip":{"addr":"172.67.217.41","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-06T13:37:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-02","alert":"Content Category / Application Block","trigger":"bodah2.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"bodah2.de","ip":{"addr":"172.67.217.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-12-02T13:37:17.911677Z","last_seen":"2025-12-02T13:37:17.911677Z","alert_count":20,"request_count":5,"received_data":114523,"sent_data":2258,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bodah2.de/login","fqdn":"bodah2.de","domain":"bodah2.de","tld":"de"},"ip":{"addr":"172.67.217.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"331c0683fe54e8bf8ac819a81ef8853e","sha1":"04169286f2e9fd7cdbc77bcc12ad9d2a748750b3","sha256":"cc0c72727d9703122e34e954f00b3ddfe8c884056e366cf2390e9e6ae99eeb3f","sha512":"e43c55138e32ecba57328c8165ad2ba0142d4efb1531b4d60d7a090026a68fe653fd96d5a8f0175f40ac0d548dcf8d0dc8c16a2fc5922825241fdc2e3237478e","ssdeep":"","tlshash":"d121af65139e47a50bb323684ebf4795e63a9c7365019d41bc4c39d2bf987684232b1c","size":1400,"data":"","first_seen":"2025-03-05T19:59:11.244806Z","last_seen":"2026-03-19T01:47:22.831637Z","times_seen":77,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bodah2.de/template/temp/js/jquery.min.js","fqdn":"bodah2.de","domain":"bodah2.de","tld":"de"},"ip":{"addr":"172.67.217.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"895323ed2f7258af4fae2c738c8aea49","sha1":"276c87ff3e1e3155679c318938e74e5c1b76d809","sha256":"ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8","sha512":"c40111c3cc0754e90cf71f72f7f16f43b835b7e808423dfd99f90dd5177538b702e64ff1d9ee8d3bc86aeaa11b6f7a0ef826184e354b162158839ffb75d174cc","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmc:R+41ZqLTW8xRrqSb8qGH77da98Hrf","tlshash":"3b93d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","size":95957,"data":"","first_seen":"2023-03-07T01:02:25Z","last_seen":"2026-06-18T01:09:41.726981Z","times_seen":17625,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bodah2.de/favicon.ico","fqdn":"bodah2.de","domain":"bodah2.de","tld":"de"},"ip":{"addr":"172.67.217.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bodah2.de/login","date":"2025-12-02T13:36:56.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bodah2.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 09:49:12 GMT","end":"Wed, 18 Feb 2026 10:47:46 GMT"},"fingerprint":{"sha1":"1A:C2:C3:FF:0E:43:A7:12:D8:44:77:08:AC:8C:8F:30:D7:37:4E:5E","sha256":"6F:AF:66:17:AB:F9:21:41:8F:7E:E4:82:31:AE:9D:DD:36:EF:9D:DB:CD:B4:31:CF:4F:19:2E:56:5F:01:E4:1B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bodah2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bodah2.de/login\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Tue, 02 Dec 2025 13:36:56 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Rx0D%2Fqbeg7U9KLxllxccutJo2E%2FN%2FZOa427f8e3wc9mrIxszKgLfAc7q8MWsAd%2B2n0e0tD%2BBtjr8VY1A5ydIo05p9ilLEgdx7Q%3D%3D\"}]}\r\npriority: u=6,i=?0\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a7b3750d833783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7197,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"cadea9088faed7f1f493a2d72ffc5a7f","sha1":"06270cfc0a44bb32fe6f851fa1e8f027182ec2c5","sha256":"ff761d4960cb0813b67e3350f4e97c0dfbbb1a52eeb8d035de157f22d10e81fe","sha512":"de45be77d5cb8a5d46bb26e6e7457be3ff949c28603cc6a17ffc8818a4799ee969fcb025cefefeb17a11bb9baf47842cfdf67c31c5dd4359c5bdae953ff3510c","ssdeep":"192:1qsADVCZHK2StRyByEXkHlXWLH5de6H5wdpAqszyb817bHpy2byTxC:wwU2bbH3iC","tlshash":"2fe1045b4ee30002b913d4397b7b2205322e86578156ed6d7e8dd748cfc16a5c9d2bcd","first_seen":"2024-10-20T23:28:43.055636Z","last_seen":"2026-03-19T01:47:22.828686Z","times_seen":166,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-02","alert":"Content Category / Application Block","trigger":"bodah2.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bodah2.de/","fqdn":"bodah2.de","domain":"bodah2.de","tld":"de"},"ip":{"addr":"172.67.217.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-02T13:36:55.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bodah2.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 09:49:12 GMT","end":"Wed, 18 Feb 2026 10:47:46 GMT"},"fingerprint":{"sha1":"1A:C2:C3:FF:0E:43:A7:12:D8:44:77:08:AC:8C:8F:30:D7:37:4E:5E","sha256":"6F:AF:66:17:AB:F9:21:41:8F:7E:E4:82:31:AE:9D:DD:36:EF:9D:DB:CD:B4:31:CF:4F:19:2E:56:5F:01:E4:1B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bodah2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 02 Dec 2025 13:36:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: no-cache,must-revalidate\r\nlocation: /login\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gO1HWuVSM58yKWpsVXNjC2WLxW6OamAxQHq%2BH6Gxw6s5Bq2PdlZhuzY8XLI%2BWEHbW2TereY38B3AGzq6kRoeKVthZzTgEw8%2B4w%3D%3D\"}]}\r\nset-cookie: user_id=deleted; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:01 GMT\nuser_name=deleted; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:01 GMT\ngroup_id=deleted; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:01 GMT\ngroup_name=deleted; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:01 GMT\nuser_check=deleted; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:01 GMT\nuser_portrait=deleted; Path=/; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:01 GMT\r\ncf-ray: 9a7b37486a5e32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2938,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-18T01:31:21.233037Z","times_seen":16497762,"resource_available":true,"data":null}},"time_used":500,"timings":{"blocked":66,"dns":42,"connect":1,"send":0,"wait":368,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-02","alert":"Content Category / Application Block","trigger":"bodah2.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bodah2.de/login","fqdn":"bodah2.de","domain":"bodah2.de","tld":"de"},"ip":{"addr":"172.67.217.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-02T13:36:55.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bodah2.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 09:49:12 GMT","end":"Wed, 18 Feb 2026 10:47:46 GMT"},"fingerprint":{"sha1":"1A:C2:C3:FF:0E:43:A7:12:D8:44:77:08:AC:8C:8F:30:D7:37:4E:5E","sha256":"6F:AF:66:17:AB:F9:21:41:8F:7E:E4:82:31:AE:9D:DD:36:EF:9D:DB:CD:B4:31:CF:4F:19:2E:56:5F:01:E4:1B"}}},"request":{"raw":"GET /login HTTP/1.1\r\nHost: bodah2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 02 Dec 2025 13:36:55 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hbHnKV8%2FGDeEsIqPxubqGhb96j2HztmoTtOB%2BkrSOUkuPKLkKRxCrQuN6i5CqhpbJGj8bzmVidnormd9zx%2FvAMJxfDM1Od3EuA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9a7b374ab9e232fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2938,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"25c1b54dd7c34eb6100bcab6a24eafe4","sha1":"a51368499dfed5d47a5ff4e9a6f87a40bb3905cd","sha256":"94cb83643a06fd05d013e032e510bbab4e8ad1bec30d81f438d84080a7aa754d","sha512":"4f0d722a53f2774616fd35c67b487dfde0cb2d2e7994565bc3f951aec2df1b29e65ce6dff959082827e6c61a9d8d627fb1e087829bb94aba9bd85d16da4d072d","ssdeep":"","tlshash":"bf51742011f989a646a312788efa9604ad6dd533a3009c44bddc29e67fc9f854673f2c","first_seen":"2025-12-02T13:37:21.873886Z","last_seen":"2025-12-02T13:37:21.873886Z","times_seen":1,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-02","alert":"Content Category / Application Block","trigger":"bodah2.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bodah2.de/template/temp/css/login.css","fqdn":"bodah2.de","domain":"bodah2.de","tld":"de"},"ip":{"addr":"172.67.217.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bodah2.de/login","date":"2025-12-02T13:36:55.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bodah2.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 09:49:12 GMT","end":"Wed, 18 Feb 2026 10:47:46 GMT"},"fingerprint":{"sha1":"1A:C2:C3:FF:0E:43:A7:12:D8:44:77:08:AC:8C:8F:30:D7:37:4E:5E","sha256":"6F:AF:66:17:AB:F9:21:41:8F:7E:E4:82:31:AE:9D:DD:36:EF:9D:DB:CD:B4:31:CF:4F:19:2E:56:5F:01:E4:1B"}}},"request":{"raw":"GET /template/temp/css/login.css HTTP/1.1\r\nHost: bodah2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bodah2.de/login\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 02 Dec 2025 13:36:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 27 Oct 2025 19:00:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68ffc14b-779\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X0Rb%2FJWK2Jr0w47MvRKJRV%2BqrS%2Fr7BkivxuUioMobr8VjcAu%2BHNjNF%2FbRQ%2FcJ57%2F6Nwt7EafnyCP%2BwMMCnYdKg8PqUqBKvpfQg%3D%3D\"}]}\r\ncf-ray: 9a7b374d6fc7783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1913,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"57135ffd58094d92fd140e5d9203f09d","sha1":"8348509537bbf7c8e7850c195f2ad6d8247f5279","sha256":"3f46da6187eed89d2fa119a751581c26b7df06a56ea37362a61b42fda469d313","sha512":"77235a6142090fe457750e43be127c10c54150d733996cb8575be2084ffc3c1b0083e6706bd8e423ae697faefc584b8ae9f79e5529502020166bc543c590a2bb","ssdeep":"","tlshash":"cf419c48db040546b23395ac67f3474aea6d80938b4a067d3b59e690cfbe16c8672fc8","first_seen":"2024-11-27T18:28:24.386073Z","last_seen":"2026-03-19T01:47:22.827725Z","times_seen":150,"resource_available":false,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":345,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-02","alert":"Content Category / Application Block","trigger":"bodah2.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bodah2.de/template/temp/js/jquery.min.js","fqdn":"bodah2.de","domain":"bodah2.de","tld":"de"},"ip":{"addr":"172.67.217.41","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bodah2.de/login","date":"2025-12-02T13:36:55.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bodah2.de","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 20 Nov 2025 09:49:12 GMT","end":"Wed, 18 Feb 2026 10:47:46 GMT"},"fingerprint":{"sha1":"1A:C2:C3:FF:0E:43:A7:12:D8:44:77:08:AC:8C:8F:30:D7:37:4E:5E","sha256":"6F:AF:66:17:AB:F9:21:41:8F:7E:E4:82:31:AE:9D:DD:36:EF:9D:DB:CD:B4:31:CF:4F:19:2E:56:5F:01:E4:1B"}}},"request":{"raw":"GET /template/temp/js/jquery.min.js HTTP/1.1\r\nHost: bodah2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bodah2.de/login\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 02 Dec 2025 13:36:56 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 27 Oct 2025 19:00:27 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: Accept-Encoding\r\netag: W/\"68ffc14b-176d5\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=abileQV7tevttk2jxluHViPXGNhNFCmrHNUBNA8tJQBx%2BYWQt04JuenMwTy36EXCC75dwAebbLaaKyZwA1b5vDEyjJNlnYfGHQ%3D%3D\"}]}\r\ncf-ray: 9a7b374d6fc8783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95957,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32038)","md5":"895323ed2f7258af4fae2c738c8aea49","sha1":"276c87ff3e1e3155679c318938e74e5c1b76d809","sha256":"ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8","sha512":"c40111c3cc0754e90cf71f72f7f16f43b835b7e808423dfd99f90dd5177538b702e64ff1d9ee8d3bc86aeaa11b6f7a0ef826184e354b162158839ffb75d174cc","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmc:R+41ZqLTW8xRrqSb8qGH77da98Hrf","tlshash":"3b93d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","first_seen":"2023-03-07T01:02:25Z","last_seen":"2026-06-18T01:09:41.726981Z","times_seen":17625,"resource_available":true,"data":null}},"time_used":448,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":304,"receive":144,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-02","alert":"Sinkholed","trigger":"bodah2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-12-02","alert":"Content Category / Application Block","trigger":"bodah2.de","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}