{"report_id":"b15a8e63-471a-4291-817f-0ceb458ae9f5","version":0,"status":"done","tags":[],"date":"2026-06-17T16:36:01Z","url":{"schema":"http","addr":"noah-scheurer.de/BradySandahl","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":0,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"noah-scheurer.de/BradySandahl/download.html","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"title":"Background Image Page","dom":{"size":3283,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"08d1b1388cd7ed039dcfdb1594d00873","sha1":"019113e83b04c6c04b836b65d27c87b364a3053d","sha256":"f3c6e32e47039bb9d457bd72222abd85ab199ed45578551865a4579c3d1c9f3e","sha512":"a95474f1d6e5bd7292e70f6fdfdd8abfcc9c83556028716aa8c5af7b5c093791a2052f87477494bf951eb6da73cb8ff5abdfd7653cba21d6c9599cf6382076bf","ssdeep":"","tlshash":"6961614ba9f3045b390790716bf36b062665c003d20aca9d3fbd62e8cf84a9590b73cc","dom_hash":"domhashf0beb57d2b4a3816e43aeb33d370eb26","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"noah-scheurer.de/BradySandahl","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":0,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T16:36:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"noah-scheurer.de","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"noah-scheurer.de","ip":{"addr":"193.34.145.201","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-17T16:36:01.30246Z","last_seen":"2026-06-17T16:36:01.30246Z","alert_count":24,"request_count":8,"received_data":149744,"sent_data":4290,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-14T22:19:01.724334Z","alert_count":0,"request_count":2,"received_data":17256,"sent_data":1084,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-14T22:22:05.140579Z","alert_count":0,"request_count":1,"received_data":5476,"sent_data":534,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"api.ipify.org","ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2026-06-16T01:59:39.589743Z","alert_count":0,"request_count":1,"received_data":269,"sent_data":470,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"noah-scheurer.de/BradySandahl/","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"9ccf3b316eee02eb4fedd533e127d9cd","sha1":"b4071bc96e7ba397263609de470773c28c84d612","sha256":"2d7e2ae2ea9c8731364660a8d85ad63c1d410ba60d2dd9826eb4d43a613dbea8","sha512":"9cab779d4e2ecd8ee8c23dea6370d0ce6e6f0cb39e8a3462bf38d9b9d589a11b5311622ca4a3032bd6aef70df3c02900546314009cce66fc5874ffe2407f6db1","ssdeep":"","tlshash":"9221e21d309a30262693b968cb5fb0073133405b584adb80f99e9788af17239527bfde","size":1340,"data":"","first_seen":"2026-06-09T08:58:54.367821Z","last_seen":"2026-06-17T16:36:05.654462Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"noah-scheurer.de/BradySandahl/download.html","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"4b364ec6ffb15307bbf38c7316e0ce77","sha1":"8c75549a9dc238c8c4ca08d19b289fbb7ce163e7","sha256":"eb990b78a6158d4ad3a61d550b4dae6c9e0e5f21e9d9840d051e5671451076b8","sha512":"e9c3e9f811ef75f37cc5448ff9122a09939a2d99a5c2eff7c4f9ba5d29f084c041f0a5771aaecd0e345849b24cc04262f6b7ad7b7d7f7fdce3d15e8c9dd8cac0","ssdeep":"","tlshash":"ade0d85b74a70ab81f9b54764aa75a84707290571408d204397e86900f75e5d343e7de","size":379,"data":"","first_seen":"2026-06-09T08:58:54.373482Z","last_seen":"2026-06-17T16:36:05.655517Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"noah-scheurer.de/BradySandahl","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T16:35:34.462Z","timestamp":1781714134462,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.noah-scheurer.de","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 11:05:42 GMT","end":"Sun, 09 Aug 2026 11:05:41 GMT"},"fingerprint":{"sha1":"40:B8:9F:74:DD:B2:A0:93:F4:78:50:6B:D9:28:9D:4E:50:65:6F:88","sha256":"C6:DC:4C:14:3C:82:55:C3:8E:15:0C:46:E6:9A:4A:68:B6:A6:F5:C5:9F:47:E0:66:E0:E6:36:38:10:BC:B7:C2"}}},"request":{"raw":"GET /BradySandahl HTTP/1.1\r\nHost: noah-scheurer.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 \r\nlocation: https://noah-scheurer.de/BradySandahl/\r\ncontent-length: 286\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Wed, 17 Jun 2026 16:35:38 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-17T20:31:20.825331Z","times_seen":16492214,"resource_available":true,"data":null}},"time_used":4122,"timings":{"blocked":-1,"dns":4005,"connect":28,"send":0,"wait":29,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"noah-scheurer.de","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noah-scheurer.de/BradySandahl/","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T16:35:38.591Z","timestamp":1781714138591,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.noah-scheurer.de","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 11:05:42 GMT","end":"Sun, 09 Aug 2026 11:05:41 GMT"},"fingerprint":{"sha1":"40:B8:9F:74:DD:B2:A0:93:F4:78:50:6B:D9:28:9D:4E:50:65:6F:88","sha256":"C6:DC:4C:14:3C:82:55:C3:8E:15:0C:46:E6:9A:4A:68:B6:A6:F5:C5:9F:47:E0:66:E0:E6:36:38:10:BC:B7:C2"}}},"request":{"raw":"GET /BradySandahl/ HTTP/1.1\r\nHost: noah-scheurer.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Fri, 25 Apr 2025 21:10:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2786\r\ncontent-type: text/html\r\ndate: Wed, 17 Jun 2026 16:35:38 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2786,"size_decoded":2989,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"da134be21960758a659f4f0ce0ba86c3","sha1":"ac25e67b07289650b5b9e5f7f77e981169ed8811","sha256":"9cc0dfa491f5eebdca6a351e699886946b0b96fdbcb7d454ea15af2fffdf6b93","sha512":"25adefa89dcba27495fc9b039395fb14232ecc110bd2ae118cf579e1e9ea0987404c3910faf6494f1ff9e3c537e234f18ed6e7079ccdd3aa1ce8d147a2e62247","ssdeep":"","tlshash":"dd51501a708460175133f7b49f67a109faa380279747c691baed938a9f72218c563fce","first_seen":"2025-10-24T02:40:46.132367Z","last_seen":"2026-06-17T16:36:05.643035Z","times_seen":529,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"noah-scheurer.de","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noah-scheurer.de/BradySandahl/adobe-logo.png","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noah-scheurer.de/BradySandahl/","date":"2026-06-17T16:35:38.826Z","timestamp":1781714138826,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.noah-scheurer.de","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 11:05:42 GMT","end":"Sun, 09 Aug 2026 11:05:41 GMT"},"fingerprint":{"sha1":"40:B8:9F:74:DD:B2:A0:93:F4:78:50:6B:D9:28:9D:4E:50:65:6F:88","sha256":"C6:DC:4C:14:3C:82:55:C3:8E:15:0C:46:E6:9A:4A:68:B6:A6:F5:C5:9F:47:E0:66:E0:E6:36:38:10:BC:B7:C2"}}},"request":{"raw":"GET /BradySandahl/adobe-logo.png HTTP/1.1\r\nHost: noah-scheurer.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://noah-scheurer.de/BradySandahl/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Fri, 25 Apr 2025 14:52:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 70680\r\ncontent-type: image/png\r\ndate: Wed, 17 Jun 2026 16:35:38 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":70680,"size_decoded":70884,"mime_type":"image/png","magic":"PNG image data, 2560 x 1388, 8-bit/color RGBA, non-interlaced","md5":"551cebb68623d1956a018b01f6326fcc","sha1":"dd070fd3307692b09b9f32c36b4e35954213d011","sha256":"d6abcfa2c801a96cede081943aac15b67f6478be14d38d556d63545d6cba03a0","sha512":"01569b594b684064daafe639f1fb8fbfdfa6632ba6962d4aec078dde122026aafdee2619ba64aff9961f9c2bd5ea7ba06a90c3d200325bc86ee5bc28ab151ac4","ssdeep":"1536:eAnf1GggwOj0bLFohp4vfoM3Qln25nCGkh8SrVOYOkqzkKrDR:J8ZKoLCfx5CNVOYOXzkK/R","tlshash":"b063f158569feb9ececc1532a83f881a2ec4b7a9831152cc43a4ff79acd18925dc40d3","first_seen":"2025-04-28T21:29:56.842472Z","last_seen":"2026-06-17T16:36:05.644138Z","times_seen":573,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"noah-scheurer.de","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://noah-scheurer.de/BradySandahl/","date":"2026-06-17T16:35:38.941Z","timestamp":1781714138941,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://noah-scheurer.de\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7748\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 11 Jun 2026 03:05:19 GMT\r\nexpires: Fri, 11 Jun 2027 03:05:19 GMT\r\ncache-control: public, max-age=31536000\r\nage: 567019\r\nlast-modified: Mon, 15 Sep 2025 16:36:26 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":7748,"size_decoded":8560,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7748, version 1.0","md5":"a09f2fccfee35b7247b08a1a266f0328","sha1":"0da2d17e738f46d2a09e6fb7969da451719a9820","sha256":"cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446","sha512":"5e3f9a298003b84250ec6801e08ad2a4ff8845d4c3e13ea61bec37da24d26ede13b436257882124cc0c27e9a323ba92e7d23c6ad3f48a7b75535f5ed98813a0e","ssdeep":"96:0g6vAF/FXh6MmoI56TEwosGU/DbVF/QBT1gaHEYT6u/w3hXLbJPAS772+6haAftj:zp6x6TYpoDYBJg8TRkbJPAS/2+CzQa7","tlshash":"f3f19de65d1e5e8980f0102f6f6efce767950d88141dadf9a9e72f884c6ba1b04c90cd","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-06-17T20:22:17.257824Z","times_seen":246988,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":19,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"noah-scheurer.de/favicon.ico","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noah-scheurer.de/BradySandahl/","date":"2026-06-17T16:35:39.075Z","timestamp":1781714139075,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.noah-scheurer.de","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 11:05:42 GMT","end":"Sun, 09 Aug 2026 11:05:41 GMT"},"fingerprint":{"sha1":"40:B8:9F:74:DD:B2:A0:93:F4:78:50:6B:D9:28:9D:4E:50:65:6F:88","sha256":"C6:DC:4C:14:3C:82:55:C3:8E:15:0C:46:E6:9A:4A:68:B6:A6:F5:C5:9F:47:E0:66:E0:E6:36:38:10:BC:B7:C2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: noah-scheurer.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://noah-scheurer.de/BradySandahl/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncontent-length: 355\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Wed, 17 Jun 2026 16:35:39 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":509,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-17T20:27:52.352225Z","times_seen":40660,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"noah-scheurer.de","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noah-scheurer.de/BradySandahl/download.html","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T16:35:44.086Z","timestamp":1781714144086,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.noah-scheurer.de","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 11:05:42 GMT","end":"Sun, 09 Aug 2026 11:05:41 GMT"},"fingerprint":{"sha1":"40:B8:9F:74:DD:B2:A0:93:F4:78:50:6B:D9:28:9D:4E:50:65:6F:88","sha256":"C6:DC:4C:14:3C:82:55:C3:8E:15:0C:46:E6:9A:4A:68:B6:A6:F5:C5:9F:47:E0:66:E0:E6:36:38:10:BC:B7:C2"}}},"request":{"raw":"GET /BradySandahl/download.html HTTP/1.1\r\nHost: noah-scheurer.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://noah-scheurer.de/BradySandahl/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Tue, 16 Jun 2026 13:24:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3431\r\ncontent-type: text/html\r\ndate: Wed, 17 Jun 2026 16:35:44 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3431,"size_decoded":3634,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"7f118d9d4b944b54facc41bbaf52a784","sha1":"142d96a166c5a5daee5453239a6d4cdc1490371d","sha256":"b79c197be23a3850ef5721383455efd284d7bf97d33e76e64c603383fa41c6e7","sha512":"2e6052f17ba501a2ee4e4eaf622fe46ab93012a12687a206d5f6827139a48c71a89328801b48251442efee50b0e00866f54ab5563660f75dde1f335e0aa1a246","ssdeep":"","tlshash":"1b61512ae9c6044b253792b5bff35709eb66c0438302465a3bbe32938fb494480b77cd","first_seen":"2026-06-17T16:36:05.648336Z","last_seen":"2026-06-17T16:36:05.648336Z","times_seen":1,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":41,"dns":0,"connect":49,"send":132,"wait":25,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"noah-scheurer.de","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noah-scheurer.de/favicon.ico","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noah-scheurer.de/BradySandahl/download.html","date":"2026-06-17T16:35:44.367Z","timestamp":1781714144367,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.noah-scheurer.de","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 11:05:42 GMT","end":"Sun, 09 Aug 2026 11:05:41 GMT"},"fingerprint":{"sha1":"40:B8:9F:74:DD:B2:A0:93:F4:78:50:6B:D9:28:9D:4E:50:65:6F:88","sha256":"C6:DC:4C:14:3C:82:55:C3:8E:15:0C:46:E6:9A:4A:68:B6:A6:F5:C5:9F:47:E0:66:E0:E6:36:38:10:BC:B7:C2"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: noah-scheurer.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://noah-scheurer.de/BradySandahl/download.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncontent-length: 355\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Wed, 17 Jun 2026 16:35:44 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":509,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-17T20:27:52.352225Z","times_seen":40660,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"noah-scheurer.de","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://noah-scheurer.de/BradySandahl/","date":"2026-06-17T16:35:38.822Z","timestamp":1781714138822,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:19 GMT","end":"Mon, 17 Aug 2026 08:38:18 GMT"},"fingerprint":{"sha1":"4D:E0:8E:62:2F:B2:3D:28:5D:7D:B5:8D:C5:3A:72:E4:EE:AB:7D:93","sha256":"AE:0B:4F:B5:B7:41:E5:0C:70:C0:E1:2A:F9:DB:AD:A8:64:94:F3:70:6D:38:1C:8A:8A:CA:52:96:5C:D8:5C:87"}}},"request":{"raw":"GET /css2?family=Poppins:wght@200;300;400;500\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://noah-scheurer.de/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 17 Jun 2026 16:35:38 GMT\r\ndate: Wed, 17 Jun 2026 16:35:38 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4792,"size_decoded":1228,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"9c04b1c3bad01ee0643591b8168c92c6","sha1":"4e0ac3442c265e0441943ec104165b3cf45bc98a","sha256":"f00e3b44e7e737f2378b812e15467d71a5d4907350082c7089894e5bf0b3150c","sha512":"dd8c420a800322c5b7d035d87eac72f5cc217cf6cabc06f440c8ab969f617415307db7c2f0aae1c6b2345a3a64ece811c17b8674bdad34c361e54d2665c02a02","ssdeep":"96:SO6aKO6ayJc+ukO6aVN3O1arO1aTJc+ukO1aaN3OEanOEaCJc+ukOEauN3OXa3Oc:/HaedhHdPgKQcXr3B","tlshash":"67a19bd1087be114ab831cc123ce6d36ee1ea155b810e5786bfd0c98adabc654372b2d","first_seen":"2025-10-24T02:40:46.13371Z","last_seen":"2026-06-17T16:36:05.650292Z","times_seen":594,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":3,"connect":14,"send":0,"wait":31,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://noah-scheurer.de/BradySandahl/","date":"2026-06-17T16:35:38.929Z","timestamp":1781714138929,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:18 GMT","end":"Mon, 17 Aug 2026 08:38:17 GMT"},"fingerprint":{"sha1":"C4:91:D1:0E:C2:A8:68:24:7B:00:2B:4A:EB:42:41:E0:29:E2:4E:A0","sha256":"68:29:56:08:39:D8:99:7B:20:CC:14:D3:4F:4D:D2:55:68:A6:27:DC:52:E9:7B:CF:CE:6B:D3:13:BC:97:65:C1"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://noah-scheurer.de\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 11 Jun 2026 02:57:02 GMT\r\nexpires: Fri, 11 Jun 2027 02:57:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 567516\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":7884,"size_decoded":8696,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-06-17T20:19:47.184684Z","times_seen":358426,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":2,"connect":30,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=json","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"172.67.74.152","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://noah-scheurer.de/BradySandahl/","date":"2026-06-17T16:35:38.938Z","timestamp":1781714138938,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Apr 2026 21:16:17 GMT","end":"Tue, 28 Jul 2026 22:16:15 GMT"},"fingerprint":{"sha1":"6D:CC:48:D6:E1:8C:50:0D:7C:B9:13:15:F0:18:E0:73:56:59:60:F7","sha256":"00:FD:76:18:CB:8D:B6:5A:4C:B7:0A:37:77:28:B1:01:5C:3D:6A:E4:2D:06:02:C1:9D:B8:6B:F8:6F:F8:31:77"}}},"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://noah-scheurer.de/\r\nOrigin: https://noah-scheurer.de\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Wed, 17 Jun 2026 16:35:39 GMT\r\ncontent-type: application/json\r\ncontent-length: 23\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncf-ray: a0d377f87f2556b1-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23,"size_decoded":269,"mime_type":"application/json","magic":"JSON text data","md5":"89ce651b6247763c936aa53e3de7ae7e","sha1":"0bd907f116da6ed86edff10996dcbcd864929bb9","sha256":"9c2bf05b6b893ddefa78d66acdec27b47929f712174094485fa5de2d26d41748","sha512":"854e79e40874cb9f102b3091ab20d88bafc0fc83a77f498718c85cf44100ace5f7a3cb99db5375098ccd79c72b3d095d3445eb25f51620c649680e948edef7bc","ssdeep":"","tlshash":"5c70008200300a008080020208880030a08a228220828e08838823320cc0220a000032","first_seen":"2025-12-20T00:24:27.675016Z","last_seen":"2026-06-17T16:36:05.651922Z","times_seen":243,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":3,"connect":1,"send":0,"wait":104,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"noah-scheurer.de/BradySandahl/adobe-logo-2017.png","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noah-scheurer.de/BradySandahl/download.html","date":"2026-06-17T16:35:44.288Z","timestamp":1781714144288,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.noah-scheurer.de","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 11:05:42 GMT","end":"Sun, 09 Aug 2026 11:05:41 GMT"},"fingerprint":{"sha1":"40:B8:9F:74:DD:B2:A0:93:F4:78:50:6B:D9:28:9D:4E:50:65:6F:88","sha256":"C6:DC:4C:14:3C:82:55:C3:8E:15:0C:46:E6:9A:4A:68:B6:A6:F5:C5:9F:47:E0:66:E0:E6:36:38:10:BC:B7:C2"}}},"request":{"raw":"GET /BradySandahl/adobe-logo-2017.png HTTP/1.1\r\nHost: noah-scheurer.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://noah-scheurer.de/BradySandahl/download.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Fri, 25 Apr 2025 14:12:59 GMT\r\naccept-ranges: bytes\r\ncontent-length: 19877\r\ncontent-type: image/png\r\ndate: Wed, 17 Jun 2026 16:35:44 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":19877,"size_decoded":20081,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced","md5":"e67a678815f9017921a8155d736e8e2c","sha1":"96c665f9538353db9871cff1a0544770518f5f1b","sha256":"dfb997ee526ce42483b1c190c2118821e931835f503fee6abe1bb8e4bef69dcc","sha512":"7ba4c7004ee981a8a26acc9d7017706b5979293440df161247caee88cd84fa6885493605842b3f6b4b4ffe7d4a4d97febcdbe30eb2188448fb41c33e8848928f","ssdeep":"384:bCIWq3zyX0NSh/iRerDruNPtuzyZkznD9MoZjUHMDH26jBUlNb:bCe3zyreSk13kznD9Majdj26jm/","tlshash":"1f92c067363346a2c19c1f3256daca672763d633185b4f2126e2b458ccfb702b317b02","first_seen":"2025-04-28T21:29:56.840393Z","last_seen":"2026-06-17T16:36:05.652656Z","times_seen":503,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"noah-scheurer.de","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noah-scheurer.de/BradySandahl/Screenshot%202025-04-25%20161700.png","fqdn":"noah-scheurer.de","domain":"noah-scheurer.de","tld":"de"},"ip":{"addr":"193.34.145.201","port":443,"asn":51167,"as":"Contabo GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noah-scheurer.de/BradySandahl/download.html","date":"2026-06-17T16:35:44.291Z","timestamp":1781714144291,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"autodiscover.noah-scheurer.de","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 11:05:42 GMT","end":"Sun, 09 Aug 2026 11:05:41 GMT"},"fingerprint":{"sha1":"40:B8:9F:74:DD:B2:A0:93:F4:78:50:6B:D9:28:9D:4E:50:65:6F:88","sha256":"C6:DC:4C:14:3C:82:55:C3:8E:15:0C:46:E6:9A:4A:68:B6:A6:F5:C5:9F:47:E0:66:E0:E6:36:38:10:BC:B7:C2"}}},"request":{"raw":"GET /BradySandahl/Screenshot%202025-04-25%20161700.png HTTP/1.1\r\nHost: noah-scheurer.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://noah-scheurer.de/BradySandahl/download.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Fri, 25 Apr 2025 13:46:15 GMT\r\naccept-ranges: bytes\r\ncontent-length: 50730\r\ncontent-type: image/png\r\ndate: Wed, 17 Jun 2026 16:35:44 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":50730,"size_decoded":50934,"mime_type":"image/png","magic":"PNG image data, 1919 x 905, 8-bit/color RGBA, non-interlaced","md5":"969fd557eba0534f7bbbc9568f3352eb","sha1":"c6efbbfd283cf69aa142355d77b67fbf83abdbe9","sha256":"b77fa58e6433a52e56d0d4ccc8656c630fe7ebb7a83ce698863651722a5f5e07","sha512":"2acc31e681ad0d5a113434a4b80ba7a5c4f068d282ebf372ef2d5e7f87f19a677d047486d0a2408097568ea2287dcef3fe5f0cb20c68df2c3d1d0e96f3ffe339","ssdeep":"1536:++rBcFGSBUpuaDEAxe18fYEYgwaU+W4NVYiwAg:++rBWhB4ueEAI/EYdai48p","tlshash":"6833af560d26c50aeca799397e72aff537010eec233883589bfcd0c157991f5ae409b8","first_seen":"2025-10-24T02:40:46.131091Z","last_seen":"2026-06-17T16:36:05.653597Z","times_seen":459,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"noah-scheurer.de","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-17","alert":"Phishing Block","trigger":"noah-scheurer.de","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}