| tokibasvurulrnqw.com/edevlet/Elektronik-Imza |  188.114.97.1 | 301 Moved Permanently | 835 B |
URL User Request GET HTTP/2tokibasvurulrnqw.com/edevlet/Elektronik-Imza IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjecttokibasvurulrnqw.com Fingerprint2D:F4:6A:0D:9C:73:38:D3:A4:52:82:C5:23:84:F0:B0:87:69:B8:AE ValidityWed, 24 Apr 2024 04:52:06 GMT - Tue, 23 Jul 2024 04:52:05 GMT
Hashfcd705bf8a94c43f77a617be05bfb66b 0635fe6291b470d317b70a0151363b8c20fd51fb 9ef650ac0eb17b8e404833ab1d69a8641829b8f046b991222c5193df52fdee1c
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - e-Devlet | | OpenPhish | phishing | Government of Turkey |
GET /edevlet/Elektronik-Imza HTTP/1.1
Host: tokibasvurulrnqw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 24 Apr 2024 16:03:54 GMT
content-type: text/html; charset=iso-8859-1
location: https://tokibasvurulrnqw.com/edevlet/Elektronik-Imza/
x-powered-by: PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEw5cU09FGrJQV0B5zL4EkdTlJ536NJ8glngo7jBCVIvbZTYbPzlg0Cj4bSTD7G8UlqBSF5GvN0BZnN%2FTQzV6WFsuwUA1MrjlbFYrhK5iWawmH3D%2B2o6IGXKDA7x06dSwFE9IvJ72Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879753766c7b569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
| tokibasvurulrnqw.com/edevlet/Elektronik-Imza/ | 188.114.97.1 | 200 OK | 250 kB |
URL User Request GET HTTP/2tokibasvurulrnqw.com/edevlet/Elektronik-Imza/ IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjecttokibasvurulrnqw.com Fingerprint2D:F4:6A:0D:9C:73:38:D3:A4:52:82:C5:23:84:F0:B0:87:69:B8:AE ValidityWed, 24 Apr 2024 04:52:06 GMT - Tue, 23 Jul 2024 04:52:05 GMT
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (51545) Size250 kB (250240 bytes) Hash25cfd1723b430a06dd31dd1ee9269dd8 d029a58ecdd767314802211865a4c4fee384e1d1 7da9539d47748883a912a9742f86f266feafac37a90c7b77bb051d37d6dc929a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - e-Devlet |
GET /edevlet/Elektronik-Imza/ HTTP/1.1
Host: tokibasvurulrnqw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 16:03:55 GMT
content-type: text/html
last-modified: Sun, 25 Jun 2023 19:26:52 GMT
x-powered-by: PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8Uinx557h8jN9zTka4Qoa1zQzdQMXru3kKGpN3BsDeTsUbCHbaJIjqNurg243%2FoNH7TV4Rewuoh92SNn4z6lL8Bw61eIJgqVEX%2FuYv%2BpOeMX9y5fuKx5HT96TcbHmIiKQ%2B1MPrcjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797537a792c569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|