| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/rocket-loader.min.js | 172.67.141.115 | 200 OK | 3 B |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/rocket-loader.min.js IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with no line terminators Hash4f4adcbf8c6f66dcfc8a3282ac2bf10a c35a9fc52bb556c79f8fa540df587a2bf465b940 6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/rocket-loader.min.js HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: application/javascript
content-length: 3
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: "3-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 880afb7518845691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/main.js | 172.67.141.115 | 200 OK | 3 B |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/main.js IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with no line terminators Hash4f4adcbf8c6f66dcfc8a3282ac2bf10a c35a9fc52bb556c79f8fa540df587a2bf465b940 6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/main.js HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: application/javascript
content-length: 3
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: "3-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 880afb7548cd5691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/banner-mb.png | 172.67.141.115 | 200 OK | 21 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/banner-mb.png IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typePNG image data, 413 x 207, 8-bit colormap, non-interlaced Hashca401434eb9c416bd1b10ba06417a4b6 46ec53cb6fe457bff21e92022437449f584f0715 9ac9af3ec6e620273f700178f417b8989bda964be3a42d911d7dc143faa3fcbe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/banner-mb.png HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: image/png
content-length: 21231
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: "52ef-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 880afb7538aa5691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/rocket-loader.min.js | 172.67.141.115 | 200 OK | 3 B |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/rocket-loader.min.js IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with no line terminators Hash4f4adcbf8c6f66dcfc8a3282ac2bf10a c35a9fc52bb556c79f8fa540df587a2bf465b940 6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/rocket-loader.min.js HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: application/javascript
content-length: 3
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: "3-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 880afb766a025691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/public/fonts/Metropolis-Bold.woff | 172.67.141.115 | 200 OK | 26 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/public/fonts/Metropolis-Bold.woff IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeWeb Open Font Format (Version 2), CFF, length 26428, version 11.0 Hashdc6926c36da3e0c92f173fde539a9fdc 7df32375dfbc1955dd873e44bfc4bfd585f13779 9a712a2c31daff2a307d935ebea4ac29bad1a93a75349e0edec1d3eb42f1d2eb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/public/fonts/Metropolis-Bold.woff HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/fonts.css
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: font/woff
content-length: 26428
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: "673c-617004921a812"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 880afb76daa15691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/public/fonts/Metropolis-Medium.woff | 172.67.141.115 | 200 OK | 26 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/public/fonts/Metropolis-Medium.woff IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeWeb Open Font Format (Version 2), CFF, length 26360, version 11.0 Hash372fc7d16a6da93d61dd2c8014c847d6 a2bfb8c76eb4fa99e74f14d4fa72530917d10301 f3a738735a2c006f11738c827cd58ae1400b1792eb6555202effc1a830b84adb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/public/fonts/Metropolis-Medium.woff HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/fonts.css
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: font/woff
content-length: 26360
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: "66f8-617004921a812"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 880afb76da9e5691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/public/fonts/Metropolis-SemiBold.woff | 172.67.141.115 | 200 OK | 27 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/public/fonts/Metropolis-SemiBold.woff IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeWeb Open Font Format (Version 2), CFF, length 26564, version 11.0 Hash10f01a9f175be51d3ec7789947142cc3 40b0f3983a0f4758400bd07f054ef63cc1033a53 695870d15689c04f75955d6f5c3e3c03841d4351d44332f4049abb0f825dc6e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/public/fonts/Metropolis-SemiBold.woff HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/fonts.css
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: font/woff
content-length: 26564
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: "67c4-617004921a812"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 880afb76daa75691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/public/fonts/Metropolis-Regular.woff | 172.67.141.115 | 200 OK | 24 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/public/fonts/Metropolis-Regular.woff IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeWeb Open Font Format (Version 2), CFF, length 24152, version 11.0 Hash7b9a798c0a745aa9b5fec632bfccaad7 48bb4cb0a99bbab907487213c3beb4211a2f5427 e920e6b0e7987aceb8df32656d01d44057e2c08646716202d594e06b5010ae70
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/public/fonts/Metropolis-Regular.woff HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/fonts.css
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: font/woff
content-length: 24152
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: "5e58-617004921a812"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 880afb76facc5691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/corporate-account.css | 172.67.141.115 | 200 OK | 6.6 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/corporate-account.css IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with very long lines (33596), with no line terminators Hash80b0ae92202c318b4dbc068bc69ba10a 1249ac1c076e3d29b2c613372e2d8807ab98afcf ef65a7f0efb772165d1d73ada234ee44a6103ef5dee7eda17c922b657d1b74b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/corporate-account.css HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"833c-6170049219872-gzip"
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb7528975691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/icon-search.svg | 172.67.141.115 | 200 OK | 897 B |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/icon-search.svg IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash67a6e57f21dc51784c78c636d6232359 4d8d0a31eb7a4f85c732e357b1a620ff685f9fa9 c89801047a5ad993e3bb63b1bfdf938d165c843bfce893538ed0403bd1403a86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/icon-search.svg HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"31e-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb7528a05691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/favicon.ico | 172.67.141.115 | 404 Not Found | 7.5 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/favicon.ico IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeHTML document, ASCII text Hash62962daa1b19bbcc2db10b7bfd531ea6 d64bae91091eda6a7532ebec06aa70893b79e1f8 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 08 May 2024 16:56:17 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sEVSSDqPGL6%2F5sm%2FLc0FVQ%2FxFSfEyX3kgtWycd5f6ZywnUZ5F0o3cxaJR4l2jDuIjtRNFBw%2FNYRzsMB8kxVQdMPd4N9ZNOgLcFuxVTyhX6lApFaXshW06tKSXA7kC0earQ%2FSwd2cXuy4Ehff6MiPSa7LvsmJfMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880afb77cc3b5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/fonts.css | 172.67.141.115 | 200 OK | 6.9 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/fonts.css IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with very long lines (966), with no line terminators Hashbc6d3cc401eef62aae452cb86fb0f36f dc0508f12fc99c88c4355e9afcedc201f596d943 722f15689147e2090937b664beb957fba493abc2a0024f1b3a42e26f16c1968f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/fonts.css HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"3c6-6170049219872-gzip"
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb7518815691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/edit-white(1).svg | 172.67.141.115 | 200 OK | 4.5 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/edit-white(1).svg IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hashd4270c08ca4a8cce5b72fa33685f17f0 b245e65f52d81e62c56c87d75117d2a456b8f875 441dad95457c0e84c0421f28ab8be2c6b93a3769f8735124364b1fb7b84ecb52
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/edit-white(1).svg HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"47f-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb7538a75691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/icon-4.svg | 172.67.141.115 | 200 OK | 1.5 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/icon-4.svg IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash32026342919ab2244f91356ee7efec85 8400e0195fea7d00c795ac438dcf0884f85ddbc6 a08bf8be355461c36e77893db18463d74a08c119514c7fe00f5530497f221fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/icon-4.svg HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"5ed-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb7568ef5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/home.css | 172.67.141.115 | 200 OK | 52 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/home.css IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with very long lines (52000), with no line terminators Hash1bdfc73ee57021b94e22e65fc25024cb 16ca2b59ef19eb8c9677a0f4839d0874a0726ffb ce4cff8ccfa5454c29708f50bdc511ff925237f191b734adf87c3d513faf1935
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/home.css HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"cb20-6170049219872-gzip"
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb7528955691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/global.css | 172.67.141.115 | 200 OK | 193 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/global.css IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size193 kB (193406 bytes) Hash4c9db92c22ab22358c7a54cd2bbe48e0 edfdef9dfcd9bb711e56d67ffa68e6036f105612 9603a5fe4d6a0a9f25ca62a59c73d41a3e57cf677b91e778052529ff8ed1c4e9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/global.css HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"2f37e-6170049219872-gzip"
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb75188e5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/icon-6.svg | 172.67.141.115 | 200 OK | 1.2 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/icon-6.svg IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash518e508337f509ea75c6db6fbee5e76e 4644b63f530ed0b4888046a30784736e33e01b62 ea0bb8b4bc14d0600df8f520babd481f6c44b9c93b44906945f1d9e2095abbe6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/icon-6.svg HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"4c9-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb7568ec5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/icon-3.svg | 172.67.141.115 | 200 OK | 1.4 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/icon-3.svg IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash226ca645d36eaf667b382d6fd7f866b3 275eea707d3812e7fd27a379cf41e767a1d68a6d 6f916fcf8392426fbe2714cb2d699aa40a615be21a1e49aaff0c9d5c83730c4c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/icon-3.svg HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"57b-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb7558d75691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/edit-white.svg | 172.67.141.115 | 200 OK | 1.2 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/edit-white.svg IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash38754d80a61deb14892d718ab297e7f2 864e9c249bfb5eeb083254e80edc3383e06a6acf dfa89496d39b8a915e68371e9c3f578ea980e44824b99936c04522d973f9d106
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/edit-white.svg HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"47f-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb75289d5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 | 172.67.141.115 | 200 OK | 47 kB |
URL User Request GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 IP172.67.141.115:443
CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache, no-cache
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 880afb747fae5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/logo.svg | 172.67.141.115 | 200 OK | 5.4 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/logo.svg IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash5dcd22b356aa9e5d02d36e1ec0137557 2e6a67a3fcfc835f008a43c3872624e0a13ea983 eab6862a84252db4df42f3d81a96f5f5c6f6d1a56f5ebd1a4cca252f60d350ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/logo.svg HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"1548-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb75289c5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/icon-5.svg | 172.67.141.115 | 200 OK | 2.3 kB |
URL GET HTTP/3hakkindaguncelsikayet.ihbartr.ru.com/giris-691/pages/x.sikayet-var-1/src/icon-5.svg IP172.67.141.115:443
Requested byhttps://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377 CertificateIssuerGoogle Trust Services LLC Subjectihbartr.ru.com Fingerprint92:32:C6:12:D7:4E:E9:98:08:94:A5:66:BE:B5:41:95:B4:2B:CE:AD ValiditySat, 30 Mar 2024 21:49:33 GMT - Fri, 28 Jun 2024 21:49:32 GMT
File typeSVG Scalable Vector Graphics image Hash9f32d5cef98fb89c8d2a7abb43a85ff5 d41a79f126eaa4667fcd9b34efaeeb8414cd70f9 f3d5dcd2992e0cfcdc9784cef1a196490703a12e303fce2d56683b42befc77fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /giris-691/pages/x.sikayet-var-1/src/icon-5.svg HTTP/1.1
Host: hakkindaguncelsikayet.ihbartr.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hakkindaguncelsikayet.ihbartr.ru.com/giris-691/&applicationid=578972c002bf918f7ec2e741c8b4cb62&time=1715187377
Cookie: X-KERTOTOKEN=s47gp33p3iq98u9vd12n9re5ls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 16:56:17 GMT
content-type: image/svg+xml
last-modified: Fri, 26 Apr 2024 13:57:34 GMT
etag: W/"91b-6170049219872"
x-xss-protection: 1; mode=block
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: rollout
cross-origin-opener-policy: same-origin-allow-popups;report-to='coop'
pragma: no-cache
report-to: {"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
x-robots-tag: noindex
referer: https://www.google.com/
cf-cache-status: MISS
server: cloudflare
cf-ray: 880afb7558e15691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|