Report - crsorgii-govi.com/web/index.php/auth/login.php

Report Overview

Submitted URL
crsorgii-govi.com/web/index.php/auth/login.php
IP
185.46.42.16
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.
Submitted
2024-05-04 09:56:38
Access
public
Website Title
Civil Registration System
Final URL
crsorgii-govi.com/web/index.php/auth/login.php
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
78

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
crsorgii-govi.com	unknown	2023-10-25	2023-10-25	2024-04-18	20 kB	752 kB	185.46.42.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed
2024-05-04	medium	crsorgii-govi.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	crsorgii-govi.com/web/js/jquery-1.9.0.js	144 kB	2023-03-26	2024-05-06
Pretty URL crsorgii-govi.com/web/js/jquery-1.9.0.js IP 185.46.42.16 ASN #211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:46:04 Last Seen2024-05-06 20:46:28 Times Seen217 Hash 2656b49a880e281b3313c0a67aff6a0e 2d7e91f7ff10c54156da9a5cf7150a484da7166f f6b2583414dc088325bcfca5fef2f93bbfc24721fe84a558895812f9af01c189 Loading...

	crsorgii-govi.com/web/js/jquery-1.5.1.js	124 kB	2023-06-19	2024-05-06
Pretty URL crsorgii-govi.com/web/js/jquery-1.5.1.js IP 185.46.42.16 ASN #211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-19 04:41:50 Last Seen2024-05-06 20:46:28 Times Seen213 Hash f77417bdd1383af2a1f3daa2b6bfad92 dbc83d7c490c2b161dd17f086523ef671e0fdd57 b7f5d12fde6e8a290356b08934491a21ddba1c64a046631f7e7df75a34ec6e59 Loading...

	crsorgii-govi.com/web/index.php/auth/login.php	553 B	2023-03-26	2024-05-06
Pretty URL crsorgii-govi.com/web/index.php/auth/login.php IP 185.46.42.16 ASN #211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 01:46:04 Last Seen2024-05-06 20:46:28 Times Seen109 Hash 309380f43c030d29ee04011530b7db7c a4e556564a44e8e2ee06b4a54c20e51bf459b680 588839cc46958aeed64ffc3ec2a702f292b77b90adab7008edc6712083127cf8 Loading...

	unknown	34 B	2023-04-11	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-05-18 05:27:04 Times Seen77376 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	crsorgii-govi.com/web/js/jquery-ui-1.10.0.custom.js	46 kB	2023-03-26	2024-05-06
Pretty URL crsorgii-govi.com/web/js/jquery-ui-1.10.0.custom.js IP 185.46.42.16 ASN #211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:46:04 Last Seen2024-05-06 20:46:28 Times Seen207 Hash f81e6e9e92173905755f3391ab3846d4 38f3b782343a2f40ddfa3d6f1fb516f225d8a108 86eca078ec660d6226e1c748a57d57e452f9a5b6d768dcf843b0d25ea3712fea Loading...

	crsorgii-govi.com/web/js/base64EncodeDecode.js	3.7 kB	2023-03-26	2024-05-06
Pretty URL crsorgii-govi.com/web/js/base64EncodeDecode.js IP 185.46.42.16 ASN #211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:46:04 Last Seen2024-05-06 20:46:28 Times Seen209 Hash 0042bee8e1c0d11446b551d3dcd50ec6 eda8ded5e2b8721ae05ab44e7c51cf45e448f2ef 0392f23c98ff0cb8a95283928f189f962c7ca49155b0f2594bcef2f56b5afe16 Loading...

	crsorgii-govi.com/web/index.php/auth/login.php	432 B	2023-03-14	2024-05-06
Pretty URL crsorgii-govi.com/web/index.php/auth/login.php IP 185.46.42.16 ASN #211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 04:06:43 Last Seen2024-05-06 20:46:28 Times Seen130 Hash 7513d372c3e469e33dee96ef411be4a8 1583a6465b7059b08c9b8b16f3d800bdf0ff95ee 52b34bfff8fd6d54ad31a9a69c49e225877c3f7932168bf5999cdd56c9334f03 Loading...

	crsorgii-govi.com/web/js/jquery.ui.core.js	5.0 kB	2023-03-26	2024-05-06
Pretty URL crsorgii-govi.com/web/js/jquery.ui.core.js IP 185.46.42.16 ASN #211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:46:04 Last Seen2024-05-06 20:46:28 Times Seen207 Hash 600dd29fb3d38dfc433dc80aa6d7836e c71997256016cb7899ed811f25dad5285dece16e 1d4904ca2382ac440f351f89afd95ff03bd443407023a3f2bbfb8664262bf12c Loading...

	crsorgii-govi.com/web/js/jquery.validate.js	25 kB	2023-03-26	2024-05-06
Pretty URL crsorgii-govi.com/web/js/jquery.validate.js IP 185.46.42.16 ASN #211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:46:04 Last Seen2024-05-06 20:46:28 Times Seen215 Hash 057b8d835ae6624bb5577ba030b0a40b 7275ac6bf526f55b06ae0022be0da5e396c6d5ac b25abf19990957efd433e30f67512342d79efa31f3aa3caa1faee88f5ddff60a Loading...

	crsorgii-govi.com/web/js/mm_menu.js	25 kB	2023-03-26	2024-05-06
Pretty URL crsorgii-govi.com/web/js/mm_menu.js IP 185.46.42.16 ASN #211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:46:04 Last Seen2024-05-06 20:46:28 Times Seen216 Hash acaa96ed9e39aa75f045ce4c751bc379 d330b0c0d5efa207829335dae0fb6aa73b30bbc8 fdfe3adbbd4f962ec34617db3372b01c0d0377c3bc5565f56228d6fc0fdff028 Loading...

	crsorgii-govi.com/web/js/json_parse.js	2.5 kB	2023-03-26	2024-05-06
Pretty URL crsorgii-govi.com/web/js/json_parse.js IP 185.46.42.16 ASN #211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:46:04 Last Seen2024-05-06 20:46:28 Times Seen207 Hash 2b2d1092db0c6ffcc8f766defe70fe01 0ebdd7cd40d03130d675f7486cfa653b110bedc0 2fe34fcf53a0142141043df1672b5a26093b8e83686ef2e7fe6ecf7024bf0d04 Loading...

	unknown	53 B	2023-04-12	2024-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-12 05:37:29 Last Seen2024-05-09 22:15:36 Times Seen478 Hash e03ef4af375bbbacecf6ff5bb413b997 9c9da6dbb029b933e04841fad01f754b60e1b2eb 03574739691e37a473cd36e4ffd4df1166841c4d3e97fe5cb37e56065473b777 Loading...

	crsorgii-govi.com/web/index.php/auth/login.php	503 B	2023-03-07	2024-05-06
Pretty URL crsorgii-govi.com/web/index.php/auth/login.php IP 185.46.42.16 ASN #211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 22:02:40 Last Seen2024-05-06 20:46:28 Times Seen133 Hash eeebb14600bf236c397844a807ca809a c04393fb717618b247f23ea488e243a466692b9c 8789fb5adb8bc6995b69db8f1e43c5a0c2c23c0eea615d8649cc1939ed05bf73 Loading...

		Size	First Seen	Last Seen
	#1 Eval - fdb97434e8a03045cf69262317058739	185 B	2023-03-07	2024-05-18
Pretty Observations First Seen2023-03-07 22:02:40 Last Seen2024-05-18 04:18:17 Times Seen239 Hash fdb97434e8a03045cf69262317058739 459a71636bb04d7c8c44eb8965806b4fe5e7d2f1 dad37d528b918e11097968d672d2fccab20cbb035d5a316f972ec2bbe7ec8960 Loading...

HTTP Transactions (39)

URL IP Response Size

crsorgii-govi.com/web/css/style.css

185.46.42.16

200 OK

1.9 kB

URL GET HTTP/2
crsorgii-govi.com/web/css/style.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
assembler source, ASCII text
Size
1.9 kB (1861 bytes)
Hash
46b2ab870385fe1bd4f9dff2437954bb
c2e265430b2bec95853219a55ea08b17e34fa401
ef299b0e67a233844101c66197d7795338ae81e99a4a4b0cff9458ea2327f8e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/css/style.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:11 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1861
date: Sat, 04 May 2024 09:56:11 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/css/default.css

185.46.42.16

200 OK

350 B

URL GET HTTP/2
crsorgii-govi.com/web/css/default.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
350 B (350 bytes)
Hash
f30a3b6f711f2b47cdd9be64525d5068
46b93d4d014440625227efa9f2edf79fa209daaa
0f86982f0b36a75b70347d82d8cca310e5cc4051a7208d44fc96a87295f2a2ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/css/default.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 350
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/index.php/auth/login.php

185.46.42.16

200 OK

12 kB

URL User Request GET HTTP/2
crsorgii-govi.com/web/index.php/auth/login.php
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
12 kB (12342 bytes)
Hash
b78ba08a313b5a40a5da84d1bf4eb82e
849f15de7cefcd5f7f8317bad85917509b661964
5c98b66af93adebdac526af9977635522e0d54f086e41fc2cefd70065671bc15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/index.php/auth/login.php HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/8.1.26
set-cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 04 May 2024 09:56:11 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

crsorgii-govi.com/web/css/jquery.ui.all.css

185.46.42.16

200 OK

59 B

URL GET HTTP/2
crsorgii-govi.com/web/css/jquery.ui.all.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
59 B (59 bytes)
Hash
acae801d9de0930998f13487822b40e7
e7b48ddf6ad74985f93c7a4b875e3ab3eb5b35ab
48881e432bdc5437cbe318e5dca4258ad3ef5b3d8c7d93e0c4b10257858abd8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/css/jquery.ui.all.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-length: 59
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/css/jquery-ui-1.10.0.custom.css

185.46.42.16

200 OK

2.3 kB

URL GET HTTP/2
crsorgii-govi.com/web/css/jquery-ui-1.10.0.custom.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
2.3 kB (2266 bytes)
Hash
1a164219da0a41f2591223a8b5916037
41964250b3389d340afb5052661bf1d07f685115
92f286dde5c73006d871c2e0f565dd4c43e4445a31cfac5c75253462dc56e926

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/css/jquery-ui-1.10.0.custom.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2266
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/css/login_style.css

185.46.42.16

200 OK

529 B

URL GET HTTP/2
crsorgii-govi.com/web/css/login_style.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
529 B (529 bytes)
Hash
b5467a368ec7c6822399162c8ac474ca
90aafd6b25badbd6cad33f705176ea2a2715f695
f9eb6065ce0c7d4b2a389afc038334520fe92d8d7d29f1b3d933f21b305d9fb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/css/login_style.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 529
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/js/mm_menu.js

185.46.42.16

200 OK

5.5 kB

URL GET HTTP/2
crsorgii-govi.com/web/js/mm_menu.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20369)
Size
5.5 kB (5506 bytes)
Hash
acaa96ed9e39aa75f045ce4c751bc379
d330b0c0d5efa207829335dae0fb6aa73b30bbc8
fdfe3adbbd4f962ec34617db3372b01c0d0377c3bc5565f56228d6fc0fdff028

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/js/mm_menu.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5506
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/js/jquery-1.9.0.js

185.46.42.16

200 OK

40 kB

URL GET HTTP/2
crsorgii-govi.com/web/js/jquery-1.9.0.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32141)
Size
40 kB (40296 bytes)
Hash
2656b49a880e281b3313c0a67aff6a0e
2d7e91f7ff10c54156da9a5cf7150a484da7166f
f6b2583414dc088325bcfca5fef2f93bbfc24721fe84a558895812f9af01c189

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/js/jquery-1.9.0.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 40296
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/js/jquery-ui-1.10.0.custom.js

185.46.42.16

200 OK

12 kB

URL GET HTTP/2
crsorgii-govi.com/web/js/jquery-ui-1.10.0.custom.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (44396)
Size
12 kB (11940 bytes)
Hash
f81e6e9e92173905755f3391ab3846d4
38f3b782343a2f40ddfa3d6f1fb516f225d8a108
86eca078ec660d6226e1c748a57d57e452f9a5b6d768dcf843b0d25ea3712fea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/js/jquery-ui-1.10.0.custom.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11940
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/js/json_parse.js

185.46.42.16

200 OK

956 B

URL GET HTTP/2
crsorgii-govi.com/web/js/json_parse.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2543), with no line terminators
Size
956 B (956 bytes)
Hash
2b2d1092db0c6ffcc8f766defe70fe01
0ebdd7cd40d03130d675f7486cfa653b110bedc0
2fe34fcf53a0142141043df1672b5a26093b8e83686ef2e7fe6ecf7024bf0d04

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/js/json_parse.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 956
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/js/jquery.ui.core.js

185.46.42.16

200 OK

1.9 kB

URL GET HTTP/2
crsorgii-govi.com/web/js/jquery.ui.core.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5007), with no line terminators
Size
1.9 kB (1935 bytes)
Hash
600dd29fb3d38dfc433dc80aa6d7836e
c71997256016cb7899ed811f25dad5285dece16e
1d4904ca2382ac440f351f89afd95ff03bd443407023a3f2bbfb8664262bf12c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/js/jquery.ui.core.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1935
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/js/jquery.validate.js

185.46.42.16

200 OK

6.4 kB

URL GET HTTP/2
crsorgii-govi.com/web/js/jquery.validate.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (25189), with no line terminators
Size
6.4 kB (6447 bytes)
Hash
057b8d835ae6624bb5577ba030b0a40b
7275ac6bf526f55b06ae0022be0da5e396c6d5ac
b25abf19990957efd433e30f67512342d79efa31f3aa3caa1faee88f5ddff60a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/js/jquery.validate.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6447
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/js/base64EncodeDecode.js

185.46.42.16

200 OK

871 B

URL GET HTTP/2
crsorgii-govi.com/web/js/base64EncodeDecode.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
871 B (871 bytes)
Hash
0042bee8e1c0d11446b551d3dcd50ec6
eda8ded5e2b8721ae05ab44e7c51cf45e448f2ef
0392f23c98ff0cb8a95283928f189f962c7ca49155b0f2594bcef2f56b5afe16

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/js/base64EncodeDecode.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 871
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/content/stylemain.css

185.46.42.16

200 OK

1.2 kB

URL GET HTTP/2
crsorgii-govi.com/web/content/stylemain.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4993), with CRLF line terminators
Size
1.2 kB (1156 bytes)
Hash
2f0d356c6e9c8eb84f8031c4a3b87dbe
c8ba546900a6d6c3e952f665dcf2fe7b44302507
6724656cabc8adb1495f06677c0e71d4f2e49f0cc844c295c387a562b1968876

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/content/stylemain.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1156
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/content/style.css

185.46.42.16

200 OK

632 B

URL GET HTTP/2
crsorgii-govi.com/web/content/style.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1449), with CRLF line terminators
Size
632 B (632 bytes)
Hash
9156a6ef888f23b5d1c3271c43c41499
e28ad8c44dc58c7adf9d48f4fd9a1bd44bd7eabe
d411dc683961f3034c3631d6eccf060019a6f2f357fdc898996aaf113936b22d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/content/style.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 632
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/content/jquery.js

185.46.42.16

200 OK

16 kB

URL GET HTTP/2
crsorgii-govi.com/web/content/jquery.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12391)
Size
16 kB (16360 bytes)
Hash
a9331828c517ac5d97f93b3cfdbcc9bc
1be9c3684054001f53fa7ff6d85ec3cb573a9cd2
d548530775a6286f49ba66e0715876b4ec5985966b0291c21568fecfc4178e8d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/content/jquery.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16360
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/js/jquery-1.5.1.js

185.46.42.16

200 OK

34 kB

URL GET HTTP/2
crsorgii-govi.com/web/js/jquery-1.5.1.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (55455)
Size
34 kB (34288 bytes)
Hash
f77417bdd1383af2a1f3daa2b6bfad92
dbc83d7c490c2b161dd17f086523ef671e0fdd57
b7f5d12fde6e8a290356b08934491a21ddba1c64a046631f7e7df75a34ec6e59

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/js/jquery-1.5.1.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 34288
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/content/styles.min.css

185.46.42.16

200 OK

43 kB

URL GET HTTP/2
crsorgii-govi.com/web/content/styles.min.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
CSV text
Size
43 kB (42681 bytes)
Hash
9f211f1969c90fd704fe8281f1533fbb
2cfea1bc328e728350e54ff77b9dbfba23093fdf
a60dfd293e4865e97f1c0e412bf56cd34445d7d22792fb92ab09fba3f3db7335

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/content/styles.min.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 42681
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/content/scripts.js

185.46.42.16

200 OK

1.7 kB

URL GET HTTP/2
crsorgii-govi.com/web/content/scripts.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.7 kB (1697 bytes)
Hash
ef361e7460d2ecfe30eab00bd3a6a8cc
f2f031151af65fe0875d5715989523e650eed1ce
c0027c43c765752ef726af0e865725807e8afb9945da1927bd606fd2f754ca98

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/content/scripts.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1697
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/content/anylinkmenu.css

185.46.42.16

200 OK

591 B

URL GET HTTP/2
crsorgii-govi.com/web/content/anylinkmenu.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
591 B (591 bytes)
Hash
7cd19894ea0127bc6fbce94ab3c39fa7
19206bcf1cb0bf87e93f82191eca94414bc81b6c
c55b23c955c822bb98fedbdab6f8b57c52cfcdcf8eed547634178728af6dcc38

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/content/anylinkmenu.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 591
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/content/anylinkmenu.js

185.46.42.16

200 OK

3.8 kB

URL GET HTTP/2
crsorgii-govi.com/web/content/anylinkmenu.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.8 kB (3846 bytes)
Hash
b1a4d4a9d234d3d0e1732d8df4aadba6
8dbc60de43956c0a2202658ad2374a6daf03f42f
d574e3c45562dc7b69decd293215800cb4332602c2d5e7b7969d22a8cdc04745

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/content/anylinkmenu.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3846
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/content/menucontents.js

185.46.42.16

200 OK

341 B

URL GET HTTP/2
crsorgii-govi.com/web/content/menucontents.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
341 B (341 bytes)
Hash
68c2f5c02b7d751bf354ad6ae9ccdafa
0095b92882f4927d6ad9e7e75daa682465645190
eb366466e248f1f363eb750df8aadd5c8024f4619a488738e917de1d6c616642

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/content/menucontents.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 341
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/js/jquery3.1.js

185.46.42.16

200 OK

30 kB

URL GET HTTP/2
crsorgii-govi.com/web/js/jquery3.1.js
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32058), with CRLF line terminators
Size
30 kB (29489 bytes)
Hash
27a8f25e65bfe1872ebd62e021a0c6ca
9f835084914c0f4403a080fb7de4abe0d210adf8
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/js/jquery3.1.js HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29489
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/images-other/centfoo2.png

185.46.42.16

200 OK

656 B

URL GET HTTP/2
crsorgii-govi.com/web/images-other/centfoo2.png
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
PNG image data, 224 x 25, 8-bit colormap, non-interlaced
Size
656 B (656 bytes)
Hash
2f20119853c48a72c3671139b22a8347
f91915d2ba7867f6d87241ad809db86a2f7b6ba2
545e9ecc95abe9cd2ac7d34f1a02a7b1024befea05c982b749237875951860d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/images-other/centfoo2.png HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: image/png
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-length: 656
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/css/jquery.ui.base.css

185.46.42.16

200 OK

156 B

URL GET HTTP/2
crsorgii-govi.com/web/css/jquery.ui.base.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
156 B (156 bytes)
Hash
a6c3b4fbacfec606260b8618c0cf48e6
3dd5d770d6a21debbec62a41eac58a8ccde7370a
4dc56d4fca3b22f6c2d97e83ef78be170333955e6b6bbfc2e5ab18f5dd693105

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/css/jquery.ui.base.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/css/jquery.ui.all.css
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-length: 156
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/css/jquery.ui.theme.css

185.46.42.16

200 OK

1.9 kB

URL GET HTTP/2
crsorgii-govi.com/web/css/jquery.ui.theme.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
1.9 kB (1920 bytes)
Hash
1b366bce1049fa7fc3aac2d4cec43197
b65aa5b3177a06156d98372661b15a3679929f5f
0365e54a6c5f3fa37818913ad592a6599ce81dfdf121b23cfd8f5f842b555590

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/css/jquery.ui.theme.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/css/jquery.ui.all.css
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1920
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/images-other/slide3.jpg

185.46.42.16

200 OK

56 kB

URL GET HTTP/2
crsorgii-govi.com/web/images-other/slide3.jpg
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x284, components 3
Size
56 kB (55572 bytes)
Hash
117c3d135cf339f6204736b7f65de221
665aec4667449b46b4549033ce44b40a8cbd8288
d6435e8b898ba686b5a6485b54cf2ab94ee36067ef7e562bb250ba133b89a494

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/images-other/slide3.jpg HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: image/jpeg
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-length: 55572
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/images-other/registar.png

185.46.42.16

200 OK

47 kB

URL GET HTTP/2
crsorgii-govi.com/web/images-other/registar.png
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
PNG image data, 224 x 150, 8-bit/color RGBA, non-interlaced
Size
47 kB (46757 bytes)
Hash
ae3b3159fd12c0cd71f759c20dbfc7f5
e5cf64fbfdbdfa9f6a51b194c1c9782751baf2c5
20b030af256a8407949142738ea36098d4710a7f07ab6c2d18b61935411eb6cc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/images-other/registar.png HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: image/png
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-length: 46757
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/images-other/instition2.png

185.46.42.16

200 OK

71 kB

URL GET HTTP/2
crsorgii-govi.com/web/images-other/instition2.png
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
PNG image data, 224 x 150, 8-bit/color RGBA, non-interlaced
Size
71 kB (71186 bytes)
Hash
b53ea6c10d8d3fcbd899d6db9916ac47
0f8860044f45b31aff5f492b83b45204300820e2
53c3e46242fed365f020388c9d2d43e6775bdebaec8bd1238ef0c5f39eba08cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/images-other/instition2.png HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: image/png
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-length: 71186
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/images-other/public2.png

185.46.42.16

200 OK

59 kB

URL GET HTTP/2
crsorgii-govi.com/web/images-other/public2.png
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
PNG image data, 224 x 150, 8-bit/color RGBA, non-interlaced
Size
59 kB (59437 bytes)
Hash
b535264e4db128a6f2b3d4d14fdf3ffd
b340626166725834a32f677f4db91b2f836fb18e
a9460c8c7b40d6e46e3e0b3b2d64e21df222d815cb7990755306f46b0c6157d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/images-other/public2.png HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: image/png
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-length: 59437
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/images-other/tophd.png

185.46.42.16

200 OK

62 kB

URL GET HTTP/2
crsorgii-govi.com/web/images-other/tophd.png
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
PNG image data, 1010 x 102, 8-bit/color RGBA, non-interlaced
Size
62 kB (62164 bytes)
Hash
5d459726a937a143792c1452be1103c6
04ed3ef95f321c8c3370399da22f0bd24307fd3e
cc37aa1fbd528547685329ac19425809ce7781351b2163f4291a0e9a70fe24e4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/images-other/tophd.png HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: image/png
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-length: 62164
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/images-other/arrow-down.svg

185.46.42.16

200 OK

160 B

URL GET HTTP/2
crsorgii-govi.com/web/images-other/arrow-down.svg
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
160 B (160 bytes)
Hash
bd38663085ebb1fabeec42cd84ede923
5da6d220eee51f3ca8f32741b34ef10473d8ba88
dc91e7869d30364522f2b9e6c0e1afa5d90bb99664ca77dc3b17134292643314

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/images-other/arrow-down.svg HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: image/svg+xml
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-length: 160
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/images-other/slide2.jpg

185.46.42.16

200 OK

117 kB

URL GET HTTP/2
crsorgii-govi.com/web/images-other/slide2.jpg
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x284, components 3
Size
117 kB (117261 bytes)
Hash
8f84f10a3cbe5c36dabd7e6764d8e84d
3bac2df6e3918ed97a56c30ec0945332ee68c264
552cca8b5f05784a23cdb3dab78ca158d41a668ddd8a707ed22a016dcb316bbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/images-other/slide2.jpg HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: image/jpeg
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-length: 117261
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/images-other/slide1.jpg

185.46.42.16

200 OK

101 kB

URL GET HTTP/2
crsorgii-govi.com/web/images-other/slide1.jpg
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=284, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=700], progressive, precision 8, 700x284, components 3
Size
101 kB (101007 bytes)
Hash
93ee84480bd77557f0b9e6121d41b953
5f4dc9373e4c15b586f20ebab9892a03d1a3c143
b58f281329f203fe756877069eab397ffcbf78a6af844015073a96c8fd382e61

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/images-other/slide1.jpg HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: image/jpeg
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-length: 101007
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/css/jquery.ui.button.css

185.46.42.16

200 OK

355 B

URL GET HTTP/2
crsorgii-govi.com/web/css/jquery.ui.button.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
355 B (355 bytes)
Hash
30b224979838321e6024cefdae6cc4a3
4169566b19904212bc1158a0d864a448dd5f8136
9365d7ba706b4d7ad5ac61259bc51cb800a74ae9e8a3a0c394bb964b3c898b1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/css/jquery.ui.button.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/css/jquery.ui.base.css
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 355
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/css/jquery.ui.datepicker.css

185.46.42.16

200 OK

653 B

URL GET HTTP/2
crsorgii-govi.com/web/css/jquery.ui.datepicker.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text
Size
653 B (653 bytes)
Hash
602919f1e7e62c9dd1fafcc923f646dd
9d8c58dc1e60b37cf7ca86a095018b638489ce5e
502ff39570276a1050dd65a68afd8171958e57dd426c701fc8bb8a93a2fbcb47

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/css/jquery.ui.datepicker.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/css/jquery.ui.base.css
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 653
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/images/favicon.ico

185.46.42.16

200 OK

772 B

URL GET HTTP/2
crsorgii-govi.com/web/images/favicon.ico
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel
Size
772 B (772 bytes)
Hash
268aa8463efd3868c14ef1593907eb58
cea0f35ef9dc5dd0b3e61fe6a5a1f919cbc486fd
6e8b8815173054477e76f6f211c0315816e4f11991da76b16216bb07f00e3cb6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/images/favicon.ico HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:13 GMT
content-type: image/x-icon
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 772
date: Sat, 04 May 2024 09:56:13 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/index.php/auth/includes/captcha.php

185.46.42.16

200 OK

1.2 kB

URL GET HTTP/2
crsorgii-govi.com/web/index.php/auth/includes/captcha.php
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
data
Size
1.2 kB (1236 bytes)
Hash
c637834736137e8ad0de66a1bfd5fe0b
11acff4e94534d218eee2452cefa2b8febde321b
6352e2e1ffee19a375e0575e90e6ceb264b63bea3959f74e46ece0e53906f94e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/index.php/auth/includes/captcha.php HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/8.1.26
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

crsorgii-govi.com/web/css/main.css

185.46.42.16

200 OK

4.1 kB

URL GET HTTP/2
crsorgii-govi.com/web/css/main.css
IP
185.46.42.16:443
ASN
#211401 Atak Domain Hosting Internet ve Bilgi Teknolojileri Ltd. Sti.

Requested by
https://crsorgii-govi.com/web/index.php/auth/login.php
Certificate
IssuerSectigo Limited
Subjectcrsorgii-govi.com
Fingerprint0E:AB:8F:53:C2:99:2A:0F:BD:D7:AC:5E:71:EB:40:23:BC:56:4F:07
ValidityTue, 31 Oct 2023 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4184), with no line terminators
Size
4.1 kB (4106 bytes)
Hash
a6fc7a6dfd7840ecfefb823fff284da6
f22d41ae8cf9ba0e70355a4c16bac28b3cd771e9
a2d8570bb7d6531891bb698e0972f05779db13ad196b291297af2177a36ec148

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web/css/main.css HTTP/1.1
Host: crsorgii-govi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://crsorgii-govi.com/web/index.php/auth/login.php
Cookie: PHPSESSID=uin7dpdr09ik6qjl9rf046ks1u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 09:56:12 GMT
content-type: text/css
last-modified: Wed, 03 Apr 2024 13:33:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 877
date: Sat, 04 May 2024 09:56:12 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL