{"report_id":"2c9166e8-54c8-4565-aff5-02f2fb23a4eb","version":0,"status":"done","tags":[],"date":"2026-06-28T12:21:15Z","url":{"schema":"https","addr":"perabetguncellgirisi.icu/","fqdn":"perabetguncellgirisi.icu","domain":"perabetguncellgirisi.icu","tld":"icu"},"ip":{"addr":"94.154.172.39","port":0,"asn":208046,"as":"ColocationX Ltd.","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"perabetguncellgirisi.icu/","fqdn":"perabetguncellgirisi.icu","domain":"perabetguncellgirisi.icu","tld":"icu"},"title":"offsh.nl","dom":{"size":4551,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"fe1427a9c0152ae729bb1129e9b37f3d","sha1":"ad3e1e7a78e2f83725263b8782641f11a10f4c02","sha256":"3341207c63370923cfe440cb5e4899ee56dda4c41d54211a0807a73800a10c3b","sha512":"f27ab00f529b45a280ef2f6c57c13115ba76acd7808b0800bd162cbb751649dc938b907aa3160eaee0c24aed27355626a6514dc8a498f81e84e6370d58923c4e","ssdeep":"48:jz3uMwSDtiFFSFJ2GDJ9/6GHeWuXhYPvdcaxveCbh2fpjLPSMw:jioeFSFJtJteFmXdtxveCbh25PS/","tlshash":"be91da9716f7421b158780ed6fa276487bc9941bc321ca637cfc66ac6f00d5aac3324c","dom_hash":"domhash421878c0025571a88c4b8362c3e1072b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"perabetguncellgirisi.icu/","fqdn":"perabetguncellgirisi.icu","domain":"perabetguncellgirisi.icu","tld":"icu"},"ip":{"addr":"94.154.172.39","port":0,"asn":208046,"as":"ColocationX Ltd.","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T12:21:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"perabetguncellgirisi.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"perabetguncellgirisi.icu","ip":{"addr":"94.154.172.39","port":443,"asn":208046,"as":"ColocationX Ltd.","country":"Bulgaria","country_code":"BG"},"domain_registered":"2026-06-21","domain_rank":0,"first_seen":"2026-06-28T12:21:15.375137Z","last_seen":"2026-06-28T12:21:15.375137Z","alert_count":3,"request_count":3,"received_data":5931,"sent_data":1492,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server:2","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"offsh.nl","ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2023-10-23","domain_rank":394925,"first_seen":"2023-10-23T13:27:16Z","last_seen":"2026-06-25T03:04:38.968482Z","alert_count":0,"request_count":12,"received_data":29042,"sent_data":6444,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"perabetguncellgirisi.icu/","fqdn":"perabetguncellgirisi.icu","domain":"perabetguncellgirisi.icu","tld":"icu"},"ip":{"addr":"94.154.172.39","port":443,"asn":208046,"as":"ColocationX Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"6bd43cf0ae158526c6ab93dc3be79f28","sha1":"15c289e342bd3fdf5b1e95f7abf25a2bc78bf357","sha256":"7a13d5ae0755d86c09084ec300c4a0f1a0a06921f74d9980eba9d966ff17ad38","sha512":"5190eb107c27f5d655eab378cd468228aa031d088f59082f257f41d464a29fbdb23594043afe89a3f9b63ce86d91efad6c2901c816d85196389293a6a5a28521","ssdeep":"","tlshash":"df90040100513554711530d00134c3dd157df075dc4dd335754f57004040405c53c401","size":40,"data":"","first_seen":"2023-03-07T01:02:07Z","last_seen":"2026-06-30T08:03:26.944674Z","times_seen":23747,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"perabetguncellgirisi.icu/favicon.ico","fqdn":"perabetguncellgirisi.icu","domain":"perabetguncellgirisi.icu","tld":"icu"},"ip":{"addr":"94.154.172.39","port":443,"asn":208046,"as":"ColocationX Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:51.118Z","timestamp":1782649251118,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"perabetguncellgirisi.icu","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 06:45:10 GMT","end":"Sun, 20 Sep 2026 06:45:09 GMT"},"fingerprint":{"sha1":"3A:D3:AA:71:84:9E:BA:5E:C0:2F:4C:B4:1A:5F:F6:AB:FE:BB:D9:08","sha256":"3D:EC:23:36:2B:72:13:02:24:E8:8B:E8:11:BB:7A:AD:D6:46:B2:76:34:D3:7F:FD:81:D7:85:D9:89:9B:0C:EA"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: perabetguncellgirisi.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncontent-length: 355\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Sun, 28 Jun 2026 12:20:51 GMT\r\nserver: Apache/2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Apache HTTP Server:2","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":511,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-30T08:39:13.051716Z","times_seen":42655,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"perabetguncellgirisi.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/ko.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.780Z","timestamp":1782649250780,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /ko.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 09:47:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6536411c-bf2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3058,"size_decoded":1446,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3e219b41fef451d1a94570e00dfb032f","sha1":"716336408b367b08ea2cec19a3dbc8dd0916c9fc","sha256":"8b8b93bb844f3653262bb2763ddd1038dd209bf551c7cfbbdbfb1fb58a8b5169","sha512":"f649f54bb96307057322b8cec75c95ef58b4d0fc8f3a48509aa263ccda3d824e4357d5ab37212ae8cb1884b03085197a1670b50ce39e205c46eb06d87dda678e","ssdeep":"","tlshash":"ac5155bdebcc56a0a32633f4d3b37002252725b63b912cb7c2483da2d9052c5569fce1","first_seen":"2025-09-21T16:27:01.632426Z","last_seen":"2026-06-28T16:16:17.379561Z","times_seen":21,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":67,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/en.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.765Z","timestamp":1782649250765,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /en.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 08:10:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65362a60-de3\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3555,"size_decoded":1112,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"68fb8f456ff1adbe740d2da2ae7f8998","sha1":"48d0834518bd912456048076b619a36d0f05e1c6","sha256":"f2b8a291919b736ff0312b0d5458180cc6ee1630b888da1886ba2900717665fd","sha512":"a8fdbabe2016944324f1bd4efb178ad91d8b282f7f7b9bd0c7276e1c11ef75e7688c71082ee0c08d5e8474fbf24abe1d8ebefce2319947223baa03124c90e57e","ssdeep":"","tlshash":"ef71ed05f05d29ea201603f0f779b007383ebdc82fa76c57b1c418a798181a609eb8db","first_seen":"2025-09-21T16:27:01.630086Z","last_seen":"2026-06-28T16:16:17.382526Z","times_seen":21,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":5,"connect":25,"send":0,"wait":30,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/fr.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.768Z","timestamp":1782649250768,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /fr.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:51 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 08:10:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65362a60-48a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1162,"size_decoded":760,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"adf4573e164df2d87bf290389b008348","sha1":"8e7213d5924ccd24a904ad16d014629472756c95","sha256":"3c139cd3759928d2426bcd24de5eaf4afee8731424b201febf89b7dbcff8f7fd","sha512":"44e6884931405b53f92233582cc1edc398b250d0015b4132fcc99b6df9f30f4c600a199c936ac8110c6d5fc0dca05b1be849e95bf0d499de7083b42f939ee1b2","ssdeep":"","tlshash":"a121e144e2cd1969213583b0f771f007703bf5d52be26c9bb0c028e2d81c5e5196b9db","first_seen":"2024-08-22T17:20:29.241979Z","last_seen":"2026-06-28T16:16:17.38496Z","times_seen":22,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":3,"connect":23,"send":0,"wait":22,"receive":0,"ssl":284},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/es.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.772Z","timestamp":1782649250772,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /es.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 08:10:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65362a60-b4d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2893,"size_decoded":1145,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0309661d98438ee98722035282d8e112","sha1":"0707c1a1a8743a49b6e983363ae44c63b480e012","sha256":"a35e4d5d3a54c7c48b1d5fc4bf3e0da0927aeeb80b9ac686531a7f51199ddd7f","sha512":"c0114964741d29b3a170ee8887257f03b71770386e1d52743fe6bed72eca7ae2512a592dec44863bce4445ec5927fb38c4170a4248f2f408e28e2348454438f1","ssdeep":"","tlshash":"0c514245e2685eaae2220760f3b6f447243b2eaa17f7f4a6d15014d2443d0de01bb8db","first_seen":"2025-09-21T16:27:01.634893Z","last_seen":"2026-06-28T16:16:17.377546Z","times_seen":21,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":26,"send":0,"wait":30,"receive":0,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"perabetguncellgirisi.icu/","fqdn":"perabetguncellgirisi.icu","domain":"perabetguncellgirisi.icu","tld":"icu"},"ip":{"addr":"94.154.172.39","port":443,"asn":208046,"as":"ColocationX Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T12:20:50.099Z","timestamp":1782649250099,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"perabetguncellgirisi.icu","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 06:45:10 GMT","end":"Sun, 20 Sep 2026 06:45:09 GMT"},"fingerprint":{"sha1":"3A:D3:AA:71:84:9E:BA:5E:C0:2F:4C:B4:1A:5F:F6:AB:FE:BB:D9:08","sha256":"3D:EC:23:36:2B:72:13:02:24:E8:8B:E8:11:BB:7A:AD:D6:46:B2:76:34:D3:7F:FD:81:D7:85:D9:89:9B:0C:EA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: perabetguncellgirisi.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nlast-modified: Mon, 22 Jun 2026 07:34:32 GMT\r\netag: \"1205-654d2ac68c27a-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding,User-Agent\r\ncontent-encoding: gzip\r\ncontent-length: 1582\r\ncontent-type: text/html\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\nserver: Apache/2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Apache HTTP Server:2","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":4613,"size_decoded":1878,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"89e4dcf925c4ee0efb8cf0d6831e546e","sha1":"fbd8b80efd444274716318c1e89ed672642a96d0","sha256":"cb17cfb3b646a14ae026311f498e98d0767e99c6bded49b218a17039ec697dc7","sha512":"8ad0ecd81f950c1f8a7efef5db449720a71c2666820bef0ff85acc3c8ad06b86163dd06077bc7b291ed8def7f07b87a4dd08fbe4562890179bc5eb77261a5ea4","ssdeep":"48:0up2uMwSDtiFFSFJ2GDJ9S1TOeWuXZHPvd5axvHCbhXrpILPSMSM:TpboeFSFJtJBeFBXdQxvHCbhXMPSdM","tlshash":"fc91c85716f7521b158780fd6fb276487bc6941bc3118a673cec72acaf40d8a6d2328c","first_seen":"2026-05-14T12:03:37.812746Z","last_seen":"2026-06-28T16:16:17.384335Z","times_seen":11,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":66,"connect":22,"send":0,"wait":28,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"perabetguncellgirisi.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/de.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.769Z","timestamp":1782649250769,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /de.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 08:10:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65362a60-490\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1168,"size_decoded":760,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"24b20b122a84c1287ac13a46fb2728bd","sha1":"b477e1605d31d81b2d7a76b806d1830f77f38630","sha256":"83a1c9574d2664a98347f7d6a6d167724762d92493cb466205c04dbd4415d62b","sha512":"55f40655f156a0b782337897577681bf2fda92f29d4b4c8c09b7010a3c71d67e32e1203183ba1a9924694f60e639e98867fb62d72a30c3ee7b92c90f01f26091","ssdeep":"","tlshash":"af211b45e28c2dae512183b0f736f807b13eb5e00bd27c9fa1e044a288185e5086b9cb","first_seen":"2024-08-22T17:20:29.240998Z","last_seen":"2026-06-28T16:16:17.376906Z","times_seen":22,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":1,"connect":21,"send":0,"wait":22,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/po.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.770Z","timestamp":1782649250770,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /po.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 08:10:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65362a60-f30\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3888,"size_decoded":1140,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8ee8e9ebc3d199533e9ceea4f7d171ec","sha1":"f0c8a59dfc38c21c4ee817e1cdc1ae5b380160c7","sha256":"252feb78806c0bd52a7dd025ac5be6846b7458965ff102503ee5bb348c90f38c","sha512":"5aafeebc97752b91153effedf8b1eb6b6926284b7b2c3968ec93aae37a0ba2bbb0c93b298d38de0666d4001cbe35ca8305dcaa4e16ca82d3a645b1d66aeb2841","ssdeep":"","tlshash":"c581354adb541f3a606113c4e372f40610332b593ab37baae04050b3651e5eb1bbbde6","first_seen":"2025-09-21T16:27:01.606586Z","last_seen":"2026-06-28T16:16:17.385527Z","times_seen":21,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":25,"send":0,"wait":25,"receive":0,"ssl":72},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/tr.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.775Z","timestamp":1782649250775,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /tr.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 09:47:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6536411c-688\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1672,"size_decoded":1022,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f70dd8fa77817accc798f2bedc37a465","sha1":"bd5118f1f63e53f45b54a9e75a6ad548ba6c0e2b","sha256":"96aebe6f49b9491bf6e9c58209256407cc51eb8bc311bc19a0c337f7750e37cf","sha512":"4895507a87aa7d733775106a808ca0789916e0a1eb0ef14b224044f9d37a68cc68d7f9c416bb1f4661e5d5878b8fdc5a70a6be4c796c27f07369637c18564450","ssdeep":"","tlshash":"df314648d74c0b7e602183a0f332f0077123b5912592a86ed95414e2a92f4f62db7bdf","first_seen":"2024-08-19T20:37:46.106905Z","last_seen":"2026-06-28T16:16:17.383157Z","times_seen":22,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":66,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/ja.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.779Z","timestamp":1782649250779,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /ja.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 09:47:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6536411c-558\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1368,"size_decoded":890,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3005cb00dd766749158b20ecddb0dfee","sha1":"15c761f6baf6dff383d967cf47ab137d81c285a2","sha256":"c7b7a732142a90ab80f91b9fb982037987a2f015f00558d02fe9296e9529fa52","sha512":"b4616d9c16f777656f7250fc2a5f3be2739f9021a798fafc713cc7bc9c9db8d3461b0a98929ccb8fdd138963f804de167ef50d1782cd87fd25953f72b7cd0fd2","ssdeep":"","tlshash":"fb210cbae2cc2514933157f4e3f1b003a23b21f62bc26c9bd6843ae2d816294135f8d2","first_seen":"2025-09-21T16:27:01.640344Z","last_seen":"2026-06-28T16:16:17.383732Z","times_seen":21,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":67,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"perabetguncellgirisi.icu/css/style.css","fqdn":"perabetguncellgirisi.icu","domain":"perabetguncellgirisi.icu","tld":"icu"},"ip":{"addr":"94.154.172.39","port":443,"asn":208046,"as":"ColocationX Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.755Z","timestamp":1782649250755,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"perabetguncellgirisi.icu","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Mon, 22 Jun 2026 06:45:10 GMT","end":"Sun, 20 Sep 2026 06:45:09 GMT"},"fingerprint":{"sha1":"3A:D3:AA:71:84:9E:BA:5E:C0:2F:4C:B4:1A:5F:F6:AB:FE:BB:D9:08","sha256":"3D:EC:23:36:2B:72:13:02:24:E8:8B:E8:11:BB:7A:AD:D6:46:B2:76:34:D3:7F:FD:81:D7:85:D9:89:9B:0C:EA"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: perabetguncellgirisi.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncontent-length: 355\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\nserver: Apache/2\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Apache HTTP Server:2","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":511,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-30T08:39:13.051716Z","times_seen":42655,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-28","alert":"Sinkholed","trigger":"perabetguncellgirisi.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/ru.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.773Z","timestamp":1782649250773,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /ru.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 08:10:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65362a60-496\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1174,"size_decoded":768,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"983535acf78fdd092c51c5222a849c0d","sha1":"481d6929b108d45edd620a104d5612b9b26e9c97","sha256":"ebc0298a531db98f3e43a9555ebb7370072c92cc92a27515533c0118f870db70","sha512":"5c1c0140637fd404f57e4755bf398a212d234c9cbc7dbf354b098fd102b0530aba2b8713a9c8bfd8af118b66f43ca6f2e0c7fc6097cc963b722487d2ac7feac1","ssdeep":"","tlshash":"23211144e28d29ae512183b0f736f807713ab1d40bd23c9ff1d054a258185e5096b9cb","first_seen":"2024-08-19T20:37:46.107539Z","last_seen":"2026-06-28T16:16:17.373904Z","times_seen":22,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":22,"send":0,"wait":42,"receive":0,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/ro.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.774Z","timestamp":1782649250774,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /ro.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 09:47:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6536411c-49c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1180,"size_decoded":771,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"254b2bc1508505d7e527aa8bb9b06a6c","sha1":"48006c422fd56958278e5eca80bebd5bc9a9a256","sha256":"a5bd16ce2cbfb3ece2cca5582855e4b50ea2eb4f3e5feef2b679d0aa2935e584","sha512":"35ce35d85aa9dc8aaa0477b355bcc2a86c2edf11b517843c2cd3192417b28de151ca7ff0f921a57d0162d1ca86f40b928db20e113521f3bdec393ff09eeef639","ssdeep":"","tlshash":"b721cb44e69d19aa216583b0f771f007703ff5d52be2ac9bb0c028e2981c5e6196b9db","first_seen":"2025-09-21T16:27:01.637797Z","last_seen":"2026-06-28T16:16:17.378139Z","times_seen":21,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":66,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/it.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.777Z","timestamp":1782649250777,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /it.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 09:47:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6536411c-48a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1162,"size_decoded":763,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3bac7dafe2696b12431ae51aa115c6e6","sha1":"4a4095bd379a18ed93e7e10f79d738cbfc113997","sha256":"673b0533656d3f491e8f6a7919acbfd90a4994547085c149e957b62d12515235","sha512":"0eb91e0eb2667c72c07ff04197e52fc7e96462e052625e481e18ae5dd163f4cd1b38e424d639a283d4f88c701df999b8445953ac24dcdca90032805011893ea5","ssdeep":"","tlshash":"5721ee44e6ce19aa212183b0f771f007703af5d11be26c9bb0c018e288189e5096b9cb","first_seen":"2025-09-21T16:27:01.607888Z","last_seen":"2026-06-28T16:16:17.37897Z","times_seen":21,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":66,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"offsh.nl/cn.svg","fqdn":"offsh.nl","domain":"offsh.nl","tld":"nl"},"ip":{"addr":"18.192.7.157","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://perabetguncellgirisi.icu/","date":"2026-06-28T12:20:50.778Z","timestamp":1782649250778,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"offsh.nl","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 23 Apr 2026 01:16:42 GMT","end":"Wed, 22 Jul 2026 01:16:41 GMT"},"fingerprint":{"sha1":"11:6E:AA:00:A6:32:EF:28:82:4D:3A:2F:03:EC:60:B4:51:77:B8:7D","sha256":"39:8B:61:D1:29:6C:A4:B3:D7:16:3E:16:46:A8:AE:BC:A6:00:05:B3:8A:45:33:7F:5D:88:C5:EB:99:82:BD:AA"}}},"request":{"raw":"GET /cn.svg HTTP/1.1\r\nHost: offsh.nl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://perabetguncellgirisi.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 28 Jun 2026 12:20:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 23 Oct 2023 08:10:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65362a60-a9e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2718,"size_decoded":1090,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e3013780ca31ec58340a857e270e4184","sha1":"1b79d7342aeb799db9d35c8d77fa6cc35a7c75f0","sha256":"6e7ad9023532828a29f3f4b374f7e84f7c76aa4ece50f7a1b8bfd2363803f48a","sha512":"867c75eba66500ad5543c000ccef2c544b3abc2632bfe2ac189745267a66cdfba397aad72ca1a32b4cb3abbe0b93cd694ce779342648fdbfcaee6d72ad326d25","ssdeep":"","tlshash":"3f51ed99b74c1ea311af5be4e7b27007087f6af92fc2ec87a1e484d6d4271d504aa4d2","first_seen":"2025-09-21T16:27:01.627169Z","last_seen":"2026-06-28T16:16:17.374865Z","times_seen":21,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":66,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}