{"report_id":"9438a283-79b2-48e2-bec6-cfdfb25a9842","version":0,"status":"done","tags":[],"date":"2026-06-22T10:14:10Z","url":{"schema":"http","addr":"dokument-cembra.com/e-dokument/web-tag/index.php","fqdn":"dokument-cembra.com","domain":"dokument-cembra.com","tld":"com"},"ip":{"addr":"209.97.149.25","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"dokument-cembra.com/e-dokument/web-tag/index.php","fqdn":"dokument-cembra.com","domain":"dokument-cembra.com","tld":"com"},"title":"Cembra Money Bank","dom":{"size":3433,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"06076cfeb2ae21a727ca41c3659d542e","sha1":"8d500dc77cff13ac02ed33ebef3a477d3bc11554","sha256":"1e9dbc4e913213216f16e1fba479d4a245e52e899f05a8d70f6b0d9feedd3008","sha512":"2cdeaf5d127d051805f739825ea5f32363027f30098b95c869f1d6311591924f7f887d090c247f438f17577ebcc3fb45c3d2754088fc2b946e4f70e55cbf8842","ssdeep":"","tlshash":"a5618c2084fa5867118392956e629a1a2fd2da038e0f5e00bbad1bce5fd7e83cc4354d","dom_hash":"domhash14cfaeabdc833e5f373a3cb467320572","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"dokument-cembra.com/e-dokument/web-tag/index.php","fqdn":"dokument-cembra.com","domain":"dokument-cembra.com","tld":"com"},"ip":{"addr":"209.97.149.25","port":0,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-27T10:14:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"dokument-cembra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"dokument-cembra.com","ip":{"addr":"209.97.149.25","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"domain_registered":"2026-06-21","domain_rank":0,"first_seen":"2026-06-22T01:15:55.436968Z","last_seen":"2026-06-22T01:15:55.436969Z","alert_count":6,"request_count":6,"received_data":298052,"sent_data":3256,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"dokument-cembra.com/e-dokument/web-tag/index.php","fqdn":"dokument-cembra.com","domain":"dokument-cembra.com","tld":"com"},"ip":{"addr":"209.97.149.25","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-22T10:13:46.309Z","timestamp":1782123226309,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dokument-cembra.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 10:30:43 GMT","end":"Sat, 19 Sep 2026 10:30:42 GMT"},"fingerprint":{"sha1":"0C:22:8F:BF:30:BA:A0:BA:D1:EB:1D:41:EC:3F:62:B1:AB:73:45:69","sha256":"C7:C3:5A:68:23:8E:9D:59:D9:E0:7B:4D:E7:A8:77:31:8C:BD:51:AC:92:B9:30:A5:49:5D:5B:B6:EC:2A:A7:23"}}},"request":{"raw":"GET /e-dokument/web-tag/index.php HTTP/1.1\r\nHost: dokument-cembra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Mon, 22 Jun 2026 10:13:46 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 1139\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nage: 26532\r\nx-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3456,"size_decoded":1383,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"68a0ef444240115f2fa1ff473a60d771","sha1":"4fe375ef621666801c0cfa911475f88d2e841be7","sha256":"1447584f52e94daf8c2beda31c3ba15c573e437e0130c46ffebf1aeb620c3164","sha512":"6e4fbed6461b9e21d1d77c015013a237b15a57d43be99b7e7534d718accfd0ef67e3feeb109a9ca767d5331706c8dbb352e060868b02a8a6f56bc073db39c659","ssdeep":"","tlshash":"f6618d2084f95867118292856e629a1a2fd2da038e4b5e00bbed5bce5fd7e83cc5354d","first_seen":"2024-08-20T14:54:43.510003Z","last_seen":"2026-06-24T01:08:45.172646Z","times_seen":6,"resource_available":true,"data":null}},"time_used":360,"timings":{"blocked":-1,"dns":53,"connect":98,"send":0,"wait":100,"receive":0,"ssl":108},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"dokument-cembra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dokument-cembra.com/e-dokument/web-tag/files/css/zwa9.css","fqdn":"dokument-cembra.com","domain":"dokument-cembra.com","tld":"com"},"ip":{"addr":"209.97.149.25","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://dokument-cembra.com/e-dokument/web-tag/index.php","date":"2026-06-22T10:13:46.927Z","timestamp":1782123226927,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dokument-cembra.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 10:30:43 GMT","end":"Sat, 19 Sep 2026 10:30:42 GMT"},"fingerprint":{"sha1":"0C:22:8F:BF:30:BA:A0:BA:D1:EB:1D:41:EC:3F:62:B1:AB:73:45:69","sha256":"C7:C3:5A:68:23:8E:9D:59:D9:E0:7B:4D:E7:A8:77:31:8C:BD:51:AC:92:B9:30:A5:49:5D:5B:B6:EC:2A:A7:23"}}},"request":{"raw":"GET /e-dokument/web-tag/files/css/zwa9.css HTTP/1.1\r\nHost: dokument-cembra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://dokument-cembra.com/e-dokument/web-tag/index.php\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Mon, 22 Jun 2026 10:13:46 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 13394\r\nvary: Accept-Encoding\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nlink: \u003chttps://dokument-cembra.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: gzip\r\nage: 303\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58538,"size_decoded":13727,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (16481)","md5":"38aa05eb190c85b5dd9ac3eebad34675","sha1":"8838655cbf695b38b0b47bfce30eccd2c71edfed","sha256":"3fcfe29c2c779c39637128a4223ab474fb005b272a7ceb194cee6c3e1fa78150","sha512":"88986e1f79620dec40f8ce171fc2a4ffe681ee619670445fdff89d46dddad84c2a1c10d98e8af6327fffbb747896b1a18f5518c706ea23dad393f8b3a785f0d8","ssdeep":"768:gAKmDH8b0aKOYJZdypcs8YnVS4bZMpm4wvSAIXuTVQUce4AjNuo0sCc:grwl5ypD88bZMpm4wvSAIXuTVQUEAjNJ","tlshash":"cb43d572937888f6397f832a9a45a3286258fe11ce4563e5f0f6d21454cddb709e3b0e","first_seen":"2026-06-22T10:14:10.630075Z","last_seen":"2026-06-22T10:14:10.630075Z","times_seen":1,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"dokument-cembra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dokument-cembra.com/e-dokument/web-tag/files/js/haraka.js","fqdn":"dokument-cembra.com","domain":"dokument-cembra.com","tld":"com"},"ip":{"addr":"209.97.149.25","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://dokument-cembra.com/e-dokument/web-tag/index.php","date":"2026-06-22T10:13:46.930Z","timestamp":1782123226930,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dokument-cembra.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 10:30:43 GMT","end":"Sat, 19 Sep 2026 10:30:42 GMT"},"fingerprint":{"sha1":"0C:22:8F:BF:30:BA:A0:BA:D1:EB:1D:41:EC:3F:62:B1:AB:73:45:69","sha256":"C7:C3:5A:68:23:8E:9D:59:D9:E0:7B:4D:E7:A8:77:31:8C:BD:51:AC:92:B9:30:A5:49:5D:5B:B6:EC:2A:A7:23"}}},"request":{"raw":"GET /e-dokument/web-tag/files/js/haraka.js HTTP/1.1\r\nHost: dokument-cembra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://dokument-cembra.com/e-dokument/web-tag/index.php\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Mon, 22 Jun 2026 10:13:46 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 13367\r\nvary: Accept-Encoding\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nlink: \u003chttps://dokument-cembra.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: gzip\r\nage: 302\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":58537,"size_decoded":13700,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (16481)","md5":"c959fc5986c6d9970b2ca0a7e9378fb0","sha1":"d27217139908964d3b8f425abe487189cf047a29","sha256":"ac5e5054c3e594b214845470ee3b658cd44003b257a9429ec718186736e88ef5","sha512":"842b45a7b91d50f8537018353cf3a6b4161c2fc71e72920da3cc65df59c12e9ecfb8d16eda253d0c5be17a31b700ff3e3abc113fc4bb6813edefe622950cc147","ssdeep":"768:gAKmDH8b0aKOYJZdypcs8YnVS4bZMpm4wvSAIXuTVQUce4AjNuo0sCM:grwl5ypD88bZMpm4wvSAIXuTVQUEAjNv","tlshash":"5c43d572937888f6397f832a9a45a3286258fe11ce4563e5f0f6d21454cddb709e3b0e","first_seen":"2026-06-22T10:14:10.631295Z","last_seen":"2026-06-22T10:14:10.631295Z","times_seen":1,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"dokument-cembra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dokument-cembra.com/e-dokument/web-tag/files/media/loading.gif","fqdn":"dokument-cembra.com","domain":"dokument-cembra.com","tld":"com"},"ip":{"addr":"209.97.149.25","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dokument-cembra.com/e-dokument/web-tag/index.php","date":"2026-06-22T10:13:46.938Z","timestamp":1782123226938,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dokument-cembra.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 10:30:43 GMT","end":"Sat, 19 Sep 2026 10:30:42 GMT"},"fingerprint":{"sha1":"0C:22:8F:BF:30:BA:A0:BA:D1:EB:1D:41:EC:3F:62:B1:AB:73:45:69","sha256":"C7:C3:5A:68:23:8E:9D:59:D9:E0:7B:4D:E7:A8:77:31:8C:BD:51:AC:92:B9:30:A5:49:5D:5B:B6:EC:2A:A7:23"}}},"request":{"raw":"GET /e-dokument/web-tag/files/media/loading.gif HTTP/1.1\r\nHost: dokument-cembra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://dokument-cembra.com/e-dokument/web-tag/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Mon, 22 Jun 2026 10:13:46 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 13371\r\nvary: Accept-Encoding\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nlink: \u003chttps://dokument-cembra.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: gzip\r\nage: 302\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":58537,"size_decoded":13704,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (16481)","md5":"24c0fbe59437575f97be94c4af54374c","sha1":"7c50c76a6dec68b6baa374b3ab029c6956567402","sha256":"7fac4db4fc9122f323b83c324a264c564b8125e41ca0b49a793c5cf2233a6b57","sha512":"697193aa2ec33fc71fd2327d983be57f4bbb3434c73b407ec5eb78cc27c55ca681b1d4f1644ebf1fe8a50c5b1c4b08a697c0b501f3cf9de8030caf20aaa5fe2c","ssdeep":"768:gAKmDH8b0aKOYJZdypcs8YnVS4bZMpm4wvSAIXuTVQUce4AjNuo0sCt:grwl5ypD88bZMpm4wvSAIXuTVQUEAjNW","tlshash":"ad43d572937888f6397f832a9a45a3286258fe11ce4563e5f0f6d21454cddb709e3b0e","first_seen":"2026-06-22T10:14:10.632368Z","last_seen":"2026-06-22T10:14:10.632368Z","times_seen":1,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"dokument-cembra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dokument-cembra.com/e-dokument/web-tag/files/media/cembra-money-bank.jpg","fqdn":"dokument-cembra.com","domain":"dokument-cembra.com","tld":"com"},"ip":{"addr":"209.97.149.25","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dokument-cembra.com/e-dokument/web-tag/index.php","date":"2026-06-22T10:13:46.940Z","timestamp":1782123226940,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dokument-cembra.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 10:30:43 GMT","end":"Sat, 19 Sep 2026 10:30:42 GMT"},"fingerprint":{"sha1":"0C:22:8F:BF:30:BA:A0:BA:D1:EB:1D:41:EC:3F:62:B1:AB:73:45:69","sha256":"C7:C3:5A:68:23:8E:9D:59:D9:E0:7B:4D:E7:A8:77:31:8C:BD:51:AC:92:B9:30:A5:49:5D:5B:B6:EC:2A:A7:23"}}},"request":{"raw":"GET /e-dokument/web-tag/files/media/cembra-money-bank.jpg HTTP/1.1\r\nHost: dokument-cembra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://dokument-cembra.com/e-dokument/web-tag/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Mon, 22 Jun 2026 10:13:46 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 13372\r\nvary: Accept-Encoding\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nlink: \u003chttps://dokument-cembra.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: gzip\r\nage: 302\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58537,"size_decoded":13705,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (16481)","md5":"75be42a77e1c205aa8978573854fe32c","sha1":"9099e2f025604e4dbd60a481f353aecb7b727333","sha256":"3037fa4d6552f93f2b01cd3632f7438a78ea66ec37aae363832e0fe2a7f378ab","sha512":"4b27d8bce4601a846ffd5215aed8abae74f53d28bc0263467d7fd266158f637458e5c502abdb2ec98601071bedb993e06b024d71a56fe8feeafb9074b085023d","ssdeep":"768:gAKmDH8b0aKOYJZdypcs8YnVS4bZMpm4wvSAIXuTVQUce4AjNuo0sCt:grwl5ypD88bZMpm4wvSAIXuTVQUEAjNK","tlshash":"1443d572937888f6397f832a9a45a3286258fe11ce4563e5f0f6d21454cddb709e3b0e","first_seen":"2026-06-22T10:14:10.633313Z","last_seen":"2026-06-22T10:14:10.633313Z","times_seen":1,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":316,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"dokument-cembra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dokument-cembra.com/e-dokument/web-tag/files/media/favicon.ico","fqdn":"dokument-cembra.com","domain":"dokument-cembra.com","tld":"com"},"ip":{"addr":"209.97.149.25","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dokument-cembra.com/e-dokument/web-tag/index.php","date":"2026-06-22T10:13:47.263Z","timestamp":1782123227263,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dokument-cembra.com","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Jun 2026 10:30:43 GMT","end":"Sat, 19 Sep 2026 10:30:42 GMT"},"fingerprint":{"sha1":"0C:22:8F:BF:30:BA:A0:BA:D1:EB:1D:41:EC:3F:62:B1:AB:73:45:69","sha256":"C7:C3:5A:68:23:8E:9D:59:D9:E0:7B:4D:E7:A8:77:31:8C:BD:51:AC:92:B9:30:A5:49:5D:5B:B6:EC:2A:A7:23"}}},"request":{"raw":"GET /e-dokument/web-tag/files/media/favicon.ico HTTP/1.1\r\nHost: dokument-cembra.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://dokument-cembra.com/e-dokument/web-tag/index.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Mon, 22 Jun 2026 10:13:47 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 13373\r\nvary: Accept-Encoding\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nlink: \u003chttps://dokument-cembra.com/wp-json/\u003e; rel=\"https://api.w.org/\"\r\ncontent-encoding: gzip\r\nage: 302\r\nx-cache: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress Site Editor","description":"Full Site Editing enables users to design and customize their entire WordPress website with a block-based editor.","website":"https://wordpress.org/documentation/article/site-editor/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":58538,"size_decoded":13706,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (16481)","md5":"6f99f60a71560c4067077a873c3d915b","sha1":"bfb5a8a467c358dee94593424fb0ab3024248923","sha256":"f4cd5e47db24333dbeadd5ff149980beba28cb439ac8fcd8526428d0526cdc00","sha512":"62ee5080c0de23a1ba43415d08c162d7fefae03c8b906cd4742ff8916cf9e343550d11da9ae5a556781851b2eb0dc76f6ab5cf4e9cf90eea779bb74cd2947a40","ssdeep":"768:gAKmDH8b0aKOYJZdypcs8YnVS4bZMpm4wvSAIXuTVQUce4AjNuo0sC4:grwl5ypD88bZMpm4wvSAIXuTVQUEAjNB","tlshash":"4e43d572937888f6397f832a9a45a3286258fe11ce4563e5f0f6d21454cddb709e3b0e","first_seen":"2026-06-22T10:14:10.634573Z","last_seen":"2026-06-22T10:14:10.634573Z","times_seen":1,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-22","alert":"Sinkholed","trigger":"dokument-cembra.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}
