{"report_id":"b90c3dfe-ebaf-4993-beca-ff025d8180b0","version":0,"status":"done","tags":[],"date":"2026-07-03T00:11:53Z","url":{"schema":"http","addr":"dovishfinancialservices.com/wp-content/uploads/2026/43rd/index.html","fqdn":"dovishfinancialservices.com","domain":"dovishfinancialservices.com","tld":"com"},"ip":{"addr":"162.240.231.219","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"title":"Fifth Third Banking Login | Fifth Third Bank","dom":{"size":112941,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (60957)","md5":"186e58a6c82cad959abd5f7cf773d634","sha1":"cd9c3bb24aeb4dfee8e39bb949c5abb7da1aa854","sha256":"05cc3303a47967a921b82bc2262552d05f373e0bc7ddf075bc0f4885cf9f2aed","sha512":"3994b2987681de06362fa38bec8f730facdcbb2b43c54c349c73c507f04885b26403a5f19bf66486505d7b76a3f3a34e4be6c292e57ceeaf29a5df4d42d8fe55","ssdeep":"768:H27UAwKFY0Tv7MzSO+iDNZK7FT1xbL0T+nSMV2BFxFGoIJX7+M3:W7nFY0TznCKGT+nSMV2jf+3","tlshash":"8fb3d822a4b6342d7013b352bd523b9c3964c247de834caef69d6f67cbc3a96021674d","dom_hash":"domhasha729874e2275e02e876dd9bf2bac2605","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"dovishfinancialservices.com/wp-content/uploads/2026/43rd/index.html","fqdn":"dovishfinancialservices.com","domain":"dovishfinancialservices.com","tld":"com"},"ip":{"addr":"162.240.231.219","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-07T00:11:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"dovishfinancialservices.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"dovishfinancialservices.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"brambach.edvpartner-work2.de","ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-01-05T02:03:03.175126Z","last_seen":"2026-07-02T22:51:55.635896Z","alert_count":108,"request_count":108,"received_data":4720684,"sent_data":70478,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]},{"name":"Joomla","description":"Joomla is a free and open-source content management system for publishing web content.","website":"https://www.joomla.org/","common_platform_enumeration":"cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*","icon":"Joomla.svg","categories":["CMS"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"dovishfinancialservices.com","ip":{"addr":"162.240.231.219","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"2024-01-11","domain_rank":0,"first_seen":"2025-10-21T15:26:26.706901Z","last_seen":"2026-07-02T22:51:55.408621Z","alert_count":4,"request_count":2,"received_data":54196,"sent_data":1104,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Redux Framework:4.4.17","description":"Redux Framework is a modular PHP library that allows developers to create customisable settings panels and controls for WordPress projects, providing a consistent user interface for managing options and settings.","website":"https://redux.io","common_platform_enumeration":"","icon":"Redux Framework.svg","categories":["WordPress plugins"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Contact Form 7:6.1.6","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"WooCommerce:10.5.2","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Elementor:4.1.4","description":"Elementor is a website builder platform for professionals on WordPress.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Page builders","WordPress plugins"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"70fb4ad79461f9f3cf12144e0eeedab7","sha1":"817f14433df80af1d4478397cae827ead0777a76","sha256":"41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c","sha512":"85ccf71a864b7e353fcf53b202b1af33575582bce959c5378e761a0ba92573681dcbd1f1ac5926a1699c5186eb69e4be57f1964a07efeaea6bf5f7f8455c903f","ssdeep":"768:dvcCeFII+nEkM2ZeKMCl4xCPkjQeNxtCxH/dnNYyeWMikoW/j0rygG9k:dE3UtM2ZeKMCWxCPAAfdNUaWIx","tlshash":"62533269835c9b6ce74047b4e23871d633efb07aa2a95658e9816330f0098f76c7d67c","size":64028,"data":"","first_seen":"2023-03-14T02:37:53Z","last_seen":"2026-07-03T00:11:58.329391Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"cf6427b06f8e8234f5fb12b5e69c143a","sha1":"6c413b999203944ce90429071f37999202df9e5b","sha256":"01f410ae353c9a450c50053dcb8c0ecc5305a7f7d4a69134568c45699026c810","sha512":"bcf4c69ca2eef0397bcadec05f20eba43d1ad013c2f77ada6c7fca6d5bfe6faeae762c751846e69a0ae129b105259cde58fa9d02482bea1624b8cf0ffa200689","ssdeep":"","tlshash":"aed0a76a7dae10344933756a5b5ee284a73b2047508089057a0cc8850fd11152451d69","size":251,"data":"","first_seen":"2023-03-07T01:33:22Z","last_seen":"2026-07-03T00:11:58.345355Z","times_seen":190,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"daee9796f0c057bac61646fc4800dc24","sha1":"32574e8ead126ef6c31dada4865a19f0d5b55c48","sha256":"511dbf1f7425c8206980feb0990eda2841121e7ab2465615e17040cfc50c7f3a","sha512":"a2dce282f6c2adcabba884326ed1d65a20d63f660f30f5a8088fc2390470f5160c0e190421ffcd516a4f64f0808b76b39e2991f5d520326aa99d5b9d866f7e5f","ssdeep":"","tlshash":"3ef0f61fa0a130809e373a38882bc764aca3605311818d427ddc0bd0af75e7f0567f1e","size":624,"data":"","first_seen":"2026-07-02T22:51:56.886397Z","last_seen":"2026-07-03T00:11:58.345877Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"b292d411114e9eab90721b96e0f51fa8","sha1":"df8e3c78c0ef86c282e309e2753a165f172da92e","sha256":"f6a58a039c46356be7052e6f93d4646648adb132c09494f53c8a0ae059a93869","sha512":"7bf380d08356cdca44a6cfc14c9a6baff6819dd6d5ca468e02b6b347dded1ac70921b23b2be2aeb0f3bfa7defd0799262c083391edc486e47e1efad5c37cfe12","ssdeep":"","tlshash":"ef600000000f00000030300c0300cc00330c300000c3000cf0f0003c3c30c33c00033c","size":16,"data":"","first_seen":"2023-03-07T12:05:42Z","last_seen":"2026-07-03T00:11:58.346482Z","times_seen":265,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"cf6427b06f8e8234f5fb12b5e69c143a","sha1":"6c413b999203944ce90429071f37999202df9e5b","sha256":"01f410ae353c9a450c50053dcb8c0ecc5305a7f7d4a69134568c45699026c810","sha512":"bcf4c69ca2eef0397bcadec05f20eba43d1ad013c2f77ada6c7fca6d5bfe6faeae762c751846e69a0ae129b105259cde58fa9d02482bea1624b8cf0ffa200689","ssdeep":"","tlshash":"aed0a76a7dae10344933756a5b5ee284a73b2047508089057a0cc8850fd11152451d69","size":251,"data":"","first_seen":"2023-03-07T01:33:22Z","last_seen":"2026-07-03T00:11:58.345355Z","times_seen":190,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"daee9796f0c057bac61646fc4800dc24","sha1":"32574e8ead126ef6c31dada4865a19f0d5b55c48","sha256":"511dbf1f7425c8206980feb0990eda2841121e7ab2465615e17040cfc50c7f3a","sha512":"a2dce282f6c2adcabba884326ed1d65a20d63f660f30f5a8088fc2390470f5160c0e190421ffcd516a4f64f0808b76b39e2991f5d520326aa99d5b9d866f7e5f","ssdeep":"","tlshash":"3ef0f61fa0a130809e373a38882bc764aca3605311818d427ddc0bd0af75e7f0567f1e","size":624,"data":"","first_seen":"2026-07-02T22:51:56.886397Z","last_seen":"2026-07-03T00:11:58.345877Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"b292d411114e9eab90721b96e0f51fa8","sha1":"df8e3c78c0ef86c282e309e2753a165f172da92e","sha256":"f6a58a039c46356be7052e6f93d4646648adb132c09494f53c8a0ae059a93869","sha512":"7bf380d08356cdca44a6cfc14c9a6baff6819dd6d5ca468e02b6b347dded1ac70921b23b2be2aeb0f3bfa7defd0799262c083391edc486e47e1efad5c37cfe12","ssdeep":"","tlshash":"ef600000000f00000030300c0300cc00330c300000c3000cf0f0003c3c30c33c00033c","size":16,"data":"","first_seen":"2023-03-07T12:05:42Z","last_seen":"2026-07-03T00:11:58.346482Z","times_seen":265,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/js/theme.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"0659a3d8c01f3b689907d4764a781ea4","sha1":"f72a52e419b4b8fc9a61a192e8c64d5a4abf4a6e","sha256":"b509916f1aab2c9821746f58ffb9c64f56597304d6cf5dda9e40fb8bb1e73718","sha512":"312b91162cfc12f5f2c93e9e10636be720710dae97259b4f79564ead9869dcddf226c80a0ce96f7b4f3dfb7d97124ab1ceb351eeca70b133541bb90e11a47b01","ssdeep":"","tlshash":"d9316289f260f065123305fdd5b75812a91fba04b10f2288f7b4c4db15ac14d162bfaa","size":1740,"data":"","first_seen":"2023-10-01T00:22:41Z","last_seen":"2026-07-03T00:11:58.321025Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"48a197817927a6eda6f531064f1dba71","sha1":"5ba19dcca2e2d7ac659af0fbc97dc99e505c498b","sha256":"05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba","sha512":"f7744d1705f9740ba71dddaec02732f53fdb05c207803fb0c692e48831e4645181d24605406ca7b90feb1ba7215f60e2ee366eae7f49b2ca16c74e47cb52485c","ssdeep":"1536:/Z9BiMg+AGpULSaXcbx60BWIBB3CiJUSuTpyhQPOREi/zYjZBNF4t+HVxeFTkLjd:/I3SsE5ETqwMFVMfucy+","tlshash":"f49319dd72c6b06247a730b940af550ff236199d680d8510f128d8e9bc78e4a927bf7d","size":97646,"data":"","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T00:29:26.835544Z","times_seen":8284,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e2060c4e5e5955c824723b13a212d3ec","sha1":"18420ce484978f8ba3d7371febf1638828bb7a67","sha256":"5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6","sha512":"dcc2117e42859d51017047b468a99f65d74d45ac2e86ae1cc5605e39041ff2164e562756d93a89fa1f71cbd331f958b351c5afe952a47a560120e080d63bd623","ssdeep":"","tlshash":"34700008380080280230200e80300308a002038e2020c080000c0800000828c2a02028","size":21,"data":"","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T06:55:47.509236Z","times_seen":11615,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee3f0b958e11b4ed20275793885c2779","sha1":"0c3bafa8b1bf4beaa8e9c319ad5f2ee59f37fbef","sha256":"30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0","sha512":"399f52abb79c19c924aa0c5af2dff8d79051368cf61882273acbbc4238fdf6bf489410aad972659bd4fdcfffc3e16d65ae5fb109d5f3ab41187cca3c0d927e28","ssdeep":"1536:ZrQWyLnyF0nENeO9wRvyv3p/qSacRoIY4cnIHOLco00VNfCzTyxChEkb8UBQjsyA:/DqZcRo94k00VN6/RV4UBQo1Iy","tlshash":"1dd3d5ceb391b06143636171516f260bf23ba884b90f8198f639e4c97c7894da17be7d","size":131506,"data":"","first_seen":"2023-03-10T21:16:45Z","last_seen":"2026-07-03T00:11:58.321553Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"7121994eec5320fbe6586463bf9651c2","sha1":"90532aff6d4121954254cdf04994d834f7ec169b","sha256":"48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d","sha512":"b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd","ssdeep":"192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR","tlshash":"2e22c79db29a70625fba35f8617fc11b717a94fc2118d9e4a08c8ed1387dc9d403ab39","size":10056,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T08:24:52.6042Z","times_seen":55220,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dovishfinancialservices.com/wp-content/uploads/2026/43rd/index.html","fqdn":"dovishfinancialservices.com","domain":"dovishfinancialservices.com","tld":"com"},"ip":{"addr":"162.240.231.219","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"27fd973c4e81f168000e235a4e2d591d","sha1":"a6f861e051b4a2c326220e71ef004e9e52f760c8","sha256":"2bc3571b3a655b55addb3334c4a82e298cd9492e9d7c53aa2a59d684103f08a0","sha512":"e52449c754ad9928f8268ad3a8ebc8ede1f62ef071e67bcdd623fab6f974e77fbcee0467bf5913210a38c39c73b2b2ae78079ab12db55245cf97a49d4c2aee01","ssdeep":"","tlshash":"6641138b34f732360ae7a0694b9b7301b1316003944cdd49bd6e0318bfd65ab86737d9","size":2376,"data":"","first_seen":"2026-07-02T22:51:56.892626Z","last_seen":"2026-07-03T00:11:58.346965Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"JQMIGRATE: Migrate is installed, version 1.4.1","filename":"https://brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","line_number":2,"column_number":552},{"level":"log","text":"JQMIGRATE: Migrate is installed, version 1.4.1","filename":"https://brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","line_number":2,"column_number":552},{"level":"log","text":"JQMIGRATE: Migrate is installed, version 1.4.1","filename":"https://brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","line_number":2,"column_number":552},{"level":"log","text":"JQMIGRATE: Migrate is installed, version 1.4.1","filename":"https://brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","line_number":2,"column_number":552},{"level":"log","text":"JQMIGRATE: Migrate is installed, version 1.4.1","filename":"https://brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","line_number":2,"column_number":552},{"level":"log","text":"JQMIGRATE: Migrate is installed, version 1.4.1","filename":"https://brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","line_number":2,"column_number":552},{"level":"log","text":"JQMIGRATE: Migrate is installed, version 1.4.1","filename":"https://brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","line_number":2,"column_number":552},{"level":"log","text":"JQMIGRATE: Migrate is installed, version 1.4.1","filename":"https://brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","line_number":2,"column_number":552},{"level":"log","text":"JQMIGRATE: Migrate is installed, version 1.4.1","filename":"https://brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","line_number":2,"column_number":552}]},"http":[{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.869Z","timestamp":1783037493869,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 97646\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-17d6e\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":97646,"size_decoded":97918,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65462)","md5":"48a197817927a6eda6f531064f1dba71","sha1":"5ba19dcca2e2d7ac659af0fbc97dc99e505c498b","sha256":"05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba","sha512":"f7744d1705f9740ba71dddaec02732f53fdb05c207803fb0c692e48831e4645181d24605406ca7b90feb1ba7215f60e2ee366eae7f49b2ca16c74e47cb52485c","ssdeep":"1536:/Z9BiMg+AGpULSaXcbx60BWIBB3CiJUSuTpyhQPOREi/zYjZBNF4t+HVxeFTkLjd:/I3SsE5ETqwMFVMfucy+","tlshash":"f49319dd72c6b06247a730b940af550ff236199d680d8510f128d8e9bc78e4a927bf7d","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T00:29:26.835544Z","times_seen":8284,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":86,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/js/theme.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.630Z","timestamp":1783037494630,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/js/theme.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1740\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-6cc\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1740,"size_decoded":2009,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1688)","md5":"0659a3d8c01f3b689907d4764a781ea4","sha1":"f72a52e419b4b8fc9a61a192e8c64d5a4abf4a6e","sha256":"b509916f1aab2c9821746f58ffb9c64f56597304d6cf5dda9e40fb8bb1e73718","sha512":"312b91162cfc12f5f2c93e9e10636be720710dae97259b4f79564ead9869dcddf226c80a0ce96f7b4f3dfb7d97124ab1ceb351eeca70b133541bb90e11a47b01","ssdeep":"","tlshash":"d9316289f260f065123305fdd5b75812a91fba04b10f2288f7b4c4db15ac14d162bfaa","first_seen":"2023-10-01T00:22:41Z","last_seen":"2026-07-03T00:11:58.321025Z","times_seen":6,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.729Z","timestamp":1783037494729,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 131506\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-201b2\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":131506,"size_decoded":131779,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65448)","md5":"ee3f0b958e11b4ed20275793885c2779","sha1":"0c3bafa8b1bf4beaa8e9c319ad5f2ee59f37fbef","sha256":"30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0","sha512":"399f52abb79c19c924aa0c5af2dff8d79051368cf61882273acbbc4238fdf6bf489410aad972659bd4fdcfffc3e16d65ae5fb109d5f3ab41187cca3c0d927e28","ssdeep":"1536:ZrQWyLnyF0nENeO9wRvyv3p/qSacRoIY4cnIHOLco00VNfCzTyxChEkb8UBQjsyA:/DqZcRo94k00VN6/RV4UBQo1Iy","tlshash":"1dd3d5ceb391b06143636171516f260bf23ba884b90f8198f639e4c97c7894da17be7d","first_seen":"2023-03-10T21:16:45Z","last_seen":"2026-07-03T00:11:58.321553Z","times_seen":39,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":34,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.447Z","timestamp":1783037493447,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 21\r\nConnection: keep-alive\r\nX-Accel-Version: 0.01\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nETag: \"15-5cbcb22e84400\"\r\nAccept-Ranges: bytes\r\nX-Powered-By: PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":21,"size_decoded":315,"mime_type":"application/javascript","magic":"ASCII text","md5":"e2060c4e5e5955c824723b13a212d3ec","sha1":"18420ce484978f8ba3d7371febf1638828bb7a67","sha256":"5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6","sha512":"dcc2117e42859d51017047b468a99f65d74d45ac2e86ae1cc5605e39041ff2164e562756d93a89fa1f71cbd331f958b351c5afe952a47a560120e080d63bd623","ssdeep":"","tlshash":"34700008380080280230200e80300308a002038e2020c080000c0800000828c2a02028","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T06:55:47.509236Z","times_seen":11615,"resource_available":true,"data":null}},"time_used":420,"timings":{"blocked":386,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.860Z","timestamp":1783037493860,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 97646\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-17d6e\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":97646,"size_decoded":97918,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65462)","md5":"48a197817927a6eda6f531064f1dba71","sha1":"5ba19dcca2e2d7ac659af0fbc97dc99e505c498b","sha256":"05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba","sha512":"f7744d1705f9740ba71dddaec02732f53fdb05c207803fb0c692e48831e4645181d24605406ca7b90feb1ba7215f60e2ee366eae7f49b2ca16c74e47cb52485c","ssdeep":"1536:/Z9BiMg+AGpULSaXcbx60BWIBB3CiJUSuTpyhQPOREi/zYjZBNF4t+HVxeFTkLjd:/I3SsE5ETqwMFVMfucy+","tlshash":"f49319dd72c6b06247a730b940af550ff236199d680d8510f128d8e9bc78e4a927bf7d","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T00:29:26.835544Z","times_seen":8284,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":30,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.105Z","timestamp":1783037493105,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 21\r\nConnection: keep-alive\r\nX-Accel-Version: 0.01\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nETag: \"15-5cbcb22e84400\"\r\nAccept-Ranges: bytes\r\nX-Powered-By: PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":21,"size_decoded":315,"mime_type":"application/javascript","magic":"ASCII text","md5":"e2060c4e5e5955c824723b13a212d3ec","sha1":"18420ce484978f8ba3d7371febf1638828bb7a67","sha256":"5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6","sha512":"dcc2117e42859d51017047b468a99f65d74d45ac2e86ae1cc5605e39041ff2164e562756d93a89fa1f71cbd331f958b351c5afe952a47a560120e080d63bd623","ssdeep":"","tlshash":"34700008380080280230200e80300308a002038e2020c080000c0800000828c2a02028","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T06:55:47.509236Z","times_seen":11615,"resource_available":true,"data":null}},"time_used":547,"timings":{"blocked":513,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.109Z","timestamp":1783037493109,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 10056\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-2748\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":10056,"size_decoded":10327,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9959)","md5":"7121994eec5320fbe6586463bf9651c2","sha1":"90532aff6d4121954254cdf04994d834f7ec169b","sha256":"48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d","sha512":"b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd","ssdeep":"192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR","tlshash":"2e22c79db29a70625fba35f8617fc11b717a94fc2118d9e4a08c8ed1387dc9d403ab39","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T08:24:52.6042Z","times_seen":55220,"resource_available":true,"data":null}},"time_used":575,"timings":{"blocked":542,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/js/theme.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.868Z","timestamp":1783037493868,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/js/theme.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1740\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-6cc\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1740,"size_decoded":2009,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1688)","md5":"0659a3d8c01f3b689907d4764a781ea4","sha1":"f72a52e419b4b8fc9a61a192e8c64d5a4abf4a6e","sha256":"b509916f1aab2c9821746f58ffb9c64f56597304d6cf5dda9e40fb8bb1e73718","sha512":"312b91162cfc12f5f2c93e9e10636be720710dae97259b4f79564ead9869dcddf226c80a0ce96f7b4f3dfb7d97124ab1ceb351eeca70b133541bb90e11a47b01","ssdeep":"","tlshash":"d9316289f260f065123305fdd5b75812a91fba04b10f2288f7b4c4db15ac14d162bfaa","first_seen":"2023-10-01T00:22:41Z","last_seen":"2026-07-03T00:11:58.321025Z","times_seen":6,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":83,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.870Z","timestamp":1783037493870,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 21\r\nConnection: keep-alive\r\nX-Accel-Version: 0.01\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nETag: \"15-5cbcb22e84400\"\r\nAccept-Ranges: bytes\r\nX-Powered-By: PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":21,"size_decoded":315,"mime_type":"application/javascript","magic":"ASCII text","md5":"e2060c4e5e5955c824723b13a212d3ec","sha1":"18420ce484978f8ba3d7371febf1638828bb7a67","sha256":"5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6","sha512":"dcc2117e42859d51017047b468a99f65d74d45ac2e86ae1cc5605e39041ff2164e562756d93a89fa1f71cbd331f958b351c5afe952a47a560120e080d63bd623","ssdeep":"","tlshash":"34700008380080280230200e80300308a002038e2020c080000c0800000828c2a02028","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T06:55:47.509236Z","times_seen":11615,"resource_available":true,"data":null}},"time_used":131,"timings":{"blocked":97,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.627Z","timestamp":1783037494627,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 131506\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-201b2\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131506,"size_decoded":131779,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65448)","md5":"ee3f0b958e11b4ed20275793885c2779","sha1":"0c3bafa8b1bf4beaa8e9c319ad5f2ee59f37fbef","sha256":"30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0","sha512":"399f52abb79c19c924aa0c5af2dff8d79051368cf61882273acbbc4238fdf6bf489410aad972659bd4fdcfffc3e16d65ae5fb109d5f3ab41187cca3c0d927e28","ssdeep":"1536:ZrQWyLnyF0nENeO9wRvyv3p/qSacRoIY4cnIHOLco00VNfCzTyxChEkb8UBQjsyA:/DqZcRo94k00VN6/RV4UBQo1Iy","tlshash":"1dd3d5ceb391b06143636171516f260bf23ba884b90f8198f639e4c97c7894da17be7d","first_seen":"2023-03-10T21:16:45Z","last_seen":"2026-07-03T00:11:58.321553Z","times_seen":39,"resource_available":true,"data":null}},"time_used":159,"timings":{"blocked":58,"dns":0,"connect":0,"send":0,"wait":35,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.677Z","timestamp":1783037492677,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /index.php HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: f94bd41d219f76f25f4e33510dbae032=rrkhbm6i064hr0s2jsfvt5a0cr\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.3.20\r\nPermissions-Policy: interest-cohort=()\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 03 Jul 2026 00:11:33 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]},{"name":"Joomla","description":"Joomla is a free and open-source content management system for publishing web content.","website":"https://www.joomla.org/","common_platform_enumeration":"cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*","icon":"Joomla.svg","categories":["CMS"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":4214,"size_decoded":4643,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"b8fb4b7f73d1a2d26d01fb6a3e446eb3","sha1":"3104805655a69dff2a697050000bdf32e797252f","sha256":"e4f210d52d3dcd4f8540de9d5720b73dd46b18bad6ff24cdc9d17ee852089e88","sha512":"2ede97016d0df394ee62ef651808c38740adc6cf5d9e27582cda080232a5d5ec1cba97c5ee615a09d001e4d29a96e68c82889fe0d6699a5a07cfac1fb348ae64","ssdeep":"48:93qppbj8mzqlC9D9c7rILCRmGeFqVq7KppXfgrqdLmZ5gampP0:9QbP/9D9c7MeRm5qXXfsqdLk5gpP0","tlshash":"a491432a6c82ed65d17269b4c4a2e918eda6e803d201cc8539cc47d56fe0ecd4b1bf9d","first_seen":"2026-07-03T00:11:58.323904Z","last_seen":"2026-07-03T00:11:58.323904Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1153,"timings":{"blocked":196,"dns":0,"connect":0,"send":0,"wait":957,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/fonts/font-701b1ece.woff2","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","date":"2026-07-03T00:11:33.942Z","timestamp":1783037493942,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/fonts/font-701b1ece.woff2 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/templates/yootheme/css/theme.9.css?1634676367\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 12712\r\nLast-Modified: Wed, 04 Nov 2020 20:36:00 GMT\r\nConnection: keep-alive\r\nETag: \"5fa310b0-31a8\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":12712,"size_decoded":12971,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 12712, version 1.0","md5":"a0e971d8c3527842f473a5297137ecaf","sha1":"8e063c7a9ca1a6cc347c343489601f57596717fa","sha256":"6c308a1f8bc77ccc3cf9fa39df0983eed5efb727774181bee87997bd890136b3","sha512":"1a5cce615f73cd136ab18b3d9d40706d9a95f76b99852e3c664601822e0b3a1cedbe9f5e213c74536e10d08c2ee145bbe70fd4248e1b68f6cd54429ba365799e","ssdeep":"384:7bwfyLdRjij9rJEAvm/Iv+o9iJb494pxUU:7kfy7iPE0WoMy9u","tlshash":"ef42c005a57c8bd8e6fd117d1be300545faa485c402e8ae161fb242eb72bed906f0e2d","first_seen":"2023-05-09T05:20:33Z","last_seen":"2026-07-03T00:11:58.324802Z","times_seen":26,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/plugins/system/jce/css/content.css?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.039Z","timestamp":1783037493039,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /plugins/system/jce/css/content.css?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/css\r\nContent-Length: 1999\r\nLast-Modified: Wed, 17 Jun 2020 22:29:01 GMT\r\nConnection: keep-alive\r\nETag: \"5eea992d-7cf\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1999,"size_decoded":2254,"mime_type":"text/css","magic":"ASCII text, with very long lines (1999), with no line terminators","md5":"dbb006ef98426ec633dc9336b399d3e8","sha1":"ea30e666d18c5633f15ac342ff12974bcd64a9fd","sha256":"2291dfa652ff8d9b621007cc0daf0dc254a34a0fe1e5439a7e0feb305e4542d7","sha512":"433284a086ea36885a862a44a3f2a6a85fd7e9cf28d1930abf28da86e0aa87092302aebae51d034e6a0a33e34ee4221c2190deffe0b2c5a190f359b5484f7e50","ssdeep":"","tlshash":"f9413523dc1c51ecac1372a0e2e24c182118fa44db2ec1d6b52fe9e56a44fd77db285c","first_seen":"2023-04-26T11:28:40Z","last_seen":"2026-07-03T00:11:58.32534Z","times_seen":98,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":49,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/js/theme.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.052Z","timestamp":1783037493052,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/js/theme.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1740\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-6cc\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1740,"size_decoded":2009,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1688)","md5":"0659a3d8c01f3b689907d4764a781ea4","sha1":"f72a52e419b4b8fc9a61a192e8c64d5a4abf4a6e","sha256":"b509916f1aab2c9821746f58ffb9c64f56597304d6cf5dda9e40fb8bb1e73718","sha512":"312b91162cfc12f5f2c93e9e10636be720710dae97259b4f79564ead9869dcddf226c80a0ce96f7b4f3dfb7d97124ab1ceb351eeca70b133541bb90e11a47b01","ssdeep":"","tlshash":"d9316289f260f065123305fdd5b75812a91fba04b10f2288f7b4c4db15ac14d162bfaa","first_seen":"2023-10-01T00:22:41Z","last_seen":"2026-07-03T00:11:58.321025Z","times_seen":6,"resource_available":true,"data":null}},"time_used":571,"timings":{"blocked":527,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.248Z","timestamp":1783037493248,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 21\r\nConnection: keep-alive\r\nX-Accel-Version: 0.01\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nETag: \"15-5cbcb22e84400\"\r\nAccept-Ranges: bytes\r\nX-Powered-By: PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21,"size_decoded":315,"mime_type":"application/javascript","magic":"ASCII text","md5":"e2060c4e5e5955c824723b13a212d3ec","sha1":"18420ce484978f8ba3d7371febf1638828bb7a67","sha256":"5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6","sha512":"dcc2117e42859d51017047b468a99f65d74d45ac2e86ae1cc5605e39041ff2164e562756d93a89fa1f71cbd331f958b351c5afe952a47a560120e080d63bd623","ssdeep":"","tlshash":"34700008380080280230200e80300308a002038e2020c080000c0800000828c2a02028","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T06:55:47.509236Z","times_seen":11615,"resource_available":true,"data":null}},"time_used":507,"timings":{"blocked":471,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/js/theme.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.734Z","timestamp":1783037494734,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/js/theme.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1740\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-6cc\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1740,"size_decoded":2009,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1688)","md5":"0659a3d8c01f3b689907d4764a781ea4","sha1":"f72a52e419b4b8fc9a61a192e8c64d5a4abf4a6e","sha256":"b509916f1aab2c9821746f58ffb9c64f56597304d6cf5dda9e40fb8bb1e73718","sha512":"312b91162cfc12f5f2c93e9e10636be720710dae97259b4f79564ead9869dcddf226c80a0ce96f7b4f3dfb7d97124ab1ceb351eeca70b133541bb90e11a47b01","ssdeep":"","tlshash":"d9316289f260f065123305fdd5b75812a91fba04b10f2288f7b4c4db15ac14d162bfaa","first_seen":"2023-10-01T00:22:41Z","last_seen":"2026-07-03T00:11:58.321025Z","times_seen":6,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":31,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.254Z","timestamp":1783037492254,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /index.php HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: f94bd41d219f76f25f4e33510dbae032=9vtvdcmhh0g7ukj158kth7mbka\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.3.20\r\nPermissions-Policy: interest-cohort=()\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 03 Jul 2026 00:11:33 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]},{"name":"Joomla","description":"Joomla is a free and open-source content management system for publishing web content.","website":"https://www.joomla.org/","common_platform_enumeration":"cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*","icon":"Joomla.svg","categories":["CMS"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4214,"size_decoded":4643,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"cb4c7f2628a59b3c0d76ed492834be39","sha1":"3a29836809ba861d823809385b00fbca646168f7","sha256":"16349881901b5c3a780c2219013cbd41180a6bfd3c1cb69107c9c449a32b4df0","sha512":"6a0136cdad2a24ddde31499b6c53514d024bca5900936b41758dca2443ec48eb41857fdb0d3caa1c7295fe26b15bfc92db39cfaff69b6c56655f972465e590e3","ssdeep":"48:93qppbj8mzqlC9D9c7rILCRmGeFqVq7KppXfgrqdLmZ5gampP3:9QbP/9D9c7MeRm5qXXfsqdLk5gpP3","tlshash":"3891532a6c82ed64917369b4c4a2e918eda6e803d241cc8539cc47d56fe1ecd0b1bf9d","first_seen":"2026-07-03T00:11:58.325881Z","last_seen":"2026-07-03T00:11:58.325881Z","times_seen":1,"resource_available":false,"data":null}},"time_used":837,"timings":{"blocked":163,"dns":0,"connect":0,"send":0,"wait":674,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.372Z","timestamp":1783037492372,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /index.php HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: f94bd41d219f76f25f4e33510dbae032=nft16do7cfr200n9gjijq1vusa\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.3.20\r\nPermissions-Policy: interest-cohort=()\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 03 Jul 2026 00:11:33 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]},{"name":"Joomla","description":"Joomla is a free and open-source content management system for publishing web content.","website":"https://www.joomla.org/","common_platform_enumeration":"cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*","icon":"Joomla.svg","categories":["CMS"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":4214,"size_decoded":4643,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"e4dc4a06a6752615c5de430bbb4fc1fa","sha1":"3ea1169c8e261cb9fb4db855966f7350cde9387f","sha256":"98addfa40b2b28c7a27ec762d38ed41eda790b6bef4f3f1a492f3372e9009b77","sha512":"7b96aa0e8972ace6bd96cdc492eb9c9ae88714d6987d5c7d32ec0c62044dc1eeea6adf69dd8521fe10ce596f081ecd12d17bf7656c6aeb963b2fa152ce651021","ssdeep":"48:93qppbj8mzqlC9D9c7rILCRmGeFqVq7KppXfgrqdLmZ5gampP2yW:9QbP/9D9c7MeRm5qXXfsqdLk5gpP2yW","tlshash":"9c91422a5c82ed64916269b4c4a2e918ada6e803d201cc8539cc87d56fe0ecd0b1bf9d","first_seen":"2026-07-03T00:11:58.327076Z","last_seen":"2026-07-03T00:11:58.327076Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1036,"timings":{"blocked":340,"dns":0,"connect":0,"send":0,"wait":696,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/android-chrome-192x192.png","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.631Z","timestamp":1783037492631,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/android-chrome-192x192.png HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nCookie: f94bd41d219f76f25f4e33510dbae032=4c9ibng808548ig71r5gl2sqp5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: image/png\r\nContent-Length: 12219\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-2fbb\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":12219,"size_decoded":12477,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"6196296d6da29c45fa85682fff153ecf","sha1":"3d20183ede291a0f86f7a0a7d7fb81efa8b06c01","sha256":"c84fa4b619a90081150350106c4d17279b260f7b0dc6ceea709ec8488cc34466","sha512":"0d4af53008ac1398643301247b92f26065e99c61cd9d17aa6ecdfcbca1db735d840bee7316526e171ba1ca58f3ff7819832b8a8f314e16e7f8f8362cf1af992f","ssdeep":"192:pSsSKgNcadTurt01GPxHf1XVXA7+MvDeY1KVgMcVzF33YIpUfavF7S6FHzyqG5Z2:QsSKscadCZ0spH7VMbYgPVzZnUfgSmHp","tlshash":"0242ae59a1d26bf5c08aba79b4b1374b4eafdc203bab2988a39dd1ccd48464087c0352","first_seen":"2023-04-30T17:47:12Z","last_seen":"2026-07-03T00:11:58.327965Z","times_seen":142,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":167,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/css/theme.9.css?1634676367","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.041Z","timestamp":1783037493041,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/css/theme.9.css?1634676367 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/css\r\nContent-Length: 422794\r\nLast-Modified: Sun, 17 Oct 2021 17:48:49 GMT\r\nConnection: keep-alive\r\nETag: \"616c6201-6738a\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":422794,"size_decoded":423053,"mime_type":"text/css","magic":"ASCII text, with very long lines (61627)","md5":"1a06feee5db207d7bbdaaefd468d46ea","sha1":"ff80bff6e9a6cbc0d089c8376d0fb289d651c53c","sha256":"7b7efa2d134023751190c3ec6aab4fc254ff3380b42a56b557a521a43d069163","sha512":"3dcb590c751dd8dd11625ab2713ae494d0c4deddf2da54fa9c7c859b79f5882708013ac83c9c3a420976e19eafbfea686872b56b4e819f73395b48bcc03c06c2","ssdeep":"1536:FOyS4qyHfR5rrKz+Mq4Nun19AXVkxyc43uJQVk6/jRB4:Gh+MU1eWJKk6/jRB4","tlshash":"0c948385a24079fe8e73455aa0e8b9fdfb858d01e2362ee7f6ef41c08b417470235d99","first_seen":"2024-08-19T22:10:02.757411Z","last_seen":"2026-07-03T00:11:58.328526Z","times_seen":3,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":97,"dns":0,"connect":0,"send":0,"wait":121,"receive":135,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.050Z","timestamp":1783037493050,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 64028\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-fa1c\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64028,"size_decoded":64299,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63940)","md5":"70fb4ad79461f9f3cf12144e0eeedab7","sha1":"817f14433df80af1d4478397cae827ead0777a76","sha256":"41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c","sha512":"85ccf71a864b7e353fcf53b202b1af33575582bce959c5378e761a0ba92573681dcbd1f1ac5926a1699c5186eb69e4be57f1964a07efeaea6bf5f7f8455c903f","ssdeep":"768:dvcCeFII+nEkM2ZeKMCl4xCPkjQeNxtCxH/dnNYyeWMikoW/j0rygG9k:dE3UtM2ZeKMCWxCPAAfdNUaWIx","tlshash":"62533269835c9b6ce74047b4e23871d633efb07aa2a95658e9816330f0098f76c7d67c","first_seen":"2023-03-14T02:37:53Z","last_seen":"2026-07-03T00:11:58.329391Z","times_seen":21,"resource_available":true,"data":null}},"time_used":635,"timings":{"blocked":527,"dns":0,"connect":0,"send":0,"wait":44,"receive":64,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.872Z","timestamp":1783037493872,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 10056\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-2748\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10056,"size_decoded":10327,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9959)","md5":"7121994eec5320fbe6586463bf9651c2","sha1":"90532aff6d4121954254cdf04994d834f7ec169b","sha256":"48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d","sha512":"b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd","ssdeep":"192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR","tlshash":"2e22c79db29a70625fba35f8617fc11b717a94fc2118d9e4a08c8ed1387dc9d403ab39","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T08:24:52.6042Z","times_seen":55220,"resource_available":true,"data":null}},"time_used":155,"timings":{"blocked":111,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.626Z","timestamp":1783037494626,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 10056\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-2748\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":10056,"size_decoded":10327,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9959)","md5":"7121994eec5320fbe6586463bf9651c2","sha1":"90532aff6d4121954254cdf04994d834f7ec169b","sha256":"48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d","sha512":"b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd","ssdeep":"192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR","tlshash":"2e22c79db29a70625fba35f8617fc11b717a94fc2118d9e4a08c8ed1387dc9d403ab39","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T08:24:52.6042Z","times_seen":55220,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.629Z","timestamp":1783037494629,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 64028\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-fa1c\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":64028,"size_decoded":64299,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63940)","md5":"70fb4ad79461f9f3cf12144e0eeedab7","sha1":"817f14433df80af1d4478397cae827ead0777a76","sha256":"41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c","sha512":"85ccf71a864b7e353fcf53b202b1af33575582bce959c5378e761a0ba92573681dcbd1f1ac5926a1699c5186eb69e4be57f1964a07efeaea6bf5f7f8455c903f","ssdeep":"768:dvcCeFII+nEkM2ZeKMCl4xCPkjQeNxtCxH/dnNYyeWMikoW/j0rygG9k:dE3UtM2ZeKMCWxCPAAfdNUaWIx","tlshash":"62533269835c9b6ce74047b4e23871d633efb07aa2a95658e9816330f0098f76c7d67c","first_seen":"2023-03-14T02:37:53Z","last_seen":"2026-07-03T00:11:58.329391Z","times_seen":21,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":61,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.731Z","timestamp":1783037494731,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 64028\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-fa1c\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64028,"size_decoded":64299,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63940)","md5":"70fb4ad79461f9f3cf12144e0eeedab7","sha1":"817f14433df80af1d4478397cae827ead0777a76","sha256":"41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c","sha512":"85ccf71a864b7e353fcf53b202b1af33575582bce959c5378e761a0ba92573681dcbd1f1ac5926a1699c5186eb69e4be57f1964a07efeaea6bf5f7f8455c903f","ssdeep":"768:dvcCeFII+nEkM2ZeKMCl4xCPkjQeNxtCxH/dnNYyeWMikoW/j0rygG9k:dE3UtM2ZeKMCWxCPAAfdNUaWIx","tlshash":"62533269835c9b6ce74047b4e23871d633efb07aa2a95658e9816330f0098f76c7d67c","first_seen":"2023-03-14T02:37:53Z","last_seen":"2026-07-03T00:11:58.329391Z","times_seen":21,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":55,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/fonts/font-2c468cc8.woff2","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.840Z","timestamp":1783037494840,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/fonts/font-2c468cc8.woff2 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/templates/yootheme/css/theme.9.css?1634676367\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 16736\r\nLast-Modified: Sun, 17 Oct 2021 17:44:17 GMT\r\nConnection: keep-alive\r\nETag: \"616c60f1-4160\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16736,"size_decoded":16995,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16736, version 1.0","md5":"69c4c631d50be266b8dde5a66889ffa0","sha1":"82fd58537a22e18cf0661228133c3772164cb7db","sha256":"53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9","sha512":"533458bab106ea37031c7dcafdd44726611726f3320ee34c327eafdf0b73f910c8026090fea8611704dffe9c6d0544b31bf1dd153a8a5acb294d72dc077e8793","ssdeep":"384:WyVtJGw+9VmmvLGVlaec7RMD+LCBCb2uQUwf8XVtJlK:WAtJGw+9VmmqV4VOD+LMCb2FEXXJlK","tlshash":"d672c0d51cf264fa91967537ae711cb39a7ab4030144e8aeedff46b5a0c21806b9503f","first_seen":"2023-05-07T17:30:13Z","last_seen":"2026-07-03T07:13:29.02701Z","times_seen":789,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.687Z","timestamp":1783037491687,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:31 GMT\r\nContent-Type: text/css\r\nContent-Length: 7436\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-1d0c\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":7436,"size_decoded":7692,"mime_type":"text/css","magic":"ASCII text","md5":"f4835b1a5a84a7efe1a0675f06e3d5c0","sha1":"7527362f3a153336c55376cb1d83efc137d1859b","sha256":"898d84952b101ee096a356f84aec3e39943d3412a49185362db753ff1e3b8083","sha512":"8cf310d31e56b6a8b55ec2fac801068bd6b8521f747f567bbf02b1652626286092d719b7b14714077d0038363ce2d42a0514d88c90b2f4d1ef63a367ee6b0643","ssdeep":"96:u0z7hrQfg0rQKg0rQNg0rQ4g0rQTg0rQug0rRkQ63hgHqMxwMPTiYoAofR:X7KfiKiNi4iTiuzn6xoqMqMQ","tlshash":"74e19760d4bd1c605716e4d5234bbb40ef1cb26a88490c4ff693be8cafe221591e2bdd","first_seen":"2026-03-25T00:49:42.971817Z","last_seen":"2026-07-03T00:11:58.330409Z","times_seen":3,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":35,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/plugins/system/jce/css/content.css?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.617Z","timestamp":1783037494617,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /plugins/system/jce/css/content.css?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 1999\r\nLast-Modified: Wed, 17 Jun 2020 22:29:01 GMT\r\nConnection: keep-alive\r\nETag: \"5eea992d-7cf\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1999,"size_decoded":2254,"mime_type":"text/css","magic":"ASCII text, with very long lines (1999), with no line terminators","md5":"dbb006ef98426ec633dc9336b399d3e8","sha1":"ea30e666d18c5633f15ac342ff12974bcd64a9fd","sha256":"2291dfa652ff8d9b621007cc0daf0dc254a34a0fe1e5439a7e0feb305e4542d7","sha512":"433284a086ea36885a862a44a3f2a6a85fd7e9cf28d1930abf28da86e0aa87092302aebae51d034e6a0a33e34ee4221c2190deffe0b2c5a190f359b5484f7e50","ssdeep":"","tlshash":"f9413523dc1c51ecac1372a0e2e24c182118fa44db2ec1d6b52fe9e56a44fd77db285c","first_seen":"2023-04-26T11:28:40Z","last_seen":"2026-07-03T00:11:58.32534Z","times_seen":98,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/css/theme.update.css?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.720Z","timestamp":1783037494720,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/css/theme.update.css?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 1316\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-524\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1316,"size_decoded":1571,"mime_type":"text/css","magic":"ASCII text","md5":"11837245328305d103d2bfb533042f94","sha1":"acc47ef1bc68eb87aa638b5bcae995dba192f81b","sha256":"a4c48cf797442e366f6917534237b0854f2f261508bbbecb358987ebef34f609","sha512":"bb698d550272bf3d3d747a5a9c09dd2f72c6d37b87ac9bb7d63a85dbe030b4d3073dce370d56afe6627c52e4d4170dd1023fbc5f9dc917e8cccbc977f5ba6cbb","ssdeep":"","tlshash":"e521e503478320dcad1f826c46af03ec8b3609876327695c76cac348cf6d59601b7dd5","first_seen":"2023-05-21T15:24:04Z","last_seen":"2026-07-03T00:11:58.331007Z","times_seen":42,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/index_7.html","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.747Z","timestamp":1783037491747,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/index_7.html HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 303 See other\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nSet-Cookie: f94bd41d219f76f25f4e33510dbae032=uqgnhqbga3rimp0o1g8db280t7; path=/; HttpOnly\r\nLocation: https://brambach.edvpartner-work2.de/index.php\r\nLast-Modified: Fri, 03 Jul 2026 00:11:32 GMT\r\nX-Powered-By: PHP/7.3.20, PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See other","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T08:08:24.275566Z","times_seen":16936743,"resource_available":true,"data":null}},"time_used":495,"timings":{"blocked":77,"dns":0,"connect":0,"send":0,"wait":418,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/fonts/font-2c468cc8.woff2","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","date":"2026-07-03T00:11:33.945Z","timestamp":1783037493945,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/fonts/font-2c468cc8.woff2 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/templates/yootheme/css/theme.9.css?1634676367\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 16736\r\nLast-Modified: Sun, 17 Oct 2021 17:44:17 GMT\r\nConnection: keep-alive\r\nETag: \"616c60f1-4160\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16736,"size_decoded":16995,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16736, version 1.0","md5":"69c4c631d50be266b8dde5a66889ffa0","sha1":"82fd58537a22e18cf0661228133c3772164cb7db","sha256":"53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9","sha512":"533458bab106ea37031c7dcafdd44726611726f3320ee34c327eafdf0b73f910c8026090fea8611704dffe9c6d0544b31bf1dd153a8a5acb294d72dc077e8793","ssdeep":"384:WyVtJGw+9VmmvLGVlaec7RMD+LCBCb2uQUwf8XVtJlK:WAtJGw+9VmmqV4VOD+LMCb2FEXXJlK","tlshash":"d672c0d51cf264fa91967537ae711cb39a7ab4030144e8aeedff46b5a0c21806b9503f","first_seen":"2023-05-07T17:30:13Z","last_seen":"2026-07-03T07:13:29.02701Z","times_seen":789,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":61,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/fonts/font-7757d15d.woff2","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.842Z","timestamp":1783037494842,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/fonts/font-7757d15d.woff2 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/templates/yootheme/css/theme.9.css?1634676367\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 7900\r\nLast-Modified: Sun, 17 Oct 2021 17:44:17 GMT\r\nConnection: keep-alive\r\nETag: \"616c60f1-1edc\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":7900,"size_decoded":8158,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7900, version 1.0","md5":"9ed361bba8488aeb2797b82befda20f1","sha1":"6f80d965a066aff81c0a344d4b7297bd009cc099","sha256":"41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c","sha512":"a445d1850d9a03b32944586b426c1eb0e3cd42ad24d4c029e993f37c11cd24680fe9c354425a9d6a84fef27a9e06704108d845f74c204c5bec5a95f50cf50bd6","ssdeep":"192:p7uo9HQkQLb61fpJohI/gCvwsd2pbbhKn:p7v9wkYbkfpJPIqdyhK","tlshash":"33f1c0d24f50e68ffb9ba63a5c1ec3724dcea0a521c5e87c39c81c0bd269d13597c144","first_seen":"2023-04-08T01:54:40Z","last_seen":"2026-07-03T08:00:25.555221Z","times_seen":5303,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/css/theme.update.css?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.620Z","timestamp":1783037494620,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/css/theme.update.css?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 1316\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-524\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1316,"size_decoded":1571,"mime_type":"text/css","magic":"ASCII text","md5":"11837245328305d103d2bfb533042f94","sha1":"acc47ef1bc68eb87aa638b5bcae995dba192f81b","sha256":"a4c48cf797442e366f6917534237b0854f2f261508bbbecb358987ebef34f609","sha512":"bb698d550272bf3d3d747a5a9c09dd2f72c6d37b87ac9bb7d63a85dbe030b4d3073dce370d56afe6627c52e4d4170dd1023fbc5f9dc917e8cccbc977f5ba6cbb","ssdeep":"","tlshash":"e521e503478320dcad1f826c46af03ec8b3609876327695c76cac348cf6d59601b7dd5","first_seen":"2023-05-21T15:24:04Z","last_seen":"2026-07-03T00:11:58.331007Z","times_seen":42,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/css.css","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.839Z","timestamp":1783037491839,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/css.css HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:31 GMT\r\nContent-Type: text/css\r\nContent-Length: 12367\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-304f\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":12367,"size_decoded":12624,"mime_type":"text/css","magic":"ASCII text","md5":"0a90ec650895680d385f6d7fed5c4cc5","sha1":"6481ebce0d8d082173f7d744b871c2e5170209d5","sha256":"13f3dcc68879eccc3e64115973cdb293b1c0784d94014832dd5b11f9d9bd5a50","sha512":"2723671ba4283262226fc7402f7006225b6ad39f4d91771be632ed0b82f1e9bf02a8ea1648282e252643419cc72da0dadb58eb52e29dedaa97d11225c902cd57","ssdeep":"192:+xCOxixzxFxQ9xNxPexNS8QZCGtbcMyXpqEYWLotB5hDLNuZ83GTNbKgwkpnIwhM:+MO0BPG9fkSbc1pmjUja","tlshash":"52429554441b6410a3170c997b8f7f308d9fb9292049996a5ffe48acadf3c3263b275e","first_seen":"2026-03-25T00:49:43.100631Z","last_seen":"2026-07-03T00:11:58.332566Z","times_seen":3,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.103Z","timestamp":1783037493103,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 97646\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-17d6e\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":97646,"size_decoded":97918,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65462)","md5":"48a197817927a6eda6f531064f1dba71","sha1":"5ba19dcca2e2d7ac659af0fbc97dc99e505c498b","sha256":"05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba","sha512":"f7744d1705f9740ba71dddaec02732f53fdb05c207803fb0c692e48831e4645181d24605406ca7b90feb1ba7215f60e2ee366eae7f49b2ca16c74e47cb52485c","ssdeep":"1536:/Z9BiMg+AGpULSaXcbx60BWIBB3CiJUSuTpyhQPOREi/zYjZBNF4t+HVxeFTkLjd:/I3SsE5ETqwMFVMfucy+","tlshash":"f49319dd72c6b06247a730b940af550ff236199d680d8510f128d8e9bc78e4a927bf7d","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T00:29:26.835544Z","times_seen":8284,"resource_available":true,"data":null}},"time_used":598,"timings":{"blocked":476,"dns":0,"connect":0,"send":0,"wait":45,"receive":77,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.451Z","timestamp":1783037493451,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 131506\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-201b2\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":131506,"size_decoded":131779,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65448)","md5":"ee3f0b958e11b4ed20275793885c2779","sha1":"0c3bafa8b1bf4beaa8e9c319ad5f2ee59f37fbef","sha256":"30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0","sha512":"399f52abb79c19c924aa0c5af2dff8d79051368cf61882273acbbc4238fdf6bf489410aad972659bd4fdcfffc3e16d65ae5fb109d5f3ab41187cca3c0d927e28","ssdeep":"1536:ZrQWyLnyF0nENeO9wRvyv3p/qSacRoIY4cnIHOLco00VNfCzTyxChEkb8UBQjsyA:/DqZcRo94k00VN6/RV4UBQo1Iy","tlshash":"1dd3d5ceb391b06143636171516f260bf23ba884b90f8198f639e4c97c7894da17be7d","first_seen":"2023-03-10T21:16:45Z","last_seen":"2026-07-03T00:11:58.321553Z","times_seen":39,"resource_available":true,"data":null}},"time_used":550,"timings":{"blocked":409,"dns":0,"connect":0,"send":0,"wait":66,"receive":75,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/search.css","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.727Z","timestamp":1783037491727,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/search.css HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:31 GMT\r\nContent-Type: text/css\r\nContent-Length: 3026\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-bd2\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":3026,"size_decoded":3281,"mime_type":"text/css","magic":"ASCII text","md5":"396f68ae3a479c8064061c65deb009bd","sha1":"0b2103ddd6fe0f3f4bccf0440446ef26474614d2","sha256":"d8f31d35029afd740d78227a50d3e2120c53aaea0ba50e654dd1598c9d385a44","sha512":"a4dbb0afc62c940f4d91062db6e4b52e9fe324aa2b7e1fd0bf6af6d235caf6655cd16992d2fde28ac8308fb1b940eaf528774c54c5520ee02a783810c0791dce","ssdeep":"","tlshash":"a95131e72ed00604ae5a696974a2ff96721c94438d4ecafeaff00048ee851e47576b4c","first_seen":"2023-06-18T13:02:20Z","last_seen":"2026-07-03T00:11:58.33311Z","times_seen":57,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":36,"send":0,"wait":37,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/index_6.html","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.743Z","timestamp":1783037491743,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/index_6.html HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 303 See other\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nSet-Cookie: f94bd41d219f76f25f4e33510dbae032=68chsgc2fcpk1c6obq6p3lkbvt; path=/; HttpOnly\r\nLocation: https://brambach.edvpartner-work2.de/index.php\r\nLast-Modified: Fri, 03 Jul 2026 00:11:32 GMT\r\nX-Powered-By: PHP/7.3.20, PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See other","fingerprints":[{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T08:08:24.275566Z","times_seen":16936743,"resource_available":true,"data":null}},"time_used":426,"timings":{"blocked":71,"dns":0,"connect":0,"send":0,"wait":355,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/autocomplete.css","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.725Z","timestamp":1783037491725,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/autocomplete.css HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:31 GMT\r\nContent-Type: text/css\r\nContent-Length: 3468\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-d8c\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3468,"size_decoded":3723,"mime_type":"text/css","magic":"ASCII text, with very long lines (624)","md5":"08a9a6312d70d3ec40034c38cadcaa6a","sha1":"0f65dc1f193fb33d8ab10c13194c1b6292023635","sha256":"6c2ab9f3416084bd3ecb445e18b4b253f6acba1ee5014e829b22c7cf1a9e8082","sha512":"fc6f4c314c03132f036e72786d3435faed1117b7a77d9765078251b0090a32c718572aa8da314dad124820e8f99e61557c59ffa1d3264af0a9bdae6480bdd7f6","ssdeep":"","tlshash":"3861e0b3276a0509312dc4aa36029fc2277a81875128d528aff075386f5bae4dc7e7cd","first_seen":"2023-06-18T13:02:20Z","last_seen":"2026-07-03T00:11:58.333616Z","times_seen":57,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":58,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/index_5.html","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.737Z","timestamp":1783037491737,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/index_5.html HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 303 See other\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nSet-Cookie: f94bd41d219f76f25f4e33510dbae032=4c9ibng808548ig71r5gl2sqp5; path=/; HttpOnly\r\nLocation: https://brambach.edvpartner-work2.de/index.php\r\nLast-Modified: Fri, 03 Jul 2026 00:11:32 GMT\r\nX-Powered-By: PHP/7.3.20, PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See other","fingerprints":[{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T08:08:24.275566Z","times_seen":16936743,"resource_available":true,"data":null}},"time_used":682,"timings":{"blocked":-1,"dns":0,"connect":33,"send":0,"wait":581,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.875Z","timestamp":1783037493875,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 64028\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-fa1c\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64028,"size_decoded":64299,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63940)","md5":"70fb4ad79461f9f3cf12144e0eeedab7","sha1":"817f14433df80af1d4478397cae827ead0777a76","sha256":"41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c","sha512":"85ccf71a864b7e353fcf53b202b1af33575582bce959c5378e761a0ba92573681dcbd1f1ac5926a1699c5186eb69e4be57f1964a07efeaea6bf5f7f8455c903f","ssdeep":"768:dvcCeFII+nEkM2ZeKMCl4xCPkjQeNxtCxH/dnNYyeWMikoW/j0rygG9k:dE3UtM2ZeKMCWxCPAAfdNUaWIx","tlshash":"62533269835c9b6ce74047b4e23871d633efb07aa2a95658e9816330f0098f76c7d67c","first_seen":"2023-03-14T02:37:53Z","last_seen":"2026-07-03T00:11:58.329391Z","times_seen":21,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":121,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/js/theme.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.876Z","timestamp":1783037493876,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/js/theme.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1740\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-6cc\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1740,"size_decoded":2009,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1688)","md5":"0659a3d8c01f3b689907d4764a781ea4","sha1":"f72a52e419b4b8fc9a61a192e8c64d5a4abf4a6e","sha256":"b509916f1aab2c9821746f58ffb9c64f56597304d6cf5dda9e40fb8bb1e73718","sha512":"312b91162cfc12f5f2c93e9e10636be720710dae97259b4f79564ead9869dcddf226c80a0ce96f7b4f3dfb7d97124ab1ceb351eeca70b133541bb90e11a47b01","ssdeep":"","tlshash":"d9316289f260f065123305fdd5b75812a91fba04b10f2288f7b4c4db15ac14d162bfaa","first_seen":"2023-10-01T00:22:41Z","last_seen":"2026-07-03T00:11:58.321025Z","times_seen":6,"resource_available":true,"data":null}},"time_used":154,"timings":{"blocked":120,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.723Z","timestamp":1783037494723,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 97646\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-17d6e\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":97646,"size_decoded":97918,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65462)","md5":"48a197817927a6eda6f531064f1dba71","sha1":"5ba19dcca2e2d7ac659af0fbc97dc99e505c498b","sha256":"05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba","sha512":"f7744d1705f9740ba71dddaec02732f53fdb05c207803fb0c692e48831e4645181d24605406ca7b90feb1ba7215f60e2ee366eae7f49b2ca16c74e47cb52485c","ssdeep":"1536:/Z9BiMg+AGpULSaXcbx60BWIBB3CiJUSuTpyhQPOREi/zYjZBNF4t+HVxeFTkLjd:/I3SsE5ETqwMFVMfucy+","tlshash":"f49319dd72c6b06247a730b940af550ff236199d680d8510f128d8e9bc78e4a927bf7d","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T00:29:26.835544Z","times_seen":8284,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/clientlib-style.1cebb4c25d6a006184c9b14cdf505b28.css","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.682Z","timestamp":1783037491682,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/clientlib-style.1cebb4c25d6a006184c9b14cdf505b28.css HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:31 GMT\r\nContent-Type: text/css\r\nContent-Length: 237721\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-3a099\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":237721,"size_decoded":237980,"mime_type":"text/css","magic":"ASCII text","md5":"6a2a207ec15a7f5e75191dcd511abd36","sha1":"5bbfcd9663f2b9c82d92f591a8417cfdfb6dbd46","sha256":"6ae2d3942fb27334f66530f0ec271f83a0f6a4b751ff8128c8edae0047968ee5","sha512":"77f3003c22256329186b8ad85a067b0768272abc78d41fac2d09546a0656fef7113e63707034fa2c2096710218af99842bc95858d6f8edf8042120d5fb9bfd37","ssdeep":"1536:BbYjl7FNbYEPeUveFrqkDWcRKRI+s8W0xdQ+gkY53XBHpe:MJhzkC9k5K","tlshash":"353481525eb32d08640bd5589beea394732c5063da0ece6cbf8d6604cf8939855e6fcc","first_seen":"2026-03-25T00:49:43.006474Z","last_seen":"2026-07-03T00:11:58.334205Z","times_seen":3,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":36,"send":0,"wait":34,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.180Z","timestamp":1783037492180,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /index.php HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: f94bd41d219f76f25f4e33510dbae032=68chsgc2fcpk1c6obq6p3lkbvt\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.3.20\r\nPermissions-Policy: interest-cohort=()\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 03 Jul 2026 00:11:32 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Joomla","description":"Joomla is a free and open-source content management system for publishing web content.","website":"https://www.joomla.org/","common_platform_enumeration":"cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*","icon":"Joomla.svg","categories":["CMS"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]}],"data":{"size":4214,"size_decoded":4643,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"c6646cad1f4a89a02e5d387d8c79ec54","sha1":"050ab86b4853b6e2f42c98ddbb88ebb8eadaf719","sha256":"c33fbb5be603cd9faf15e2018bac8b80daaeb73c07f6bd17b65496a9e76a91e2","sha512":"00e3b8419b210620464c0a6e1b5fcbf50d66e303f93c0cce3e6cfdc4530922abf03f6f8ba9052f8d79ee2bc3dd009ddf87ef0eb6e521ba85361db27a95d13666","ssdeep":"48:93qppbj8mzqlC9D9c7rILCRmGeFqVq7KppXfgrqdLmZ5gampP6:9QbP/9D9c7MeRm5qXXfsqdLk5gpP6","tlshash":"8d91542a5c82ad65d17229b4c4a3f918eda6e803d201cc8539cc87d56fe0ecd4b1bf9d","first_seen":"2026-07-03T00:11:58.334764Z","last_seen":"2026-07-03T00:11:58.334764Z","times_seen":1,"resource_available":false,"data":null}},"time_used":849,"timings":{"blocked":188,"dns":0,"connect":0,"send":0,"wait":661,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.423Z","timestamp":1783037492423,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /index.php HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: f94bd41d219f76f25f4e33510dbae032=4c9ibng808548ig71r5gl2sqp5\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.3.20\r\nPermissions-Policy: interest-cohort=()\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 03 Jul 2026 00:11:33 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Joomla","description":"Joomla is a free and open-source content management system for publishing web content.","website":"https://www.joomla.org/","common_platform_enumeration":"cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*","icon":"Joomla.svg","categories":["CMS"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]}],"data":{"size":4214,"size_decoded":4643,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2748b99e3b2e80a807f929fbedc8a727","sha1":"3d10838938b5b4a5afe158bcf128080ab7ec5db0","sha256":"2fc5b6582b60e64a618c63c53d3189467a32b61a2752cc7c75dc928b15feaf71","sha512":"515163f2960b08f3f77aa65042eb713128fdce60c24669fa0e656e95b81f569742898cc1b91ad69c5dfc2f2b502fbeb2f58b15ba593ca34d09cf2cd02f4c67ee","ssdeep":"48:93qppbj8mzqlC9D9c7rILCRmGeFqVq7KppXfgrqdLmZ5gampPt9x:9QbP/9D9c7MeRm5qXXfsqdLk5gpPd","tlshash":"4e91532a5c82ad64d17269b4c4a3f918eda6e803d241cc8539cc47d56fe0ecd0b1bf9d","first_seen":"2026-07-03T00:11:58.335876Z","last_seen":"2026-07-03T00:11:58.335876Z","times_seen":1,"resource_available":false,"data":null}},"time_used":989,"timings":{"blocked":293,"dns":0,"connect":0,"send":0,"wait":696,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/css/theme.update.css?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.043Z","timestamp":1783037493043,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/css/theme.update.css?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/css\r\nContent-Length: 1316\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-524\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1316,"size_decoded":1571,"mime_type":"text/css","magic":"ASCII text","md5":"11837245328305d103d2bfb533042f94","sha1":"acc47ef1bc68eb87aa638b5bcae995dba192f81b","sha256":"a4c48cf797442e366f6917534237b0854f2f261508bbbecb358987ebef34f609","sha512":"bb698d550272bf3d3d747a5a9c09dd2f72c6d37b87ac9bb7d63a85dbe030b4d3073dce370d56afe6627c52e4d4170dd1023fbc5f9dc917e8cccbc977f5ba6cbb","ssdeep":"","tlshash":"e521e503478320dcad1f826c46af03ec8b3609876327695c76cac348cf6d59601b7dd5","first_seen":"2023-05-21T15:24:04Z","last_seen":"2026-07-03T00:11:58.331007Z","times_seen":42,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":185,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.254Z","timestamp":1783037493254,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 64028\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-fa1c\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64028,"size_decoded":64299,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63940)","md5":"70fb4ad79461f9f3cf12144e0eeedab7","sha1":"817f14433df80af1d4478397cae827ead0777a76","sha256":"41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c","sha512":"85ccf71a864b7e353fcf53b202b1af33575582bce959c5378e761a0ba92573681dcbd1f1ac5926a1699c5186eb69e4be57f1964a07efeaea6bf5f7f8455c903f","ssdeep":"768:dvcCeFII+nEkM2ZeKMCl4xCPkjQeNxtCxH/dnNYyeWMikoW/j0rygG9k:dE3UtM2ZeKMCWxCPAAfdNUaWIx","tlshash":"62533269835c9b6ce74047b4e23871d633efb07aa2a95658e9816330f0098f76c7d67c","first_seen":"2023-03-14T02:37:53Z","last_seen":"2026-07-03T00:11:58.329391Z","times_seen":21,"resource_available":true,"data":null}},"time_used":547,"timings":{"blocked":504,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/css/theme.update.css?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","date":"2026-07-03T00:11:33.428Z","timestamp":1783037493428,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/css/theme.update.css?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/css\r\nContent-Length: 1316\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-524\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1316,"size_decoded":1571,"mime_type":"text/css","magic":"ASCII text","md5":"11837245328305d103d2bfb533042f94","sha1":"acc47ef1bc68eb87aa638b5bcae995dba192f81b","sha256":"a4c48cf797442e366f6917534237b0854f2f261508bbbecb358987ebef34f609","sha512":"bb698d550272bf3d3d747a5a9c09dd2f72c6d37b87ac9bb7d63a85dbe030b4d3073dce370d56afe6627c52e4d4170dd1023fbc5f9dc917e8cccbc977f5ba6cbb","ssdeep":"","tlshash":"e521e503478320dcad1f826c46af03ec8b3609876327695c76cac348cf6d59601b7dd5","first_seen":"2023-05-21T15:24:04Z","last_seen":"2026-07-03T00:11:58.331007Z","times_seen":42,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":339,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T00:11:31.271Z","timestamp":1783037491271,"http_version":"HTTP/1.1","security_state":"secure","security_info":null,"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/ HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://dovishfinancialservices.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 277\r\nConnection: keep-alive\r\nX-Accel-Version: 0.01\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nETag: \"15e-6559687f8aaf9-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nX-Powered-By: PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T08:08:24.275566Z","times_seen":16936743,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.111Z","timestamp":1783037493111,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 131506\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-201b2\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131506,"size_decoded":131779,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65448)","md5":"ee3f0b958e11b4ed20275793885c2779","sha1":"0c3bafa8b1bf4beaa8e9c319ad5f2ee59f37fbef","sha256":"30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0","sha512":"399f52abb79c19c924aa0c5af2dff8d79051368cf61882273acbbc4238fdf6bf489410aad972659bd4fdcfffc3e16d65ae5fb109d5f3ab41187cca3c0d927e28","ssdeep":"1536:ZrQWyLnyF0nENeO9wRvyv3p/qSacRoIY4cnIHOLco00VNfCzTyxChEkb8UBQjsyA:/DqZcRo94k00VN6/RV4UBQo1Iy","tlshash":"1dd3d5ceb391b06143636171516f260bf23ba884b90f8198f639e4c97c7894da17be7d","first_seen":"2023-03-10T21:16:45Z","last_seen":"2026-07-03T00:11:58.321553Z","times_seen":39,"resource_available":true,"data":null}},"time_used":638,"timings":{"blocked":571,"dns":0,"connect":0,"send":0,"wait":34,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","date":"2026-07-03T00:11:33.438Z","timestamp":1783037493438,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 131506\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-201b2\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131506,"size_decoded":131779,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65448)","md5":"ee3f0b958e11b4ed20275793885c2779","sha1":"0c3bafa8b1bf4beaa8e9c319ad5f2ee59f37fbef","sha256":"30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0","sha512":"399f52abb79c19c924aa0c5af2dff8d79051368cf61882273acbbc4238fdf6bf489410aad972659bd4fdcfffc3e16d65ae5fb109d5f3ab41187cca3c0d927e28","ssdeep":"1536:ZrQWyLnyF0nENeO9wRvyv3p/qSacRoIY4cnIHOLco00VNfCzTyxChEkb8UBQjsyA:/DqZcRo94k00VN6/RV4UBQo1Iy","tlshash":"1dd3d5ceb391b06143636171516f260bf23ba884b90f8198f639e4c97c7894da17be7d","first_seen":"2023-03-10T21:16:45Z","last_seen":"2026-07-03T00:11:58.321553Z","times_seen":39,"resource_available":true,"data":null}},"time_used":442,"timings":{"blocked":365,"dns":0,"connect":0,"send":0,"wait":40,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","date":"2026-07-03T00:11:33.442Z","timestamp":1783037493442,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 64028\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-fa1c\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":64028,"size_decoded":64299,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63940)","md5":"70fb4ad79461f9f3cf12144e0eeedab7","sha1":"817f14433df80af1d4478397cae827ead0777a76","sha256":"41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c","sha512":"85ccf71a864b7e353fcf53b202b1af33575582bce959c5378e761a0ba92573681dcbd1f1ac5926a1699c5186eb69e4be57f1964a07efeaea6bf5f7f8455c903f","ssdeep":"768:dvcCeFII+nEkM2ZeKMCl4xCPkjQeNxtCxH/dnNYyeWMikoW/j0rygG9k:dE3UtM2ZeKMCWxCPAAfdNUaWIx","tlshash":"62533269835c9b6ce74047b4e23871d633efb07aa2a95658e9816330f0098f76c7d67c","first_seen":"2023-03-14T02:37:53Z","last_seen":"2026-07-03T00:11:58.329391Z","times_seen":21,"resource_available":true,"data":null}},"time_used":410,"timings":{"blocked":373,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.452Z","timestamp":1783037493452,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 64028\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-fa1c\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64028,"size_decoded":64299,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63940)","md5":"70fb4ad79461f9f3cf12144e0eeedab7","sha1":"817f14433df80af1d4478397cae827ead0777a76","sha256":"41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c","sha512":"85ccf71a864b7e353fcf53b202b1af33575582bce959c5378e761a0ba92573681dcbd1f1ac5926a1699c5186eb69e4be57f1964a07efeaea6bf5f7f8455c903f","ssdeep":"768:dvcCeFII+nEkM2ZeKMCl4xCPkjQeNxtCxH/dnNYyeWMikoW/j0rygG9k:dE3UtM2ZeKMCWxCPAAfdNUaWIx","tlshash":"62533269835c9b6ce74047b4e23871d633efb07aa2a95658e9816330f0098f76c7d67c","first_seen":"2023-03-14T02:37:53Z","last_seen":"2026-07-03T00:11:58.329391Z","times_seen":21,"resource_available":true,"data":null}},"time_used":443,"timings":{"blocked":409,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.623Z","timestamp":1783037494623,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 97646\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-17d6e\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":97646,"size_decoded":97918,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65462)","md5":"48a197817927a6eda6f531064f1dba71","sha1":"5ba19dcca2e2d7ac659af0fbc97dc99e505c498b","sha256":"05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba","sha512":"f7744d1705f9740ba71dddaec02732f53fdb05c207803fb0c692e48831e4645181d24605406ca7b90feb1ba7215f60e2ee366eae7f49b2ca16c74e47cb52485c","ssdeep":"1536:/Z9BiMg+AGpULSaXcbx60BWIBB3CiJUSuTpyhQPOREi/zYjZBNF4t+HVxeFTkLjd:/I3SsE5ETqwMFVMfucy+","tlshash":"f49319dd72c6b06247a730b940af550ff236199d680d8510f128d8e9bc78e4a927bf7d","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T00:29:26.835544Z","times_seen":8284,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/js/theme.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.454Z","timestamp":1783037493454,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/js/theme.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1740\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-6cc\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1740,"size_decoded":2009,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1688)","md5":"0659a3d8c01f3b689907d4764a781ea4","sha1":"f72a52e419b4b8fc9a61a192e8c64d5a4abf4a6e","sha256":"b509916f1aab2c9821746f58ffb9c64f56597304d6cf5dda9e40fb8bb1e73718","sha512":"312b91162cfc12f5f2c93e9e10636be720710dae97259b4f79564ead9869dcddf226c80a0ce96f7b4f3dfb7d97124ab1ceb351eeca70b133541bb90e11a47b01","ssdeep":"","tlshash":"d9316289f260f065123305fdd5b75812a91fba04b10f2288f7b4c4db15ac14d162bfaa","first_seen":"2023-10-01T00:22:41Z","last_seen":"2026-07-03T00:11:58.321025Z","times_seen":6,"resource_available":true,"data":null}},"time_used":453,"timings":{"blocked":420,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.863Z","timestamp":1783037493863,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 10056\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-2748\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10056,"size_decoded":10327,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9959)","md5":"7121994eec5320fbe6586463bf9651c2","sha1":"90532aff6d4121954254cdf04994d834f7ec169b","sha256":"48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d","sha512":"b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd","ssdeep":"192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR","tlshash":"2e22c79db29a70625fba35f8617fc11b717a94fc2118d9e4a08c8ed1387dc9d403ab39","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T08:24:52.6042Z","times_seen":55220,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":53,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T00:11:31.585Z","timestamp":1783037491585,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 113197\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-1ba2d\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":113197,"size_decoded":113457,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (60701)","md5":"813126de5f8b72eef03307b6f9409a2b","sha1":"a3fd20aa0d0a5164cd5a9ac179f0c3e8a000ce63","sha256":"0c73102a3d51682f0b0ed11f2db7a13347813236ecaa39fcb5e86e3808203ef2","sha512":"b62e721880b6666bb2609796e555d5b6730da186a3e303d4840b403be3f6236c738cd3acdc43c733ed3e2e13a46b18a60a069e2df92a8d456c492d94f878c66d","ssdeep":"768:W27UAwKFY0Tv7MzSO+iDNZK7FT1xbL0T+nSMV2BFxFGoIpX7+M3:D7nFY0TznCKGT+nSMV2jfe3","tlshash":"46b3e822a4b6342d7013b352bd523b9c3964c247de834caef69d6f67cbc3a96021674d","first_seen":"2026-03-25T00:49:43.125485Z","last_seen":"2026-07-03T00:11:58.336813Z","times_seen":3,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.867Z","timestamp":1783037493867,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 64028\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-fa1c\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":64028,"size_decoded":64299,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63940)","md5":"70fb4ad79461f9f3cf12144e0eeedab7","sha1":"817f14433df80af1d4478397cae827ead0777a76","sha256":"41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c","sha512":"85ccf71a864b7e353fcf53b202b1af33575582bce959c5378e761a0ba92573681dcbd1f1ac5926a1699c5186eb69e4be57f1964a07efeaea6bf5f7f8455c903f","ssdeep":"768:dvcCeFII+nEkM2ZeKMCl4xCPkjQeNxtCxH/dnNYyeWMikoW/j0rygG9k:dE3UtM2ZeKMCWxCPAAfdNUaWIx","tlshash":"62533269835c9b6ce74047b4e23871d633efb07aa2a95658e9816330f0098f76c7d67c","first_seen":"2023-03-14T02:37:53Z","last_seen":"2026-07-03T00:11:58.329391Z","times_seen":21,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":74,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/1440x565-ftblue-other.jpg","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.722Z","timestamp":1783037491722,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/1440x565-ftblue-other.jpg HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 65879\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-10157\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":65879,"size_decoded":66139,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2018:02:23 11:30:46], baseline, precision 8, 1440x565, components 3","md5":"01460094e2d6c39a79efeac9725d8827","sha1":"84913c508530e4b3ea912144be758b40d358f037","sha256":"a41032b705f624b9e188124f35ffa60061fb90257f32e532f80fb51e109c8fae","sha512":"c06e8891a6172a6691960d9c90849266705f384e21b79477002e7030e10d9f5c26cd6d0afdf7d14fd0d3414c177db3d357edb7494ad021040054920668787bcb","ssdeep":"192:DE3BvVQy4lGiR3e/knlwe5+YNMtKwffUKBXXXXXXXXh:Do77iZesnlwekYNg7fjBXXXXXXXXh","tlshash":"275367bb96a2ef13b3b24dad33798d45551096225fce1511b0ff9394a2e7da034af083","first_seen":"2023-06-18T13:02:20Z","last_seen":"2026-07-03T00:11:58.337466Z","times_seen":58,"resource_available":false,"data":null}},"time_used":2358,"timings":{"blocked":2320,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/icomoon.woff","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.004Z","timestamp":1783037492004,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/icomoon.woff HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: application/font-woff\r\nContent-Length: 31620\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-7b84\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":31620,"size_decoded":31890,"mime_type":"application/font-woff","magic":"Web Open Font Format, TrueType, length 31620, version 1.0","md5":"a55db942b961e6a7cf7c70dfbca91616","sha1":"15c5f647c3a9495e0dfcc316311191ce54b409ee","sha256":"1539ec89c49a493f983dbde0e0c35c310eaaa74f91aa316eac33e942285bed2c","sha512":"497fc408a99032cacf3fed0afa4b4b8ff075719115d1a3ce0ea616da2100c5b96873c2147b5163a04fde3e65a48f48c8678db8c42bc8cc1055015e1148c9b3f6","ssdeep":"768:gvnG6OzA5kdDlC7i6tV4b2sY07yFNm9N8x35wcYBzU1XdGwoeQK5bFjZMjs5r2:gvnG6OzA5Ix4i6tVS2sYM9N8vwJhCXAC","tlshash":"40e26d1b679ecf5bd14227f24c7411878f61d7092b275a577f4e8c1aca030e48a98b2f","first_seen":"2023-05-17T20:20:24Z","last_seen":"2026-07-03T00:11:58.338032Z","times_seen":126,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":243,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.047Z","timestamp":1783037493047,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 10056\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-2748\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10056,"size_decoded":10327,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9959)","md5":"7121994eec5320fbe6586463bf9651c2","sha1":"90532aff6d4121954254cdf04994d834f7ec169b","sha256":"48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d","sha512":"b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd","ssdeep":"192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR","tlshash":"2e22c79db29a70625fba35f8617fc11b717a94fc2118d9e4a08c8ed1387dc9d403ab39","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T08:24:52.6042Z","times_seen":55220,"resource_available":true,"data":null}},"time_used":530,"timings":{"blocked":360,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.873Z","timestamp":1783037493873,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 131506\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-201b2\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131506,"size_decoded":131779,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65448)","md5":"ee3f0b958e11b4ed20275793885c2779","sha1":"0c3bafa8b1bf4beaa8e9c319ad5f2ee59f37fbef","sha256":"30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0","sha512":"399f52abb79c19c924aa0c5af2dff8d79051368cf61882273acbbc4238fdf6bf489410aad972659bd4fdcfffc3e16d65ae5fb109d5f3ab41187cca3c0d927e28","ssdeep":"1536:ZrQWyLnyF0nENeO9wRvyv3p/qSacRoIY4cnIHOLco00VNfCzTyxChEkb8UBQjsyA:/DqZcRo94k00VN6/RV4UBQo1Iy","tlshash":"1dd3d5ceb391b06143636171516f260bf23ba884b90f8198f639e4c97c7894da17be7d","first_seen":"2023-03-10T21:16:45Z","last_seen":"2026-07-03T00:11:58.321553Z","times_seen":39,"resource_available":true,"data":null}},"time_used":159,"timings":{"blocked":120,"dns":0,"connect":0,"send":0,"wait":37,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/index_9.html","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.751Z","timestamp":1783037491751,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/index_9.html HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 303 See other\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nSet-Cookie: f94bd41d219f76f25f4e33510dbae032=rrkhbm6i064hr0s2jsfvt5a0cr; path=/; HttpOnly\r\nLocation: https://brambach.edvpartner-work2.de/index.php\r\nLast-Modified: Fri, 03 Jul 2026 00:11:32 GMT\r\nX-Powered-By: PHP/7.3.20, PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See other","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T08:08:24.275566Z","times_seen":16936743,"resource_available":true,"data":null}},"time_used":918,"timings":{"blocked":494,"dns":0,"connect":0,"send":0,"wait":424,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.804Z","timestamp":1783037492804,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /index.php HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.3.20\r\nPermissions-Policy: interest-cohort=()\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 03 Jul 2026 00:11:34 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Joomla","description":"Joomla is a free and open-source content management system for publishing web content.","website":"https://www.joomla.org/","common_platform_enumeration":"cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*","icon":"Joomla.svg","categories":["CMS"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]}],"data":{"size":4214,"size_decoded":4643,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"4c0c91c7dfc6921b56d1cda0aabd54e2","sha1":"cfc7beda19ce4787fe5daf4cb4d205e803436852","sha256":"70d3efed85c495e0e97354dc17c493046b2aecad34967c72f2eef1b912d3afe2","sha512":"8b45f07e7558ad1788ff7c3ebbc87ef17bed5eb6ebf5deb7ce51238773dc18a19974fd229822ac709fc70d4f99fd59dc577b2c5fd8e2a85716b88eaff39f4b8b","ssdeep":"48:93qppbj8mzqlC9D9c7rILCRmGeFqVq7KppXfgrqdLmZ5gampPhV:9QbP/9D9c7MeRm5qXXfsqdLk5gpPhV","tlshash":"f591542a5c82ed64916229b4d4a2e918ed66e803d201cc8539cc47d56fe0ecd4b1bf9d","first_seen":"2026-07-03T00:11:58.338543Z","last_seen":"2026-07-03T00:11:58.338543Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1904,"timings":{"blocked":1236,"dns":0,"connect":0,"send":0,"wait":668,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/css/theme.9.css?1634676367","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.856Z","timestamp":1783037493856,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/css/theme.9.css?1634676367 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/css\r\nContent-Length: 422794\r\nLast-Modified: Sun, 17 Oct 2021 17:48:49 GMT\r\nConnection: keep-alive\r\nETag: \"616c6201-6738a\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":422794,"size_decoded":423053,"mime_type":"text/css","magic":"ASCII text, with very long lines (61627)","md5":"1a06feee5db207d7bbdaaefd468d46ea","sha1":"ff80bff6e9a6cbc0d089c8376d0fb289d651c53c","sha256":"7b7efa2d134023751190c3ec6aab4fc254ff3380b42a56b557a521a43d069163","sha512":"3dcb590c751dd8dd11625ab2713ae494d0c4deddf2da54fa9c7c859b79f5882708013ac83c9c3a420976e19eafbfea686872b56b4e819f73395b48bcc03c06c2","ssdeep":"1536:FOyS4qyHfR5rrKz+Mq4Nun19AXVkxyc43uJQVk6/jRB4:Gh+MU1eWJKk6/jRB4","tlshash":"0c948385a24079fe8e73455aa0e8b9fdfb858d01e2362ee7f6ef41c08b417470235d99","first_seen":"2024-08-19T22:10:02.757411Z","last_seen":"2026-07-03T00:11:58.328526Z","times_seen":3,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":38,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/css/theme.9.css?1634676367","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.618Z","timestamp":1783037494618,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/css/theme.9.css?1634676367 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 422794\r\nLast-Modified: Sun, 17 Oct 2021 17:48:49 GMT\r\nConnection: keep-alive\r\nETag: \"616c6201-6738a\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":422794,"size_decoded":423053,"mime_type":"text/css","magic":"ASCII text, with very long lines (61627)","md5":"1a06feee5db207d7bbdaaefd468d46ea","sha1":"ff80bff6e9a6cbc0d089c8376d0fb289d651c53c","sha256":"7b7efa2d134023751190c3ec6aab4fc254ff3380b42a56b557a521a43d069163","sha512":"3dcb590c751dd8dd11625ab2713ae494d0c4deddf2da54fa9c7c859b79f5882708013ac83c9c3a420976e19eafbfea686872b56b4e819f73395b48bcc03c06c2","ssdeep":"1536:FOyS4qyHfR5rrKz+Mq4Nun19AXVkxyc43uJQVk6/jRB4:Gh+MU1eWJKk6/jRB4","tlshash":"0c948385a24079fe8e73455aa0e8b9fdfb858d01e2362ee7f6ef41c08b417470235d99","first_seen":"2024-08-19T22:10:02.757411Z","last_seen":"2026-07-03T00:11:58.328526Z","times_seen":3,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/favicon-16x16.png","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.633Z","timestamp":1783037492633,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/favicon-16x16.png HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nCookie: f94bd41d219f76f25f4e33510dbae032=4c9ibng808548ig71r5gl2sqp5\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: image/png\r\nContent-Length: 1062\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-426\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1062,"size_decoded":1318,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced","md5":"d78dff827d07973f71be81870d61fbe5","sha1":"0988755c34c40f7594926eae9c1e039ebffff95c","sha256":"d7df254755e9212bf50242a91039e2c2e1485000ffd795a8a3e52c21522c4a6b","sha512":"13f379cc0b6c1a464d218c70fef35e6e384ec8e36969e2aeac1c1d224293ba4772f75fdc6609ae653a057e11f751709a981472f957101b03e33814b4cb280ddc","ssdeep":"","tlshash":"7e11b5d5a0b4da39c08ea631a1535be2d0344a4e2ec21109d5bcc4a67815f9583a0bd3","first_seen":"2023-04-30T17:47:12Z","last_seen":"2026-07-03T00:11:58.339288Z","times_seen":136,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":203,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.046Z","timestamp":1783037493046,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 21\r\nConnection: keep-alive\r\nX-Accel-Version: 0.01\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nETag: \"15-5cbcb22e84400\"\r\nAccept-Ranges: bytes\r\nX-Powered-By: PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":21,"size_decoded":315,"mime_type":"application/javascript","magic":"ASCII text","md5":"e2060c4e5e5955c824723b13a212d3ec","sha1":"18420ce484978f8ba3d7371febf1638828bb7a67","sha256":"5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6","sha512":"dcc2117e42859d51017047b468a99f65d74d45ac2e86ae1cc5605e39041ff2164e562756d93a89fa1f71cbd331f958b351c5afe952a47a560120e080d63bd623","ssdeep":"","tlshash":"34700008380080280230200e80300308a002038e2020c080000c0800000828c2a02028","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T06:55:47.509236Z","times_seen":11615,"resource_available":true,"data":null}},"time_used":527,"timings":{"blocked":357,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","date":"2026-07-03T00:11:33.433Z","timestamp":1783037493433,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 21\r\nConnection: keep-alive\r\nX-Accel-Version: 0.01\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nETag: \"15-5cbcb22e84400\"\r\nAccept-Ranges: bytes\r\nX-Powered-By: PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21,"size_decoded":315,"mime_type":"application/javascript","magic":"ASCII text","md5":"e2060c4e5e5955c824723b13a212d3ec","sha1":"18420ce484978f8ba3d7371febf1638828bb7a67","sha256":"5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6","sha512":"dcc2117e42859d51017047b468a99f65d74d45ac2e86ae1cc5605e39041ff2164e562756d93a89fa1f71cbd331f958b351c5afe952a47a560120e080d63bd623","ssdeep":"","tlshash":"34700008380080280230200e80300308a002038e2020c080000c0800000828c2a02028","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T06:55:47.509236Z","times_seen":11615,"resource_available":true,"data":null}},"time_used":401,"timings":{"blocked":364,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.864Z","timestamp":1783037493864,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 131506\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-201b2\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":131506,"size_decoded":131779,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65448)","md5":"ee3f0b958e11b4ed20275793885c2779","sha1":"0c3bafa8b1bf4beaa8e9c319ad5f2ee59f37fbef","sha256":"30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0","sha512":"399f52abb79c19c924aa0c5af2dff8d79051368cf61882273acbbc4238fdf6bf489410aad972659bd4fdcfffc3e16d65ae5fb109d5f3ab41187cca3c0d927e28","ssdeep":"1536:ZrQWyLnyF0nENeO9wRvyv3p/qSacRoIY4cnIHOLco00VNfCzTyxChEkb8UBQjsyA:/DqZcRo94k00VN6/RV4UBQo1Iy","tlshash":"1dd3d5ceb391b06143636171516f260bf23ba884b90f8198f639e4c97c7894da17be7d","first_seen":"2023-03-10T21:16:45Z","last_seen":"2026-07-03T00:11:58.321553Z","times_seen":39,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":61,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/css/theme.update.css?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.858Z","timestamp":1783037493858,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/css/theme.update.css?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/css\r\nContent-Length: 1316\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-524\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1316,"size_decoded":1571,"mime_type":"text/css","magic":"ASCII text","md5":"11837245328305d103d2bfb533042f94","sha1":"acc47ef1bc68eb87aa638b5bcae995dba192f81b","sha256":"a4c48cf797442e366f6917534237b0854f2f261508bbbecb358987ebef34f609","sha512":"bb698d550272bf3d3d747a5a9c09dd2f72c6d37b87ac9bb7d63a85dbe030b4d3073dce370d56afe6627c52e4d4170dd1023fbc5f9dc917e8cccbc977f5ba6cbb","ssdeep":"","tlshash":"e521e503478320dcad1f826c46af03ec8b3609876327695c76cac348cf6d59601b7dd5","first_seen":"2023-05-21T15:24:04Z","last_seen":"2026-07-03T00:11:58.331007Z","times_seen":42,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/index_4.html#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.733Z","timestamp":1783037491733,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/index_4.html HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 303 See other\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nSet-Cookie: f94bd41d219f76f25f4e33510dbae032=nft16do7cfr200n9gjijq1vusa; path=/; HttpOnly\r\nLocation: https://brambach.edvpartner-work2.de/index.php\r\nLast-Modified: Fri, 03 Jul 2026 00:11:32 GMT\r\nX-Powered-By: PHP/7.3.20, PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See other","fingerprints":[{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T08:08:24.275566Z","times_seen":16936743,"resource_available":true,"data":null}},"time_used":635,"timings":{"blocked":-1,"dns":0,"connect":33,"send":0,"wait":533,"receive":0,"ssl":69},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.998Z","timestamp":1783037491998,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/css.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 16692\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-4134\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":16692,"size_decoded":16951,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16692, version 1.0","md5":"d65113b6da7ba4bd0a59dbda5a7e24d4","sha1":"929ecf3ad6ab03123a7bad0609b4b8ba1623d4e8","sha256":"cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0","sha512":"70e39e0ea11ed0c9c6b75cb8240760eb681cc53570146246918a222489a41c85be898557cf1e5805a87c5155ee01f8b1e5ec480a1fabd742e44a30381c44e8fd","ssdeep":"384:JJlRJsN3EMLFZ1UNJ1rDtEZftwezFOAO54hzpr:JJzuN3nK13te+ezFON2N","tlshash":"d672d0321b9c3c99ff557c30d27c4fd7474528ba6501a4a6c4ca30abae2bcf255298b7","first_seen":"2023-04-06T17:20:45Z","last_seen":"2026-07-03T00:11:58.339819Z","times_seen":1626,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":174,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.726Z","timestamp":1783037494726,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 10056\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-2748\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":10056,"size_decoded":10327,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9959)","md5":"7121994eec5320fbe6586463bf9651c2","sha1":"90532aff6d4121954254cdf04994d834f7ec169b","sha256":"48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d","sha512":"b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd","ssdeep":"192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR","tlshash":"2e22c79db29a70625fba35f8617fc11b717a94fc2118d9e4a08c8ed1387dc9d403ab39","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T08:24:52.6042Z","times_seen":55220,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/index_1.html","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.741Z","timestamp":1783037491741,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/index_1.html HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 303 See other\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nSet-Cookie: f94bd41d219f76f25f4e33510dbae032=9vtvdcmhh0g7ukj158kth7mbka; path=/; HttpOnly\r\nLocation: https://brambach.edvpartner-work2.de/index.php\r\nLast-Modified: Fri, 03 Jul 2026 00:11:32 GMT\r\nX-Powered-By: PHP/7.3.20, PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See other","fingerprints":[{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T08:08:24.275566Z","times_seen":16936743,"resource_available":true,"data":null}},"time_used":500,"timings":{"blocked":51,"dns":0,"connect":0,"send":0,"wait":449,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.002Z","timestamp":1783037492002,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/css.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 16712\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-4148\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":16712,"size_decoded":16971,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16712, version 1.0","md5":"1f577b061e6e464e2c949faee6518469","sha1":"8acf6682f8050be9b4c7fb3e85138971d6fae51c","sha256":"578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579","sha512":"e9cab686d9e7683f10487ac28952055f350c4f43cae4b39b64799093228c5747af633ca161f31d32f26b34f037e1f604725764fd79e08786e844647b2587f939","ssdeep":"384:Nalotu5ls3EN6bbcz3UXKtK+bmXeIJSwNvBTfb:l4lYJXcoMp6uRuTb","tlshash":"4872cf0cdf9ae00d28e58f36355ec35a8e91ec6bfd2e61d72a850b0b2f6905fb141311","first_seen":"2023-04-06T17:20:45Z","last_seen":"2026-07-03T00:11:58.340365Z","times_seen":673,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":241,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.722Z","timestamp":1783037492722,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /index.php HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: f94bd41d219f76f25f4e33510dbae032=gk4a2rg6a05j2ojqbkt1rit7lv\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.3.20\r\nPermissions-Policy: interest-cohort=()\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 03 Jul 2026 00:11:34 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]},{"name":"Joomla","description":"Joomla is a free and open-source content management system for publishing web content.","website":"https://www.joomla.org/","common_platform_enumeration":"cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*","icon":"Joomla.svg","categories":["CMS"]}],"data":{"size":4214,"size_decoded":4643,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"fe4cbb1afe67f36df4d07ffda0b70a7b","sha1":"9b1d1a90402f7fa3c8f3c10efa1de011782fa158","sha256":"409d6b3766693e5cfb138867ed46975f8161065c24e4089ae4cb806ceb2039f8","sha512":"bb649f76105c67753044d40f3446b45911f89e5a5dffc6574c4ff382953942036ff3b49672aaf9dfb06b7a1a832bfb3ec36f6c95bccf54811e31450df0282a7b","ssdeep":"48:93qppbj8mzqlC9D9c7rILCRmGeFqVq7KppXfgrqdLmZ5gampPGb:9QbP/9D9c7MeRm5qXXfsqdLk5gpP0","tlshash":"1191542a5c82ed64d17229b4c4a2e918ed66e803d241cc8539cc47d56fe1fcd4b1bf9d","first_seen":"2026-07-03T00:11:58.340857Z","last_seen":"2026-07-03T00:11:58.340857Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1885,"timings":{"blocked":1318,"dns":0,"connect":0,"send":0,"wait":567,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.044Z","timestamp":1783037493044,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 97646\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-17d6e\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":97646,"size_decoded":97918,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65462)","md5":"48a197817927a6eda6f531064f1dba71","sha1":"5ba19dcca2e2d7ac659af0fbc97dc99e505c498b","sha256":"05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba","sha512":"f7744d1705f9740ba71dddaec02732f53fdb05c207803fb0c692e48831e4645181d24605406ca7b90feb1ba7215f60e2ee366eae7f49b2ca16c74e47cb52485c","ssdeep":"1536:/Z9BiMg+AGpULSaXcbx60BWIBB3CiJUSuTpyhQPOREi/zYjZBNF4t+HVxeFTkLjd:/I3SsE5ETqwMFVMfucy+","tlshash":"f49319dd72c6b06247a730b940af550ff236199d680d8510f128d8e9bc78e4a927bf7d","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T00:29:26.835544Z","times_seen":8284,"resource_available":true,"data":null}},"time_used":528,"timings":{"blocked":349,"dns":0,"connect":0,"send":0,"wait":178,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","date":"2026-07-03T00:11:33.436Z","timestamp":1783037493436,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 10056\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-2748\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":10056,"size_decoded":10327,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9959)","md5":"7121994eec5320fbe6586463bf9651c2","sha1":"90532aff6d4121954254cdf04994d834f7ec169b","sha256":"48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d","sha512":"b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd","ssdeep":"192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR","tlshash":"2e22c79db29a70625fba35f8617fc11b717a94fc2118d9e4a08c8ed1387dc9d403ab39","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T08:24:52.6042Z","times_seen":55220,"resource_available":true,"data":null}},"time_used":403,"timings":{"blocked":365,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.725Z","timestamp":1783037494725,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 21\r\nConnection: keep-alive\r\nX-Accel-Version: 0.01\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nETag: \"15-5cbcb22e84400\"\r\nAccept-Ranges: bytes\r\nX-Powered-By: PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":21,"size_decoded":315,"mime_type":"application/javascript","magic":"ASCII text","md5":"e2060c4e5e5955c824723b13a212d3ec","sha1":"18420ce484978f8ba3d7371febf1638828bb7a67","sha256":"5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6","sha512":"dcc2117e42859d51017047b468a99f65d74d45ac2e86ae1cc5605e39041ff2164e562756d93a89fa1f71cbd331f958b351c5afe952a47a560120e080d63bd623","ssdeep":"","tlshash":"34700008380080280230200e80300308a002038e2020c080000c0800000828c2a02028","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T06:55:47.509236Z","times_seen":11615,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/equal_housing_logo.png","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.723Z","timestamp":1783037491723,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/equal_housing_logo.png HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: image/png\r\nContent-Length: 2758\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-ac6\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":2758,"size_decoded":3014,"mime_type":"image/png","magic":"PNG image data, 18 x 15, 8-bit colormap, non-interlaced","md5":"ba4bacebf5dffb84ec9fd4dfb1108a73","sha1":"e4fb3286c17cb7bc8d9f50d9de6a492996e9bd80","sha256":"c9874fdc3addc2b1da577088ec110c30e79e6afd4e89a20ac6ecff47cf1b3f45","sha512":"9449e1895ef00600ffbcbbf6be86fbe4f6a99bd264b884915d227bb3c867ea01578f554063493d664d85d67664525b78eb6566fa60d875b5592ed0cad7351b42","ssdeep":"","tlshash":"3f514e4c8472b2c9424db90726f8d3d59d034381a79cd3eb72a9cc8e0b812663cdb1ec","first_seen":"2023-04-30T17:47:12Z","last_seen":"2026-07-03T00:11:58.341859Z","times_seen":161,"resource_available":false,"data":null}},"time_used":2356,"timings":{"blocked":2322,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.720Z","timestamp":1783037492720,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /index.php HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: f94bd41d219f76f25f4e33510dbae032=gk4a2rg6a05j2ojqbkt1rit7lv\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.3.20\r\nPermissions-Policy: interest-cohort=()\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 03 Jul 2026 00:11:33 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]},{"name":"Joomla","description":"Joomla is a free and open-source content management system for publishing web content.","website":"https://www.joomla.org/","common_platform_enumeration":"cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*","icon":"Joomla.svg","categories":["CMS"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":4214,"size_decoded":4643,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"fe4cbb1afe67f36df4d07ffda0b70a7b","sha1":"9b1d1a90402f7fa3c8f3c10efa1de011782fa158","sha256":"409d6b3766693e5cfb138867ed46975f8161065c24e4089ae4cb806ceb2039f8","sha512":"bb649f76105c67753044d40f3446b45911f89e5a5dffc6574c4ff382953942036ff3b49672aaf9dfb06b7a1a832bfb3ec36f6c95bccf54811e31450df0282a7b","ssdeep":"48:93qppbj8mzqlC9D9c7rILCRmGeFqVq7KppXfgrqdLmZ5gampPGb:9QbP/9D9c7MeRm5qXXfsqdLk5gpP0","tlshash":"1191542a5c82ed64d17229b4c4a2e918ed66e803d241cc8539cc47d56fe1fcd4b1bf9d","first_seen":"2026-07-03T00:11:58.340857Z","last_seen":"2026-07-03T00:11:58.340857Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1106,"timings":{"blocked":309,"dns":0,"connect":0,"send":0,"wait":797,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.114Z","timestamp":1783037493114,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 64028\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-fa1c\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":64028,"size_decoded":64299,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (63940)","md5":"70fb4ad79461f9f3cf12144e0eeedab7","sha1":"817f14433df80af1d4478397cae827ead0777a76","sha256":"41d7f230bbd7b28c17e7d0980d0388a349a1596d340ab375812d5f96135b621c","sha512":"85ccf71a864b7e353fcf53b202b1af33575582bce959c5378e761a0ba92573681dcbd1f1ac5926a1699c5186eb69e4be57f1964a07efeaea6bf5f7f8455c903f","ssdeep":"768:dvcCeFII+nEkM2ZeKMCl4xCPkjQeNxtCxH/dnNYyeWMikoW/j0rygG9k:dE3UtM2ZeKMCWxCPAAfdNUaWIx","tlshash":"62533269835c9b6ce74047b4e23871d633efb07aa2a95658e9816330f0098f76c7d67c","first_seen":"2023-03-14T02:37:53Z","last_seen":"2026-07-03T00:11:58.329391Z","times_seen":21,"resource_available":true,"data":null}},"time_used":611,"timings":{"blocked":573,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.245Z","timestamp":1783037493245,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 97646\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-17d6e\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":97646,"size_decoded":97918,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65462)","md5":"48a197817927a6eda6f531064f1dba71","sha1":"5ba19dcca2e2d7ac659af0fbc97dc99e505c498b","sha256":"05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba","sha512":"f7744d1705f9740ba71dddaec02732f53fdb05c207803fb0c692e48831e4645181d24605406ca7b90feb1ba7215f60e2ee366eae7f49b2ca16c74e47cb52485c","ssdeep":"1536:/Z9BiMg+AGpULSaXcbx60BWIBB3CiJUSuTpyhQPOREi/zYjZBNF4t+HVxeFTkLjd:/I3SsE5ETqwMFVMfucy+","tlshash":"f49319dd72c6b06247a730b940af550ff236199d680d8510f128d8e9bc78e4a927bf7d","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T00:29:26.835544Z","times_seen":8284,"resource_available":true,"data":null}},"time_used":510,"timings":{"blocked":475,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.445Z","timestamp":1783037493445,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 97646\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-17d6e\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":97646,"size_decoded":97918,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65462)","md5":"48a197817927a6eda6f531064f1dba71","sha1":"5ba19dcca2e2d7ac659af0fbc97dc99e505c498b","sha256":"05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba","sha512":"f7744d1705f9740ba71dddaec02732f53fdb05c207803fb0c692e48831e4645181d24605406ca7b90feb1ba7215f60e2ee366eae7f49b2ca16c74e47cb52485c","ssdeep":"1536:/Z9BiMg+AGpULSaXcbx60BWIBB3CiJUSuTpyhQPOREi/zYjZBNF4t+HVxeFTkLjd:/I3SsE5ETqwMFVMfucy+","tlshash":"f49319dd72c6b06247a730b940af550ff236199d680d8510f128d8e9bc78e4a927bf7d","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T00:29:26.835544Z","times_seen":8284,"resource_available":true,"data":null}},"time_used":540,"timings":{"blocked":376,"dns":0,"connect":0,"send":0,"wait":80,"receive":84,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.256Z","timestamp":1783037492256,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /index.php HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: f94bd41d219f76f25f4e33510dbae032=9vtvdcmhh0g7ukj158kth7mbka\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.3.20\r\nPermissions-Policy: interest-cohort=()\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 03 Jul 2026 00:11:33 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]},{"name":"Joomla","description":"Joomla is a free and open-source content management system for publishing web content.","website":"https://www.joomla.org/","common_platform_enumeration":"cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*","icon":"Joomla.svg","categories":["CMS"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4214,"size_decoded":4643,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"cb4c7f2628a59b3c0d76ed492834be39","sha1":"3a29836809ba861d823809385b00fbca646168f7","sha256":"16349881901b5c3a780c2219013cbd41180a6bfd3c1cb69107c9c449a32b4df0","sha512":"6a0136cdad2a24ddde31499b6c53514d024bca5900936b41758dca2443ec48eb41857fdb0d3caa1c7295fe26b15bfc92db39cfaff69b6c56655f972465e590e3","ssdeep":"48:93qppbj8mzqlC9D9c7rILCRmGeFqVq7KppXfgrqdLmZ5gampP3:9QbP/9D9c7MeRm5qXXfsqdLk5gpP3","tlshash":"3891532a6c82ed64917369b4c4a2e918eda6e803d241cc8539cc47d56fe1ecd0b1bf9d","first_seen":"2026-07-03T00:11:58.325881Z","last_seen":"2026-07-03T00:11:58.325881Z","times_seen":1,"resource_available":false,"data":null}},"time_used":978,"timings":{"blocked":416,"dns":0,"connect":0,"send":0,"wait":562,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.448Z","timestamp":1783037493448,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 10056\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-2748\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10056,"size_decoded":10327,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9959)","md5":"7121994eec5320fbe6586463bf9651c2","sha1":"90532aff6d4121954254cdf04994d834f7ec169b","sha256":"48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d","sha512":"b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd","ssdeep":"192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR","tlshash":"2e22c79db29a70625fba35f8617fc11b717a94fc2118d9e4a08c8ed1387dc9d403ab39","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T08:24:52.6042Z","times_seen":55220,"resource_available":true,"data":null}},"time_used":428,"timings":{"blocked":391,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.861Z","timestamp":1783037493861,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 21\r\nConnection: keep-alive\r\nX-Accel-Version: 0.01\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nETag: \"15-5cbcb22e84400\"\r\nAccept-Ranges: bytes\r\nX-Powered-By: PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21,"size_decoded":315,"mime_type":"application/javascript","magic":"ASCII text","md5":"e2060c4e5e5955c824723b13a212d3ec","sha1":"18420ce484978f8ba3d7371febf1638828bb7a67","sha256":"5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6","sha512":"dcc2117e42859d51017047b468a99f65d74d45ac2e86ae1cc5605e39041ff2164e562756d93a89fa1f71cbd331f958b351c5afe952a47a560120e080d63bd623","ssdeep":"","tlshash":"34700008380080280230200e80300308a002038e2020c080000c0800000828c2a02028","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T06:55:47.509236Z","times_seen":11615,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":41,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/fonts/font-7757d15d.woff2","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","date":"2026-07-03T00:11:33.948Z","timestamp":1783037493948,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/fonts/font-7757d15d.woff2 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/templates/yootheme/css/theme.9.css?1634676367\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 7900\r\nLast-Modified: Sun, 17 Oct 2021 17:44:17 GMT\r\nConnection: keep-alive\r\nETag: \"616c60f1-1edc\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":7900,"size_decoded":8158,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7900, version 1.0","md5":"9ed361bba8488aeb2797b82befda20f1","sha1":"6f80d965a066aff81c0a344d4b7297bd009cc099","sha256":"41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c","sha512":"a445d1850d9a03b32944586b426c1eb0e3cd42ad24d4c029e993f37c11cd24680fe9c354425a9d6a84fef27a9e06704108d845f74c204c5bec5a95f50cf50bd6","ssdeep":"192:p7uo9HQkQLb61fpJohI/gCvwsd2pbbhKn:p7v9wkYbkfpJPIqdyhK","tlshash":"33f1c0d24f50e68ffb9ba63a5c1ec3724dcea0a521c5e87c39c81c0bd269d13597c144","first_seen":"2023-04-08T01:54:40Z","last_seen":"2026-07-03T08:00:25.555221Z","times_seen":5303,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":86,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/plugins/system/jce/css/content.css?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.718Z","timestamp":1783037494718,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /plugins/system/jce/css/content.css?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: text/css\r\nContent-Length: 1999\r\nLast-Modified: Wed, 17 Jun 2020 22:29:01 GMT\r\nConnection: keep-alive\r\nETag: \"5eea992d-7cf\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1999,"size_decoded":2254,"mime_type":"text/css","magic":"ASCII text, with very long lines (1999), with no line terminators","md5":"dbb006ef98426ec633dc9336b399d3e8","sha1":"ea30e666d18c5633f15ac342ff12974bcd64a9fd","sha256":"2291dfa652ff8d9b621007cc0daf0dc254a34a0fe1e5439a7e0feb305e4542d7","sha512":"433284a086ea36885a862a44a3f2a6a85fd7e9cf28d1930abf28da86e0aa87092302aebae51d034e6a0a33e34ee4221c2190deffe0b2c5a190f359b5484f7e50","ssdeep":"","tlshash":"f9413523dc1c51ecac1372a0e2e24c182118fa44db2ec1d6b52fe9e56a44fd77db285c","first_seen":"2023-04-26T11:28:40Z","last_seen":"2026-07-03T00:11:58.32534Z","times_seen":98,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/logo.svg","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.697Z","timestamp":1783037491697,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/logo.svg HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 303 See other\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nSet-Cookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi; path=/; HttpOnly\r\nLocation: https://brambach.edvpartner-work2.de/index.php\r\nLast-Modified: Fri, 03 Jul 2026 00:11:34 GMT\r\nX-Powered-By: PHP/7.3.20, PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See other","fingerprints":[{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T08:08:24.275566Z","times_seen":16936743,"resource_available":true,"data":null}},"time_used":3014,"timings":{"blocked":2346,"dns":0,"connect":0,"send":0,"wait":668,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:32.000Z","timestamp":1783037492000,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/gif/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/gif/css.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 16408\r\nLast-Modified: Thu, 02 Jul 2026 01:14:34 GMT\r\nConnection: keep-alive\r\nETag: \"6a45bb7a-4018\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":16408,"size_decoded":16667,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16408, version 1.0","md5":"875ba54801f7cf83ea70abf613fab665","sha1":"a747343db86c1ba5d10d6cb1814fd6ac6db42b65","sha256":"a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79","sha512":"c8ec654b13390bdd9709220d1101c74f59a413d3d516d04999cb202486c2f5405c2ef973e4c10ba3a8091757a864a6a5a573b55aecaadbc496a12b6915dd4839","ssdeep":"384:240hr/HStUHu+dcNTwKsKaAgjeSdAL0BAvdA:+1HStUENDaldKm","tlshash":"6872e13536abc726deab707d68811e1e34994d068a19b5bcdb5173f8723a198433ccd0","first_seen":"2023-04-06T17:20:45Z","last_seen":"2026-07-03T00:11:58.34234Z","times_seen":1084,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":207,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/js/theme.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.116Z","timestamp":1783037493116,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/js/theme.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1740\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-6cc\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1740,"size_decoded":2009,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1688)","md5":"0659a3d8c01f3b689907d4764a781ea4","sha1":"f72a52e419b4b8fc9a61a192e8c64d5a4abf4a6e","sha256":"b509916f1aab2c9821746f58ffb9c64f56597304d6cf5dda9e40fb8bb1e73718","sha512":"312b91162cfc12f5f2c93e9e10636be720710dae97259b4f79564ead9869dcddf226c80a0ce96f7b4f3dfb7d97124ab1ceb351eeca70b133541bb90e11a47b01","ssdeep":"","tlshash":"d9316289f260f065123305fdd5b75812a91fba04b10f2288f7b4c4db15ac14d162bfaa","first_seen":"2023-10-01T00:22:41Z","last_seen":"2026-07-03T00:11:58.321025Z","times_seen":6,"resource_available":true,"data":null}},"time_used":609,"timings":{"blocked":575,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dovishfinancialservices.com/wp-content/uploads/2026/43rd/index.html","fqdn":"dovishfinancialservices.com","domain":"dovishfinancialservices.com","tld":"com"},"ip":{"addr":"162.240.231.219","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T00:11:27.542Z","timestamp":1783037487542,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dovishfinancialservices.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 17:27:16 GMT","end":"Sat, 29 Aug 2026 17:27:15 GMT"},"fingerprint":{"sha1":"CE:9F:1D:B4:0A:13:64:02:14:9B:5E:54:76:45:29:59:B6:54:A8:21","sha256":"B8:09:27:7B:6C:FF:69:4B:E3:A9:26:B1:87:6D:A4:E0:62:74:60:F9:B5:88:EC:7D:BC:67:09:34:4F:C0:EE:15"}}},"request":{"raw":"GET /wp-content/uploads/2026/43rd/index.html HTTP/1.1\r\nHost: dovishfinancialservices.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 03 Jul 2026 00:11:28 GMT\r\nServer: Apache\r\nLast-Modified: Thu, 02 Jul 2026 01:44:16 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 4015\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":4015,"size_decoded":4258,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"c349fc77bdce984706f7e71a64866e79","sha1":"d7fba861984c50d2237d8182857f237c79a99a60","sha256":"27c70a49417be9dc9a1a3d7f10ad611168e6a40e252c8b48b36616023b418d2f","sha512":"783302893732b28c9eb888fc05eaf7cd6b3f06fad026d10bd960825f5b9b22ad5d47c9a006f4309c1bbaf5430102e7b4c28459f6711318378d0768493fbb0dcd","ssdeep":"","tlshash":"a581634b6043212719b3e3249fa3a705fb6260138249854abeed1358aff144ac6b7fdc","first_seen":"2026-07-02T22:51:56.875319Z","last_seen":"2026-07-03T00:11:58.342835Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1498,"timings":{"blocked":-1,"dns":273,"connect":135,"send":0,"wait":272,"receive":0,"ssl":817},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"dovishfinancialservices.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"dovishfinancialservices.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"dovishfinancialservices.com/favicon.ico","fqdn":"dovishfinancialservices.com","domain":"dovishfinancialservices.com","tld":"com"},"ip":{"addr":"162.240.231.219","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://dovishfinancialservices.com/wp-content/uploads/2026/43rd/index.html","date":"2026-07-03T00:11:29.240Z","timestamp":1783037489240,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.dovishfinancialservices.com","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 May 2026 17:27:16 GMT","end":"Sat, 29 Aug 2026 17:27:15 GMT"},"fingerprint":{"sha1":"CE:9F:1D:B4:0A:13:64:02:14:9B:5E:54:76:45:29:59:B6:54:A8:21","sha256":"B8:09:27:7B:6C:FF:69:4B:E3:A9:26:B1:87:6D:A4:E0:62:74:60:F9:B5:88:EC:7D:BC:67:09:34:4F:C0:EE:15"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: dovishfinancialservices.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://dovishfinancialservices.com/wp-content/uploads/2026/43rd/index.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Fri, 03 Jul 2026 00:11:29 GMT\r\nServer: Apache\r\nExpires: Wed, 11 Jan 1984 05:00:00 GMT\r\nCache-Control: no-cache, must-revalidate, max-age=0, no-store, private\r\nPermissions-Policy: private-state-token-redemption=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\"), private-state-token-issuance=(self \"https://www.google.com\" \"https://www.gstatic.com\" \"https://recaptcha.net\" \"https://challenges.cloudflare.com\" \"https://hcaptcha.com\")\r\nLink: \u003chttps://u-short.net/QClpNKqyF0r1/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Redux Framework:4.4.17","description":"Redux Framework is a modular PHP library that allows developers to create customisable settings panels and controls for WordPress projects, providing a consistent user interface for managing options and settings.","website":"https://redux.io","common_platform_enumeration":"","icon":"Redux Framework.svg","categories":["WordPress plugins"]},{"name":"WordPress:7.0","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Contact Form 7:6.1.6","description":"Contact Form 7 is an WordPress plugin which can manage multiple contact forms. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering.","website":"https://contactform7.com","common_platform_enumeration":"","icon":"Contact Form 7.png","categories":["WordPress plugins","Form builders"]},{"name":"WooCommerce:10.5.2","description":"WooCommerce is an open-source ecommerce plugin for WordPress.","website":"https://woocommerce.com","common_platform_enumeration":"","icon":"WooCommerce.svg","categories":["Ecommerce","WordPress plugins"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Elementor:4.1.4","description":"Elementor is a website builder platform for professionals on WordPress.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Page builders","WordPress plugins"]}],"data":{"size":49183,"size_decoded":49938,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9139), with CRLF, LF line terminators","md5":"018cef3edbf978c6d74b96533ce93492","sha1":"7f397c8963b28a676b9ccef956be9354ee32aa2f","sha256":"54d5fc0717d5b21f92a88262c57dab063183d1f5660870f3ed81d243f1509239","sha512":"76bb83e8848515e6251689f256fe8de4a402530a57af8ba9ebf0353dca64b4ba9bae6be192f7349e91c8f629fb6d40432839c187d0a47ad8ccc7314eb976882e","ssdeep":"1536:6pyp2T3ARa1AiAd8TABhzGyjlL3DfB3Hy0K9yHGdfcLbb6UOp5:6kS3ARWAiAdKABhzGyjM9yHGdULbbDOX","tlshash":"d323e8f3588c103b539e63984445b318ea999535cf029aa6f7fe221cefd4fe604a271d","first_seen":"2026-07-03T00:11:58.34335Z","last_seen":"2026-07-03T00:11:58.34335Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1714,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1310,"receive":404,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"dovishfinancialservices.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"dovishfinancialservices.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/index_10.html","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.752Z","timestamp":1783037491752,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/index_10.html HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 303 See other\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nSet-Cookie: f94bd41d219f76f25f4e33510dbae032=9g12hk2bjtkskgmk3qcqg9ia4u; path=/; HttpOnly\r\nLocation: https://brambach.edvpartner-work2.de/index.php\r\nLast-Modified: Fri, 03 Jul 2026 00:11:32 GMT\r\nX-Powered-By: PHP/7.3.20, PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See other","fingerprints":[{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T08:08:24.275566Z","times_seen":16936743,"resource_available":true,"data":null}},"time_used":957,"timings":{"blocked":525,"dns":0,"connect":0,"send":0,"wait":432,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.049Z","timestamp":1783037493049,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 131506\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-201b2\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131506,"size_decoded":131779,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65448)","md5":"ee3f0b958e11b4ed20275793885c2779","sha1":"0c3bafa8b1bf4beaa8e9c319ad5f2ee59f37fbef","sha256":"30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0","sha512":"399f52abb79c19c924aa0c5af2dff8d79051368cf61882273acbbc4238fdf6bf489410aad972659bd4fdcfffc3e16d65ae5fb109d5f3ab41187cca3c0d927e28","ssdeep":"1536:ZrQWyLnyF0nENeO9wRvyv3p/qSacRoIY4cnIHOLco00VNfCzTyxChEkb8UBQjsyA:/DqZcRo94k00VN6/RV4UBQo1Iy","tlshash":"1dd3d5ceb391b06143636171516f260bf23ba884b90f8198f639e4c97c7894da17be7d","first_seen":"2023-03-10T21:16:45Z","last_seen":"2026-07-03T00:11:58.321553Z","times_seen":39,"resource_available":true,"data":null}},"time_used":638,"timings":{"blocked":361,"dns":0,"connect":0,"send":0,"wait":206,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/plugins/system/jce/css/content.css?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.243Z","timestamp":1783037493243,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /plugins/system/jce/css/content.css?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/css\r\nContent-Length: 1999\r\nLast-Modified: Wed, 17 Jun 2020 22:29:01 GMT\r\nConnection: keep-alive\r\nETag: \"5eea992d-7cf\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1999,"size_decoded":2254,"mime_type":"text/css","magic":"ASCII text, with very long lines (1999), with no line terminators","md5":"dbb006ef98426ec633dc9336b399d3e8","sha1":"ea30e666d18c5633f15ac342ff12974bcd64a9fd","sha256":"2291dfa652ff8d9b621007cc0daf0dc254a34a0fe1e5439a7e0feb305e4542d7","sha512":"433284a086ea36885a862a44a3f2a6a85fd7e9cf28d1930abf28da86e0aa87092302aebae51d034e6a0a33e34ee4221c2190deffe0b2c5a190f359b5484f7e50","ssdeep":"","tlshash":"f9413523dc1c51ecac1372a0e2e24c182118fa44db2ec1d6b52fe9e56a44fd77db285c","first_seen":"2023-04-26T11:28:40Z","last_seen":"2026-07-03T00:11:58.32534Z","times_seen":98,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":454,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.252Z","timestamp":1783037493252,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 131506\r\nLast-Modified: Thu, 05 Nov 2020 17:34:05 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378d-201b2\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":131506,"size_decoded":131779,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65448)","md5":"ee3f0b958e11b4ed20275793885c2779","sha1":"0c3bafa8b1bf4beaa8e9c319ad5f2ee59f37fbef","sha256":"30fe52942ce0cd7cd663c7e6b4aa8546533ea58634ab9da15a229b6cfb72f7e0","sha512":"399f52abb79c19c924aa0c5af2dff8d79051368cf61882273acbbc4238fdf6bf489410aad972659bd4fdcfffc3e16d65ae5fb109d5f3ab41187cca3c0d927e28","ssdeep":"1536:ZrQWyLnyF0nENeO9wRvyv3p/qSacRoIY4cnIHOLco00VNfCzTyxChEkb8UBQjsyA:/DqZcRo94k00VN6/RV4UBQo1Iy","tlshash":"1dd3d5ceb391b06143636171516f260bf23ba884b90f8198f639e4c97c7894da17be7d","first_seen":"2023-03-10T21:16:45Z","last_seen":"2026-07-03T00:11:58.321553Z","times_seen":39,"resource_available":true,"data":null}},"time_used":532,"timings":{"blocked":498,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/js/theme.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.256Z","timestamp":1783037493256,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/js/theme.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1740\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-6cc\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1740,"size_decoded":2009,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1688)","md5":"0659a3d8c01f3b689907d4764a781ea4","sha1":"f72a52e419b4b8fc9a61a192e8c64d5a4abf4a6e","sha256":"b509916f1aab2c9821746f58ffb9c64f56597304d6cf5dda9e40fb8bb1e73718","sha512":"312b91162cfc12f5f2c93e9e10636be720710dae97259b4f79564ead9869dcddf226c80a0ce96f7b4f3dfb7d97124ab1ceb351eeca70b133541bb90e11a47b01","ssdeep":"","tlshash":"d9316289f260f065123305fdd5b75812a91fba04b10f2288f7b4c4db15ac14d162bfaa","first_seen":"2023-10-01T00:22:41Z","last_seen":"2026-07-03T00:11:58.321025Z","times_seen":6,"resource_available":true,"data":null}},"time_used":550,"timings":{"blocked":507,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/index.php","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:34.739Z","timestamp":1783037494739,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /index.php HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 503 Service Unavailable\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:35 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.3.20\r\nPermissions-Policy: interest-cohort=()\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nLast-Modified: Fri, 03 Jul 2026 00:11:35 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery Migrate","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]},{"name":"Joomla","description":"Joomla is a free and open-source content management system for publishing web content.","website":"https://www.joomla.org/","common_platform_enumeration":"cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:*","icon":"Joomla.svg","categories":["CMS"]}],"data":{"size":4214,"size_decoded":4643,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"601cc19cafb9c9764761ccefbadc48f5","sha1":"7e7467af5959d2f36910afb234995e6888672269","sha256":"321d953a073df853197e92c29929fdc323efc460a835ee960cc663e837f9afd7","sha512":"c1133344025d340dd735ab39d8566b3b30bc69ebe90fc6206aa13db2858e9894c98e7967b09ac0fe13ac660fcc39d67c076cf19b7ca5e3d512a5557131851360","ssdeep":"48:93qppbj8mzqlC9D9c7rILCRmGeFqVq7KppXfgrqdLmZ5gampPZ:9QbP/9D9c7MeRm5qXXfsqdLk5gpPZ","tlshash":"c291642a5c82ed64d17329b4c4a2e918ed66e803d201cc8539cc47d56fe0ecc0b1bf9d","first_seen":"2026-07-03T00:11:58.344069Z","last_seen":"2026-07-03T00:11:58.344069Z","times_seen":1,"resource_available":false,"data":null}},"time_used":643,"timings":{"blocked":30,"dns":0,"connect":0,"send":0,"wait":613,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/index_8.html","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.749Z","timestamp":1783037491749,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/index_8.html HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 303 See other\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nSet-Cookie: f94bd41d219f76f25f4e33510dbae032=gk4a2rg6a05j2ojqbkt1rit7lv; path=/; HttpOnly\r\nLocation: https://brambach.edvpartner-work2.de/index.php\r\nLast-Modified: Fri, 03 Jul 2026 00:11:32 GMT\r\nX-Powered-By: PHP/7.3.20, PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See other","fingerprints":[{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T08:08:24.275566Z","times_seen":16936743,"resource_available":true,"data":null}},"time_used":962,"timings":{"blocked":199,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.250Z","timestamp":1783037493250,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-migrate.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 10056\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-2748\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10056,"size_decoded":10327,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9959)","md5":"7121994eec5320fbe6586463bf9651c2","sha1":"90532aff6d4121954254cdf04994d834f7ec169b","sha256":"48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d","sha512":"b74a2f03c64e883b9a34de43690429327dfb4aa230a7a6afca8150a16e3d84e98461245ff264c26368d9904562cc34fe219f71f951d364fa5c68c039b76776cd","ssdeep":"192:kZrk/GNyd31svs7wkX8KzJcqSDdAcHX4YE5NLR:srhNyNO0kkMKzFSDdAcIYwLR","tlshash":"2e22c79db29a70625fba35f8617fc11b717a94fc2118d9e4a08c8ed1387dc9d403ab39","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-03T08:24:52.6042Z","times_seen":55220,"resource_available":true,"data":null}},"time_used":523,"timings":{"blocked":486,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.624Z","timestamp":1783037494624,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery-noconflict.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 21\r\nConnection: keep-alive\r\nX-Accel-Version: 0.01\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nETag: \"15-5cbcb22e84400\"\r\nAccept-Ranges: bytes\r\nX-Powered-By: PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21,"size_decoded":315,"mime_type":"application/javascript","magic":"ASCII text","md5":"e2060c4e5e5955c824723b13a212d3ec","sha1":"18420ce484978f8ba3d7371febf1638828bb7a67","sha256":"5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6","sha512":"dcc2117e42859d51017047b468a99f65d74d45ac2e86ae1cc5605e39041ff2164e562756d93a89fa1f71cbd331f958b351c5afe952a47a560120e080d63bd623","ssdeep":"","tlshash":"34700008380080280230200e80300308a002038e2020c080000c0800000828c2a02028","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T06:55:47.509236Z","times_seen":11615,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/fonts/font-701b1ece.woff2","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:34.839Z","timestamp":1783037494839,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/fonts/font-701b1ece.woff2 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/templates/yootheme/css/theme.9.css?1634676367\r\nCookie: f94bd41d219f76f25f4e33510dbae032=lbsuatca050s7is7cd50nahrdi\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:34 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 12712\r\nLast-Modified: Wed, 04 Nov 2020 20:36:00 GMT\r\nConnection: keep-alive\r\nETag: \"5fa310b0-31a8\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12712,"size_decoded":12971,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 12712, version 1.0","md5":"a0e971d8c3527842f473a5297137ecaf","sha1":"8e063c7a9ca1a6cc347c343489601f57596717fa","sha256":"6c308a1f8bc77ccc3cf9fa39df0983eed5efb727774181bee87997bd890136b3","sha512":"1a5cce615f73cd136ab18b3d9d40706d9a95f76b99852e3c664601822e0b3a1cedbe9f5e213c74536e10d08c2ee145bbe70fd4248e1b68f6cd54429ba365799e","ssdeep":"384:7bwfyLdRjij9rJEAvm/Iv+o9iJb494pxUU:7kfy7iPE0WoMy9u","tlshash":"ef42c005a57c8bd8e6fd117d1be300545faa485c402e8ae161fb242eb72bed906f0e2d","first_seen":"2023-05-09T05:20:33Z","last_seen":"2026-07-03T00:11:58.324802Z","times_seen":26,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/index_2.html","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM","date":"2026-07-03T00:11:31.753Z","timestamp":1783037491753,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /components/red/rd43/43rd/53rd/53rd/53bank/index_2.html HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/components/red/rd43/43rd/53rd/53rd/53bank/home.html?jbd9cHid2035gOfqVA7WH5Z75RTNfAwF4jjDA7ADBCh4NBQRYa99XoJiIhDqpZGykCbFGrcFub3AIPIwPU5UoGimTmeapeVVcB4IB9fjq8MuRYfR1hYdKiF32SJjBTPcybTeM\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 303 See other\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:32 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nExpires: Wed, 17 Aug 2005 00:00:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nSet-Cookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv; path=/; HttpOnly\r\nLocation: https://brambach.edvpartner-work2.de/index.php\r\nLast-Modified: Fri, 03 Jul 2026 00:11:32 GMT\r\nX-Powered-By: PHP/7.3.20, PleskLin\r\n\r\n","headers":null,"cookies":null,"status_code":"303","status_text":"See other","fingerprints":[{"name":"PHP:7.3.20","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-03T08:08:24.275566Z","times_seen":16936743,"resource_available":true,"data":null}},"time_used":1044,"timings":{"blocked":572,"dns":0,"connect":0,"send":0,"wait":472,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","date":"2026-07-03T00:11:33.430Z","timestamp":1783037493430,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /media/jui/js/jquery.min.js?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 97646\r\nLast-Modified: Sun, 12 Sep 2021 12:03:28 GMT\r\nConnection: keep-alive\r\nETag: \"613dec90-17d6e\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":97646,"size_decoded":97918,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65462)","md5":"48a197817927a6eda6f531064f1dba71","sha1":"5ba19dcca2e2d7ac659af0fbc97dc99e505c498b","sha256":"05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba","sha512":"f7744d1705f9740ba71dddaec02732f53fdb05c207803fb0c692e48831e4645181d24605406ca7b90feb1ba7215f60e2ee366eae7f49b2ca16c74e47cb52485c","ssdeep":"1536:/Z9BiMg+AGpULSaXcbx60BWIBB3CiJUSuTpyhQPOREi/zYjZBNF4t+HVxeFTkLjd:/I3SsE5ETqwMFVMfucy+","tlshash":"f49319dd72c6b06247a730b940af550ff236199d680d8510f128d8e9bc78e4a927bf7d","first_seen":"2023-03-07T01:03:40Z","last_seen":"2026-07-03T00:29:26.835544Z","times_seen":8284,"resource_available":true,"data":null}},"time_used":388,"timings":{"blocked":350,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/templates/yootheme/js/theme.js?2.3.15","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://brambach.edvpartner-work2.de/index.php#rand=0.49074653963579296\u0026iit=1638396639265\u0026tmr=load%3D1638396638948%26core%3D1638396638984%26main%3D1638396639257%26ifr%3D1638396639278\u0026cb=0\u0026cdn=0\u0026md=0\u0026kw=\u0026ab=-\u0026dh=www.53.com\u0026dr=\u0026du=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html\u0026dt=Fifth%20Third%20Banking%20Login\u0026dbg=0\u0026cap=tc%3D0%26ab%3D0\u0026inst=1\u0026jsl=8193\u0026prod=undefined\u0026lng=en\u0026ogt=site_name%2Curl%2Cdescription%2Ctitle%2Ctype%3Dwebsite%2Clocale\u0026pc=men\u0026pub=ra-57fbbf0f65d1f6cb\u0026ssl=1\u0026sid=61a7f2dee21965f0\u0026srf=0.01\u0026ver=300\u0026xck=0\u0026xtr=0\u0026og=locale%3Den_US%26type%3Dwebsite%26title%3DFifth%2520Third%2520Banking%2520Login%26description%3DLogin%2520to%2520your%2520Fifth%2520Third%2520Member%2520Banking%2520account%2520to%2520manage%2520finances%2520online.%2520Visit%2520this%2520page%2520to%2520access%2520your%2520accounts%2520with%2520Fifth%2520Third%2520Bank.%26url%3Dhttps%253A%252F%252Fwww.53.com%252Fcontent%252Ffifth-third%252Fen%252Flogin.html%26site_name%3DFifth%2520Third%2520Bank\u0026csi=undefined\u0026rev=v8.28.8-wp\u0026ct=1\u0026xld=1\u0026xd=1","date":"2026-07-03T00:11:33.444Z","timestamp":1783037493444,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /templates/yootheme/js/theme.js?2.3.15 HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 1740\r\nLast-Modified: Thu, 05 Nov 2020 17:34:04 GMT\r\nConnection: keep-alive\r\nETag: \"5fa4378c-6cc\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1740,"size_decoded":2009,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1688)","md5":"0659a3d8c01f3b689907d4764a781ea4","sha1":"f72a52e419b4b8fc9a61a192e8c64d5a4abf4a6e","sha256":"b509916f1aab2c9821746f58ffb9c64f56597304d6cf5dda9e40fb8bb1e73718","sha512":"312b91162cfc12f5f2c93e9e10636be720710dae97259b4f79564ead9869dcddf226c80a0ce96f7b4f3dfb7d97124ab1ceb351eeca70b133541bb90e11a47b01","ssdeep":"","tlshash":"d9316289f260f065123305fdd5b75812a91fba04b10f2288f7b4c4db15ac14d162bfaa","first_seen":"2023-10-01T00:22:41Z","last_seen":"2026-07-03T00:11:58.321025Z","times_seen":6,"resource_available":true,"data":null}},"time_used":409,"timings":{"blocked":373,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"brambach.edvpartner-work2.de/plugins/system/jce/css/content.css?971df47521198586ab87ad1e9c7abd3c","fqdn":"brambach.edvpartner-work2.de","domain":"edvpartner-work2.de","tld":"de"},"ip":{"addr":"138.201.140.90","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://brambach.edvpartner-work2.de/index.php","date":"2026-07-03T00:11:33.855Z","timestamp":1783037493855,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"brambach.edvpartner-work2.de","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 16:53:12 GMT","end":"Mon, 24 Aug 2026 16:53:11 GMT"},"fingerprint":{"sha1":"A6:4C:56:6A:71:79:54:F8:75:BA:31:70:F2:F0:F8:84:C6:03:8B:78","sha256":"78:28:BC:87:0D:C8:1C:2F:C8:15:AF:B5:CA:EB:64:62:CF:F9:8D:25:76:F6:41:24:B4:DA:6E:4F:33:68:99:54"}}},"request":{"raw":"GET /plugins/system/jce/css/content.css?971df47521198586ab87ad1e9c7abd3c HTTP/1.1\r\nHost: brambach.edvpartner-work2.de\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://brambach.edvpartner-work2.de/index.php\r\nCookie: f94bd41d219f76f25f4e33510dbae032=n1prn3u038tuq44pk7goq9k7qv\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 03 Jul 2026 00:11:33 GMT\r\nContent-Type: text/css\r\nContent-Length: 1999\r\nLast-Modified: Wed, 17 Jun 2020 22:29:01 GMT\r\nConnection: keep-alive\r\nETag: \"5eea992d-7cf\"\r\nX-Powered-By: PleskLin\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1999,"size_decoded":2254,"mime_type":"text/css","magic":"ASCII text, with very long lines (1999), with no line terminators","md5":"dbb006ef98426ec633dc9336b399d3e8","sha1":"ea30e666d18c5633f15ac342ff12974bcd64a9fd","sha256":"2291dfa652ff8d9b621007cc0daf0dc254a34a0fe1e5439a7e0feb305e4542d7","sha512":"433284a086ea36885a862a44a3f2a6a85fd7e9cf28d1930abf28da86e0aa87092302aebae51d034e6a0a33e34ee4221c2190deffe0b2c5a190f359b5484f7e50","ssdeep":"","tlshash":"f9413523dc1c51ecac1372a0e2e24c182118fa44db2ec1d6b52fe9e56a44fd77db285c","first_seen":"2023-04-26T11:28:40Z","last_seen":"2026-07-03T00:11:58.32534Z","times_seen":98,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"brambach.edvpartner-work2.de","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}
