{"report_id":"53f0931f-6fff-4c00-917c-7e350b97a6ae","version":6,"status":"done","tags":["e-devlet","phishing","government","turkey","suspicious"],"date":"2026-03-08T11:47:48Z","url":{"schema":"http","addr":"kimlik-ege-edu.serv00.net","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":0,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"final":{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"title":"e-Devlet Kapısı","dom":{"size":21467,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3897)","md5":"12ad07af14b54ac6f5431845430f54a6","sha1":"b23e4ce5ed210a1945151030ec5b599873564bbd","sha256":"100ec44677ae35ba994d45af6f96fd08ba24a6c88deba1d675195dbf85b67c89","sha512":"8f691d5ec965ffa646b06239c132b6b5b26117fbfce3d0a8c191973e4978d2f7c9bf2dc1a6fab8402021a3f8a0c7f330140351881d2d369dc1d76211486cbad3","ssdeep":"384:fDRg70UIUMhxMhPJQ1kskHFkHlYXuHx13f0P/+Em3RguFwuFA:fDRg7jIUgH1ksklkHlYXEH0P/+Em3RtS","tlshash":"0fa23e71a1aa083ad64bcdd87a75973e6baac343cd0bd454b3fd87891fe0d94894720c","dom_hash":"domhashbe4be713323e42f8cd5144c8e45b83b2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kimlik-ege-edu.serv00.net","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":0,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-12T11:47:48Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":3,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-08","alert":"Detects file containing Telegram Bot API","trigger":"kimlik-ege-edu.serv00.net/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"kimlik-ege-edu.serv00.net","ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":195,"request_count":48,"received_data":463700,"sent_data":36261,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-01T22:15:00.771016Z","alert_count":0,"request_count":2,"received_data":68386,"sent_data":1098,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-01T22:18:12.522658Z","alert_count":0,"request_count":1,"received_data":20218,"sent_data":578,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":true,"md5":"ab1d51f32a244b66e80bced99f06791c","sha1":"dbe686554b6dcd9c714a873d33888f50690628d8","sha256":"f4ed254cc9b690b4b4a52ef0e39a42fb4a7c6f22a4a635050e000a7cdb527c94","sha512":"f924aec684ebcd17a7fcb2d4da9666476968074a0ee0405bbaf588bfc3be02fd483b08ffeb81f0718673f535da1acce207cc32a01d0a277e954a09c60f759f91","ssdeep":"","tlshash":"562110ef587608a02f57b275377fd101322340576c09d8a1fd1c88625f48b3825757c9","size":1268,"data":"","first_seen":"2026-03-08T11:47:55.028329Z","last_seen":"2026-03-08T11:47:55.028329Z","times_seen":1,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-08","alert":"Detects file containing Telegram Bot API","trigger":"kimlik-ege-edu.serv00.net/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/edk-giris.1.9.5.js.indir","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"a36f624cb3b71f17c75785a924fe0a3b","sha1":"4adaa7c6c48712a97ed8d5cfa6566e6233214fc7","sha256":"e36ae23ad2061185e1afec83801772dd62209a32b6120f892e9ad0657845c46f","sha512":"fc092d75f54d04eaa546fe12595ad3439eb85bcfa0205bccffbb487d6edd5b715660f5655f4e654f02ff77df10a754ca3554fd3a3f56b69feae262a432a4f41f","ssdeep":"96:/+OSl+JnkXjKU6VdElrgpHlrgEBnf04citbd0qSpbll+h0JE5l3QSubN1hw5hvaZ:/SlCk+U6VdEwBsFih0qSpbl1cZux4vaZ","tlshash":"80f187acb24521a383e321f5441fd101a12f48798f578166e02da5e62ebdd0b1d7bf6e","size":7926,"data":"","first_seen":"2024-06-06T14:16:32Z","last_seen":"2026-03-08T11:47:55.023609Z","times_seen":82,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/common.1.9.5.js.indir","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"66e8f1bb435e7540d9553e6c468e848a","sha1":"4b3aca2a91cfe8b71cb5ddac8dad96fb83b3edc0","sha256":"b27820bc7628e28952aa2637944113fa9f28bbc17c6fc080a981a189d786edc2","sha512":"21f831e7d51f437e7cc53f206aa701b184781a47c30955d2d7afe358db20b08e7e73ae275e30f5f9dbfb2c1041ae030b262036a9798e35732c2e08287096c3a4","ssdeep":"3072:aP9TY802rAcp1AXUAQ47GKd8+H+GrGtIaA:U9TC2rAzkAQ47GKd8+H+GZ","tlshash":"5fe308dd72c2b022077730ba007f650af23659a9680d8414f125d8e9bdb8e4e927bf7d","size":150342,"data":"","first_seen":"2024-06-06T14:16:32Z","last_seen":"2026-03-08T11:47:55.021537Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/jquery.jcryption.1.9.5.js.indir","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"99fb8b6b3d067702b8ac81481b0b1c03","sha1":"7085baa493a82737334e875c8ee0b576c8b0b963","sha256":"10cea3887f0a3cf60d9fc06e809594d051c37563e2d3d8e8548f86d225fef398","sha512":"b4c452a8c48a7c9faa392ce1759f808ff86b5231ab97e0021b65e4e97abc08a16fb8d71022f591cb92cfdcbdb865b3e9b7cdc2dbe693c9b9cf8a7569c83818f3","ssdeep":"1536:nDq7WZd3KCPp2UuP6yf8h5z5h3+3nqQ5voBE42RvJFq:+6P9Pp2UuPVf8h5z5tOnqwAE4h","tlshash":"7553e98975d9b4610392a0b4063f054af23a756d181f54fcf669c8e2bcb89cd913bfb8","size":66550,"data":"","first_seen":"2024-06-06T14:16:32Z","last_seen":"2026-05-22T06:28:12.856818Z","times_seen":146,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":true,"md5":"6dd149d74d7c92d40aab093e1fde2706","sha1":"4a4f11d62e64cc67812e9c48a84ad7dc82528d84","sha256":"f9eb82d6d9b152dbb1860c6c29f776c9c21dbde9627aba9a31d3ee67ed1971a3","sha512":"ad55ddb8a8afeb1b25c3258186868b8478b820e3fed1f4dd8ddd25ce79b5938bd8847ce4c252373c36956e96bcc25e2faefab0251f9367d7946b4ef817f308a6","ssdeep":"","tlshash":"3821034060ff044c971a020e8297434be71b51275421fa54bf9d57689f9d3a943db35c","size":1177,"data":"","first_seen":"2023-08-19T23:54:58Z","last_seen":"2026-03-08T11:47:55.029766Z","times_seen":126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":true,"md5":"840f76cc4182090b94dd9baffb88f8c9","sha1":"81f067f47126696f0e56b9475ae8decf34096804","sha256":"592f42b88cf3635bd6754fabaf0dae26b54b0828d3727b87d02b141d0d789a44","sha512":"245bae816ed28e9ce1da8d3ee533c34307a83086581dc37173af2e2a74f17b9fb577c99c46f63d6232a0482b20ebbd3565b299edccf5ed4245194dd69c71f81b","ssdeep":"","tlshash":"ab414f94a8e2199c433b761ba7ff81095b5e92174120ee04bf2ccb993f5ca6183c760d","size":2344,"data":"","first_seen":"2023-09-11T01:40:21Z","last_seen":"2026-03-08T11:47:55.031766Z","times_seen":107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/main.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"c02e946fe528329cbd6a7377e12d4566","sha1":"570790a9b79df546ce021088e1e68bbd511f2a43","sha256":"26fabe452b0cd62327c2f5139c56173703a035442dd890565af1e72a8864cb84","sha512":"94deb8d40d3c42fe925d5bd7cbb2e95aea655afae26c53a7ba2793d9f2e2fccd9582ceec5ef120cc68d22efdeaf5019e243cf64d867a975e58bbd134d14d3f81","ssdeep":"96:gGKupQHToU8oMLLXlHPX58m1pw/WCytfOxH766wyJIT0OyQxkMzC7QvA5mmIzJ1L:gGFQHTqoSPXT1prCytWxyyJIT0OyLJmX","tlshash":"bfc11bb6713d967302df27333175a38972321098159f824440ad8a25133ceaeb5f7fd4","size":5791,"data":"","first_seen":"2025-12-29T02:55:37.254872Z","last_seen":"2026-06-13T00:19:52.582747Z","times_seen":986,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/common_messages_tr.1.9.5.js.indir","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"656cb0d57e162f9918c95ff1a9a4badd","sha1":"f9cc70a3853fdaf4dc699bce73459ea640fc7bef","sha256":"2e07a062dd6ef5194e94abe7f3524ff371fff1a4c902e74d70f9bb20bd026fbd","sha512":"214fc1e45432cfa25cddc442eb0a2b90990d044c32342c9ff45b436f12e99721dba95809e6e27d98f65794cccaea07ccb71bf124a0c3b727a27c45f98d3511a3","ssdeep":"","tlshash":"633164c049b2ec5e72b473cfb0d6138ff19f82627a5de50da945820a67899470dab80c","size":1841,"data":"","first_seen":"2023-04-22T19:25:28Z","last_seen":"2026-05-22T06:19:16.177108Z","times_seen":197,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/login_messages_tr.1.9.5.js.indir","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"introduction_type":"scriptElement","is_inline":false,"md5":"99a565c318adee50e53be2320511f6c4","sha1":"4fcbad23a294f66567c4ebd98b1a86b6111861f6","sha256":"1f4fb231fa2e4087e368def58287b4c6fb2bb7897eb8bad2d26a527ddce31535","sha512":"36a5098940e574cea0003ecdda945cd2d74046879f07897bba0829217e2c386fae8d23eb6c67ab113065d86fbe1749a14b1d4e18f0dd13c8949276e5e1ba2c7d","ssdeep":"","tlshash":"0cb092081240bc8e3e501bfa0e4a9e5aa04618206b10b99b5ee162127c1a34fad390a8","size":113,"data":"","first_seen":"2023-09-11T01:40:21Z","last_seen":"2026-03-08T11:47:55.011389Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/xess/xess.min.css?cachebuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:23.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/xess/xess.min.css?cachebuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:22 GMT\r\ncontent-type: text/css\r\ncontent-length: 57569\r\nlast-modified: Thu, 05 Mar 2026 13:00:10 GMT\r\netag: \"69a97e5a-e0e1\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57569,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (57569), with no line terminators","md5":"94e91f9f4856772ce995d2a09616351f","sha1":"befdbf8f3029f633d7e7b2dbfeb4c6c066136d45","sha256":"16f9eba9b1bf4cff7d7656cdfe9b4a9c088ee3ac4fc556371774a989938b41e3","sha512":"3d7bffadf80655bf1d6b38be94b2f76911e444f246de6bf2cf735cad8ddf033456cf6bd350923589181d388b7382f2bff2b861cb7ffb5b155cf32c4b0c95487e","ssdeep":"768:1GTdUvzHen7M2HeLMiMMSZJIftllvfNAW037h+TV7hXeQlgCFS/MhA0BQuMIbUCP:IUp8PMKClllvlAv0VJeQTvhViaTSGew","tlshash":"504341378a0994b06d787eabcba7390d45b8f58398c357c890ad1d64dd3ef0a394f258","first_seen":"2026-03-07T00:56:39.208095Z","last_seen":"2026-03-13T12:07:41.145264Z","times_seen":24,"resource_available":false,"data":null}},"time_used":2236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":1661,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:07 GMT","end":"Mon, 27 Apr 2026 08:38:06 GMT"},"fingerprint":{"sha1":"FD:7B:7B:3F:B0:E9:E6:F2:B2:20:AF:6D:E3:76:AC:43:C9:2B:95:1F","sha256":"05:F7:EC:37:83:98:A5:87:8A:AE:AD:80:95:CC:A6:0A:C4:F9:42:EF:07:B0:C2:6B:6F:1B:27:7A:78:A8:CE:64"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kimlik-ege-edu.serv00.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 04 Mar 2026 23:57:11 GMT\r\nexpires: Thu, 04 Mar 2027 23:57:11 GMT\r\ncache-control: public, max-age=31536000\r\nage: 301815\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-06-13T20:33:48.21116Z","times_seen":187533,"resource_available":false,"data":null}},"time_used":1406,"timings":{"blocked":172,"dns":1,"connect":47,"send":0,"wait":98,"receive":964,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/favicon.ico","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:23.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:23 GMT\r\ncontent-type: text/html\r\ncontent-length: 2645\r\netag: \"6695c3fb-a55\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2645,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ca241997bb8496ef9ce1eb5216abfc58","sha1":"9c83fe51734ff4a1d4b21f9808f66ac120d318fe","sha256":"9d79e2f15b07b582dd5aa6efbad6d74a22b42fd8e4a06b5df66fffaf6ac35a8b","sha512":"a22fbf561247a3d67a9da444260d0100bc438788dda19e9966cd4871ba92b020a647457d8d6cdefb596c5e5635eb0526ed303d74457990017319773a518109b8","ssdeep":"","tlshash":"465164278aa7921a7442c0e47be3a75277168287d10ecdac7a5da1c9cf805f4d5b328c","first_seen":"2025-01-19T22:56:03.821205Z","last_seen":"2026-03-12T09:36:13.057186Z","times_seen":7,"resource_available":false,"data":null}},"time_used":2130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/jquery.jcryption.1.9.5.js.indir","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:32.543Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /e-Devlet%20Kap%C4%B1s%C4%B1_files/jquery.jcryption.1.9.5.js.indir HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 66550\r\nlast-modified: Thu, 06 Jun 2024 14:31:34 GMT\r\netag: \"6661c846-103f6\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66550,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators","md5":"99fb8b6b3d067702b8ac81481b0b1c03","sha1":"7085baa493a82737334e875c8ee0b576c8b0b963","sha256":"10cea3887f0a3cf60d9fc06e809594d051c37563e2d3d8e8548f86d225fef398","sha512":"b4c452a8c48a7c9faa392ce1759f808ff86b5231ab97e0021b65e4e97abc08a16fb8d71022f591cb92cfdcbdb865b3e9b7cdc2dbe693c9b9cf8a7569c83818f3","ssdeep":"1536:nDq7WZd3KCPp2UuP6yf8h5z5h3+3nqQ5voBE42RvJFq:+6P9Pp2UuPVf8h5z5tOnqwAE4h","tlshash":"7553e98975d9b4610392a0b4063f054af23a756d181f54fcf669c8e2bcb89cd913bfb8","first_seen":"2024-06-06T14:16:32Z","last_seen":"2026-05-22T06:28:12.856818Z","times_seen":146,"resource_available":true,"data":null}},"time_used":7569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2331,"receive":5238,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/themes/izmir/fonts/arimo/P5sMzZCDf9_T_10ZxCFuj5-v.179.woff2","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:34.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /themes/izmir/fonts/arimo/P5sMzZCDf9_T_10ZxCFuj5-v.179.woff2 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/login-main.1.9.5.css\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:34 GMT\r\ncontent-type: text/html\r\ncontent-length: 2645\r\netag: \"6695c3fb-a55\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2645,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ca241997bb8496ef9ce1eb5216abfc58","sha1":"9c83fe51734ff4a1d4b21f9808f66ac120d318fe","sha256":"9d79e2f15b07b582dd5aa6efbad6d74a22b42fd8e4a06b5df66fffaf6ac35a8b","sha512":"a22fbf561247a3d67a9da444260d0100bc438788dda19e9966cd4871ba92b020a647457d8d6cdefb596c5e5635eb0526ed303d74457990017319773a518109b8","ssdeep":"","tlshash":"465164278aa7921a7442c0e47be3a75277168287d10ecdac7a5da1c9cf805f4d5b328c","first_seen":"2025-01-19T22:56:03.821205Z","last_seen":"2026-03-12T09:36:13.057186Z","times_seen":7,"resource_available":false,"data":null}},"time_used":6601,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5186,"receive":1415,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-08T11:47:21.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:21 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-store\r\ncontent-encoding: gzip\r\nset-cookie: anp-anubis-auth=; Path=/; Expires=Sun, 08 Mar 2026 11:46:21 GMT; Max-Age=0; SameSite=Lax\nanp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; Path=/; Expires=Sun, 08 Mar 2026 12:17:21 GMT; SameSite=Lax\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4442,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2504)","md5":"b2a0be4a7bdbe0083fdf6100c326a4a8","sha1":"1a20a46693dad3d8f27e1861d26fc977f2c853a9","sha256":"7a98fab3510a2bfd3b204fad4c2e5b7499d8d76067ea55aec61f19691e159e73","sha512":"1d88ecd10e31aa7556baee7aee576ba9a620310ea1080a145ed84256c5c3b948247000c98709fe95f18f0a9e5cf64613846be62c4dc79a0a8ceb298b92dac88c","ssdeep":"96:zJawDlRb9/GO0E+CwbQOx2dDvZscvEUtrNnFN+qGtuDsb:TlRb9e/E7wk+0DhscvBNnBob","tlshash":"4e91fa539c6ac50e0d835dd537a0a78c7b6ac11b8b06cc147ded24629f867bc42776e8","first_seen":"2026-03-08T11:47:55.005733Z","last_seen":"2026-03-08T11:47:55.005733Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1783,"timings":{"blocked":191,"dns":67,"connect":59,"send":0,"wait":1401,"receive":0,"ssl":63},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/locales/en.json","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:25.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/locales/en.json HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:25 GMT\r\ncontent-type: application/json\r\ncontent-length: 5630\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5630,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c56ae0b6f72f0437ca39e0f044f6d518","sha1":"11491b35166ac3fe8e8be27547c5ee8ba5020627","sha256":"1e7bc10f8c46bd794e72a6ba0cb0f3f51d6fb7545958b7d89f9c9ae6dc05b1cb","sha512":"779087d8bf39d3a9928129f6c6b33ffabd64104ec39d626202205e1f355304baaec5902c26e2a31e39ea3c031e042d3479be014b08632115ef28e6762646aacf","ssdeep":"96:iD8r9nFYpVV+qGtsA+XpRV7ZkvRpUDIeqAODR3N5tJxgnXa1BNw:Rr9OVVZBXp/7Zkpq8eEDRntXAqc","tlshash":"1bc1a82bd948112709c202d1a245a6e7bb51ce6b4320371c5b8b612f16de93f8377dfd","first_seen":"2026-02-23T07:27:07.586252Z","last_seen":"2026-06-13T00:19:52.600879Z","times_seen":518,"resource_available":false,"data":null}},"time_used":472,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":472,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.422Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/main.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:23.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/main.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:22 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 5791\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5791,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4373)","md5":"c02e946fe528329cbd6a7377e12d4566","sha1":"570790a9b79df546ce021088e1e68bbd511f2a43","sha256":"26fabe452b0cd62327c2f5139c56173703a035442dd890565af1e72a8864cb84","sha512":"94deb8d40d3c42fe925d5bd7cbb2e95aea655afae26c53a7ba2793d9f2e2fccd9582ceec5ef120cc68d22efdeaf5019e243cf64d867a975e58bbd134d14d3f81","ssdeep":"96:gGKupQHToU8oMLLXlHPX58m1pw/WCytfOxH766wyJIT0OyQxkMzC7QvA5mmIzJ1L:gGFQHTqoSPXT1prCytWxyyJIT0OyLJmX","tlshash":"bfc11bb6713d967302df27333175a38972321098159f824440ad8a25133ceaeb5f7fd4","first_seen":"2025-12-29T02:55:37.254872Z","last_seen":"2026-06-13T00:19:52.582747Z","times_seen":986,"resource_available":true,"data":null}},"time_used":2523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2522,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:26 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-length: 7378\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7378,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5951)","md5":"a02fea9652fbaf3a7ec9ea444605e22b","sha1":"9fc8c7107b662d9f88eea4de042ca9e96845f6fc","sha256":"b78b9a584956e9b8cc79241a0b88b820f3bad3ad1a94114a972651f545d815ec","sha512":"a4b24ddd3460d522aced7cc6e2a2109d0bbed16ea551ea24d28a51f09746d8444cfb6e688f334f0c5e96674598bb8ba0d7cd1df033e7939e549f38dcfc4513fc","ssdeep":"192:gGFQHTqoN60k88kjMvvGgDVeQ0a4NieGghLdWJ+:gGF6qoNg8RAvGgDVZQNiLghLdWA","tlshash":"6be129c4ba95623043db62b240eb8c8fa23ea434350d045cb529e9f63575c6d867bfb9","first_seen":"2025-09-19T08:25:05.601775Z","last_seen":"2026-06-11T05:56:39.09462Z","times_seen":813,"resource_available":true,"data":null}},"time_used":1389,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1389,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/common_messages_tr.1.9.5.js.indir","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:32.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /e-Devlet%20Kap%C4%B1s%C4%B1_files/common_messages_tr.1.9.5.js.indir HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1841\r\nlast-modified: Thu, 06 Jun 2024 14:31:30 GMT\r\netag: \"6661c842-731\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1841,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1703), with no line terminators","md5":"656cb0d57e162f9918c95ff1a9a4badd","sha1":"f9cc70a3853fdaf4dc699bce73459ea640fc7bef","sha256":"2e07a062dd6ef5194e94abe7f3524ff371fff1a4c902e74d70f9bb20bd026fbd","sha512":"214fc1e45432cfa25cddc442eb0a2b90990d044c32342c9ff45b436f12e99721dba95809e6e27d98f65794cccaea07ccb71bf124a0c3b727a27c45f98d3511a3","ssdeep":"","tlshash":"633164c049b2ec5e72b473cfb0d6138ff19f82627a5de50da945820a67899470dab80c","first_seen":"2023-04-22T19:25:28Z","last_seen":"2026-05-22T06:19:16.177108Z","times_seen":197,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/login_messages_tr.1.9.5.js.indir","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:32.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /e-Devlet%20Kap%C4%B1s%C4%B1_files/login_messages_tr.1.9.5.js.indir HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 113\r\nlast-modified: Thu, 06 Jun 2024 14:31:36 GMT\r\netag: \"6661c848-71\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":113,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with no line terminators","md5":"99a565c318adee50e53be2320511f6c4","sha1":"4fcbad23a294f66567c4ebd98b1a86b6111861f6","sha256":"1f4fb231fa2e4087e368def58287b4c6fb2bb7897eb8bad2d26a527ddce31535","sha512":"36a5098940e574cea0003ecdda945cd2d74046879f07897bba0829217e2c386fae8d23eb6c67ab113065d86fbe1749a14b1d4e18f0dd13c8949276e5e1ba2c7d","ssdeep":"","tlshash":"0cb092081240bc8e3e501bfa0e4a9e5aa04618206b10b99b5ee162127c1a34fad390a8","first_seen":"2023-09-11T01:40:21Z","last_seen":"2026-03-08T11:47:55.011389Z","times_seen":60,"resource_available":true,"data":null}},"time_used":1130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":1061,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/themes/izmir/fonts/arimo/P5sMzZCDf9_T_10XxCFuj5-v6dg.179.woff2","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:34.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /themes/izmir/fonts/arimo/P5sMzZCDf9_T_10XxCFuj5-v6dg.179.woff2 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/login-main.1.9.5.css\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:34 GMT\r\ncontent-type: text/html\r\ncontent-length: 2645\r\netag: \"6695c3fb-a55\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2645,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ca241997bb8496ef9ce1eb5216abfc58","sha1":"9c83fe51734ff4a1d4b21f9808f66ac120d318fe","sha256":"9d79e2f15b07b582dd5aa6efbad6d74a22b42fd8e4a06b5df66fffaf6ac35a8b","sha512":"a22fbf561247a3d67a9da444260d0100bc438788dda19e9966cd4871ba92b020a647457d8d6cdefb596c5e5635eb0526ed303d74457990017319773a518109b8","ssdeep":"","tlshash":"465164278aa7921a7442c0e47be3a75277168287d10ecdac7a5da1c9cf805f4d5b328c","first_seen":"2025-01-19T22:56:03.821205Z","last_seen":"2026-03-12T09:36:13.057186Z","times_seen":7,"resource_available":false,"data":null}},"time_used":6879,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5178,"receive":1701,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/img/pensive.webp?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:23.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/img/pensive.webp?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:22 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11324\r\nlast-modified: Wed, 04 Mar 2026 17:46:08 GMT\r\netag: \"69a86fe0-2c3c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11324,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"41d0a0b35ecb280c4d6558ab996c37e2","sha1":"d39b882bfa5133e5c915b554daf8da612dffaecc","sha256":"34253f00628fb569fbcb9b6237114896e1727200500504831dcabdb3579bf1b0","sha512":"ad807b810d5413b4f3d06971ba1217726978d7e7b45403564f41d6bab2181416e502ad9f0ba7fb5efa7dbef1801bdafb2ec0e62d77bec8f348de36244be81518","ssdeep":"192:OVGww2vnppFEw77nCPCy5eS0YKBTnTlWkdBKWfhl0LsKbSZ/hvk+dNqfYTFa:OUInFEw77naCy5eDBNXdBK0hW72k+vTo","tlshash":"ff32ae3ab7bd0326e940bb78c4ec9e19886e184d57748bb2c644b07825b1dd2fa115bc","first_seen":"2026-03-05T17:26:40.670166Z","last_seen":"2026-05-06T03:57:10.223134Z","times_seen":25,"resource_available":false,"data":null}},"time_used":1683,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":1108,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-08T11:47:32.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:31 GMT\r\ncontent-type: text/html\r\ncontent-length: 18608\r\nlast-modified: Thu, 06 Jun 2024 14:30:57 GMT\r\netag: \"6661c821-48b0\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":18608,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1969)","md5":"c764b7b2bc1bbcd21dc56c2c0747b38c","sha1":"ff04c5080835dc43a6e696667ead7cbb5cb433ee","sha256":"6072ad03841b722c02ca00d67fdef015b32d4aeb232d9a1ad6be44c86f0cff78","sha512":"86e705c461dbc6b9f5cb90987de04a492386957db755b57427a1bea03f3f0cef7931b19b94ef5f50821c8fc7692ace6881d6063e404e15dad00d1d639e218f0e","ssdeep":"384:4D7g70UcUMhPXQ1kskHFkHlYXuHx13f0P/+Em3RguFA:4D7g7jcU11ksklkHlYXEH0P/+Em3Rtm","tlshash":"3082977194ba183ac707c9a87a75973d6b9bc213cd06d454b3fc4b991fe0da48a8730c","first_seen":"2026-03-08T11:47:55.014437Z","last_seen":"2026-03-08T11:47:55.014437Z","times_seen":1,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":235,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-03-08","alert":"Detects file containing Telegram Bot API","trigger":"kimlik-ege-edu.serv00.net/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/themes/izmir/fonts/arimo/P5sBzZCDf9_T_1Wi4TRDrZKF09E3.179.woff2","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:34.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /themes/izmir/fonts/arimo/P5sBzZCDf9_T_1Wi4TRDrZKF09E3.179.woff2 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/login-main.1.9.5.css\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:34 GMT\r\ncontent-type: text/html\r\ncontent-length: 2645\r\netag: \"6695c3fb-a55\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2645,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ca241997bb8496ef9ce1eb5216abfc58","sha1":"9c83fe51734ff4a1d4b21f9808f66ac120d318fe","sha256":"9d79e2f15b07b582dd5aa6efbad6d74a22b42fd8e4a06b5df66fffaf6ac35a8b","sha512":"a22fbf561247a3d67a9da444260d0100bc438788dda19e9966cd4871ba92b020a647457d8d6cdefb596c5e5635eb0526ed303d74457990017319773a518109b8","ssdeep":"","tlshash":"465164278aa7921a7442c0e47be3a75277168287d10ecdac7a5da1c9cf805f4d5b328c","first_seen":"2025-01-19T22:56:03.821205Z","last_seen":"2026-03-12T09:36:13.057186Z","times_seen":7,"resource_available":false,"data":null}},"time_used":6884,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5183,"receive":1701,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/api/pass-challenge?id=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\u0026response=00e8f488e66695f17897a996cc6b7762f77cc4016cd3cb2b17e14bf52c79fec5\u0026nonce=15360\u0026redir=https%3A%2F%2Fkimlik-ege-edu.serv00.net%2F\u0026elapsedTime=1451","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-08T11:47:27.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/api/pass-challenge?id=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\u0026response=00e8f488e66695f17897a996cc6b7762f77cc4016cd3cb2b17e14bf52c79fec5\u0026nonce=15360\u0026redir=https%3A%2F%2Fkimlik-ege-edu.serv00.net%2F\u0026elapsedTime=1451 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:27 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 57\r\nlocation: https://kimlik-ege-edu.serv00.net/\r\nset-cookie: anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ; Path=/; Expires=Sun, 15 Mar 2026 11:47:27 GMT; SameSite=Lax\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18608,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":4426,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":4426,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/edk-logo.png","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:32.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /e-Devlet%20Kap%C4%B1s%C4%B1_files/edk-logo.png HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:32 GMT\r\ncontent-type: image/png\r\ncontent-length: 10604\r\nlast-modified: Thu, 06 Jun 2024 14:31:33 GMT\r\netag: \"6661c845-296c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10604,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 490 x 128, 8-bit colormap, non-interlaced","md5":"e58bc59fa41faf432a0814de664bedd2","sha1":"8d9132387fadb7cb17d46b6cd5341f3e62eae1e2","sha256":"7db1afe2e727172c7166f0a97d583a595481ddc6e3a6d1a9e51d854dab3f2344","sha512":"d71a88a4a0929516dbddba71b0b5d1864b14a0907259a45fe6c992ac8044a7223bd77dda4edc2590e999d898a8e832ada7ebcd5965fb3a16da0cce50cc896b3a","ssdeep":"192:eGmA3gTKIrK0L2stQDmaE28kpBoZK9bhDUICI0sweXSU766VhRrWrU7haiOlnKm0:zmMsiRE28MbhDzVlfS4rRKYUhKm5RXw","tlshash":"4022bf1b729fb57bc46e65fb59e1c4ea32c35fa9908c38c930e68c1808df4692359d84","first_seen":"2024-02-26T07:52:00Z","last_seen":"2026-03-08T11:47:55.016403Z","times_seen":164,"resource_available":false,"data":null}},"time_used":1782,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":1714,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/1.png","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:32.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /e-Devlet%20Kap%C4%B1s%C4%B1_files/1.png HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:32 GMT\r\ncontent-type: image/png\r\ncontent-length: 1855\r\nlast-modified: Thu, 06 Jun 2024 14:31:27 GMT\r\netag: \"6661c83f-73f\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1855,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 165 x 40, 8-bit colormap, non-interlaced","md5":"7847c396db234c92dc4b1bb4b759c011","sha1":"cd8357fc05042cb787267f01fe0c38ba6526e0e4","sha256":"b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18","sha512":"f0eabda227f547754983cbf5a213686a9d0c7595d429224a65964dc871614439377d3a9761a45e81184b95dfbc0add2425ae706f154c4f3350b520c5de150823","ssdeep":"","tlshash":"7d31f9cdaa5d5bb4a7228c14ce0c692042ab99e0abb76108606d2112f8297c4de598a3","first_seen":"2023-04-30T19:06:20Z","last_seen":"2026-05-02T12:39:33.851324Z","times_seen":301,"resource_available":false,"data":null}},"time_used":1782,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":1714,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100..900;1,100..900\u0026family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:25.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Roboto:ital,wght@0,100..900;1,100..900\u0026family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 08 Mar 2026 11:47:25 GMT\r\ndate: Sun, 08 Mar 2026 11:47:25 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19532,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"29573797cf2c35117e1b66f9f5a8d8db","sha1":"24a25e950b173801a2f0bd3ce20bb9912f725930","sha256":"f68fe943272dc76197ade3669bd9edc44cb8f00013c0f9268477e2e5684eccba","sha512":"3939cbeea0bb7dd2ac9d6f11f52f06075cf9f595e86d40b85a041bf828890a7d0faaeec3dd2e904a2d48b5e8c1d04ca66ec296bf5e32c802829a00cf9ca37c19","ssdeep":"384:4353m/R/lFx7u7Up8pTHskcCkhkx+kRkg1kUqY4nkbk3kk9fw95969W9yN9/qY4I:M1EVhYEMTHFCiFyg2UfIUk+H00YNRYjw","tlshash":"22921c91086ba004db830cd223ce7e36ff0fa2506445d579abfe1a9abcdbc66536571c","first_seen":"2026-03-07T11:22:54.48402Z","last_seen":"2026-06-10T14:25:23.843741Z","times_seen":27,"resource_available":false,"data":null}},"time_used":933,"timings":{"blocked":440,"dns":1,"connect":40,"send":0,"wait":53,"receive":0,"ssl":396},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/DDO-logo.png","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:32.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /e-Devlet%20Kap%C4%B1s%C4%B1_files/DDO-logo.png HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:32 GMT\r\ncontent-type: image/png\r\ncontent-length: 11864\r\nlast-modified: Thu, 06 Jun 2024 14:31:31 GMT\r\netag: \"6661c843-2e58\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11864,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 332 x 48, 8-bit/color RGBA, non-interlaced","md5":"8e918017e73b3c1a7aaac484d64ff806","sha1":"0b2455144a322542a5d4db12b6ba8a99c6d00c4f","sha256":"dae42dd0054dbd0953f55d387bf0f1e10ae51646a3f7b83203d60b4d855bc1d2","sha512":"be58d89db2aacafb02b1929bbfcb6d56214a2d96016f55fb9aa0557fa8195f8c64c3a156cee3b54a761aae4f51ff8108495e2fed9cb6149337f90c4c4f73f39c","ssdeep":"192:4ft9NyJiXEJmVjCj/uTEbeb68NossY86jyTYDlLXuRntMEFSUQBlInwkyskvDHvr:4fbsItV1oDpzyBDRXuRaEFxQQnE7dJ","tlshash":"4332bf1f0739b623e8e1f27fe42a2a022cb7ad55a5843981682dec1320f7c974979615","first_seen":"2024-02-26T07:51:59Z","last_seen":"2026-03-08T11:47:55.019721Z","times_seen":168,"resource_available":false,"data":null}},"time_used":2335,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2334,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/common.1.9.5.js.indir","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:32.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /e-Devlet%20Kap%C4%B1s%C4%B1_files/common.1.9.5.js.indir HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 150343\r\nlast-modified: Thu, 06 Jun 2024 14:31:29 GMT\r\netag: \"6661c841-24b47\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":150343,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"66e8f1bb435e7540d9553e6c468e848a","sha1":"4b3aca2a91cfe8b71cb5ddac8dad96fb83b3edc0","sha256":"b27820bc7628e28952aa2637944113fa9f28bbc17c6fc080a981a189d786edc2","sha512":"21f831e7d51f437e7cc53f206aa701b184781a47c30955d2d7afe358db20b08e7e73ae275e30f5f9dbfb2c1041ae030b262036a9798e35732c2e08287096c3a4","ssdeep":"3072:aP9TY802rAcp1AXUAQ47GKd8+H+GrGtIaA:U9TC2rAzkAQ47GKd8+H+GZ","tlshash":"5fe308dd72c2b022077730ba007f650af23659a9680d8414f125d8e9bdb8e4e927bf7d","first_seen":"2024-06-06T14:16:32Z","last_seen":"2026-03-08T11:47:55.021537Z","times_seen":32,"resource_available":true,"data":null}},"time_used":8519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2332,"receive":6187,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/edk-giris.1.9.5.js.indir","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:32.545Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /e-Devlet%20Kap%C4%B1s%C4%B1_files/edk-giris.1.9.5.js.indir HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:32 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 7926\r\nlast-modified: Thu, 06 Jun 2024 14:31:32 GMT\r\netag: \"6661c844-1ef6\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7926,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7914), with no line terminators","md5":"a36f624cb3b71f17c75785a924fe0a3b","sha1":"4adaa7c6c48712a97ed8d5cfa6566e6233214fc7","sha256":"e36ae23ad2061185e1afec83801772dd62209a32b6120f892e9ad0657845c46f","sha512":"fc092d75f54d04eaa546fe12595ad3439eb85bcfa0205bccffbb487d6edd5b715660f5655f4e654f02ff77df10a754ca3554fd3a3f56b69feae262a432a4f41f","ssdeep":"96:/+OSl+JnkXjKU6VdElrgpHlrgEBnf04citbd0qSpbll+h0JE5l3QSubN1hw5hvaZ:/SlCk+U6VdEwBsFih0qSpbl1cZux4vaZ","tlshash":"80f187acb24521a383e321f5441fd101a12f48798f578166e02da5e62ebdd0b1d7bf6e","first_seen":"2024-06-06T14:16:32Z","last_seen":"2026-03-08T11:47:55.023609Z","times_seen":82,"resource_available":true,"data":null}},"time_used":5387,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2331,"receive":3056,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/themes/izmir/fonts/arimo/P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.179.woff2","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:34.446Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /themes/izmir/fonts/arimo/P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.179.woff2 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/login-main.1.9.5.css\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:34 GMT\r\ncontent-type: text/html\r\ncontent-length: 2645\r\netag: \"6695c3fb-a55\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2645,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ca241997bb8496ef9ce1eb5216abfc58","sha1":"9c83fe51734ff4a1d4b21f9808f66ac120d318fe","sha256":"9d79e2f15b07b582dd5aa6efbad6d74a22b42fd8e4a06b5df66fffaf6ac35a8b","sha512":"a22fbf561247a3d67a9da444260d0100bc438788dda19e9966cd4871ba92b020a647457d8d6cdefb596c5e5635eb0526ed303d74457990017319773a518109b8","ssdeep":"","tlshash":"465164278aa7921a7442c0e47be3a75277168287d10ecdac7a5da1c9cf805f4d5b328c","first_seen":"2025-01-19T22:56:03.821205Z","last_seen":"2026-03-12T09:36:13.057186Z","times_seen":7,"resource_available":false,"data":null}},"time_used":6881,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5180,"receive":1701,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/img/happy.webp?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:23.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/img/happy.webp?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:22 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9814\r\nlast-modified: Wed, 04 Mar 2026 17:46:06 GMT\r\netag: \"69a86fde-2656\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9814,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"25381fdc040c3cb2fcdc7c71cdb570b6","sha1":"796fda9d4fdedb56103b2a7195a5b0a02ba2a5a7","sha256":"cf61e5c06edd82b23e22ecc47e57c647413489cdc3e8f87e827a7b67cf89a9ff","sha512":"0fd3c8247b3fc8b8b0e23421a3347e3cb827c037cbe5bb003b62b4978cdb2677e032dedce73bd5651fbe8faa5f8c30bf2cc5692c3da66f2e03906127d484589b","ssdeep":"192:qVGww2vFA+R7SUj6mvAGdudn+UT7RCmSMw9lGunBeMLm7yiCYgz:qUINAS7ZNvAgut1Iww9lGu0MLoI","tlshash":"07129e9042dda335d688cdb042e90feb57a4306a4459ab7e8310c2bbeff75e385404e6","first_seen":"2026-03-05T17:26:40.672841Z","last_seen":"2026-05-06T03:57:10.258104Z","times_seen":19,"resource_available":false,"data":null}},"time_used":2466,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2465,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:07 GMT","end":"Mon, 27 Apr 2026 08:38:06 GMT"},"fingerprint":{"sha1":"FD:7B:7B:3F:B0:E9:E6:F2:B2:20:AF:6D:E3:76:AC:43:C9:2B:95:1F","sha256":"05:F7:EC:37:83:98:A5:87:8A:AE:AD:80:95:CC:A6:0A:C4:F9:42:EF:07:B0:C2:6B:6F:1B:27:7A:78:A8:CE:64"}}},"request":{"raw":"GET /s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kimlik-ege-edu.serv00.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 04 Mar 2026 00:03:06 GMT\r\nexpires: Thu, 04 Mar 2027 00:03:06 GMT\r\ncache-control: public, max-age=31536000\r\nage: 387861\r\nlast-modified: Mon, 15 Sep 2025 17:09:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23580, version 1.0","md5":"e1b3b5908c9cf23dfb2b9c52b9a023ab","sha1":"fcd4136085f2a03481d9958cc6793a5ed98e714c","sha256":"918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537","sha512":"b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828","ssdeep":"384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK","tlshash":"91b2e1ce5d546e3a8028213785c17b488273572e9edf42c6dd83a6263a7092cfd3d96e","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-06-13T20:34:29.541127Z","times_seen":233046,"resource_available":false,"data":null}},"time_used":2511,"timings":{"blocked":1140,"dns":1,"connect":61,"send":0,"wait":184,"receive":47,"ssl":1075},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:26.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=1.25.0 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T20:33:39.75785Z","times_seen":16395013,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/login-main.1.9.5.css","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:32.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /e-Devlet%20Kap%C4%B1s%C4%B1_files/login-main.1.9.5.css HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:32 GMT\r\ncontent-type: text/css\r\ncontent-length: 48942\r\nlast-modified: Thu, 06 Jun 2024 14:31:38 GMT\r\netag: \"6661c84a-bf2e\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48942,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (48942), with no line terminators","md5":"4225373981bb6e252ef598a32f8223ca","sha1":"591661fd819bcf41ef2d1d82294eabb76de03bbc","sha256":"66343f55d381f5f61d36c91c52d99332bc2fa60d91daa0a4660b045c3f2edc16","sha512":"7b4a847692e0100aeacb8befa52ea28d68e45e724e5558f1422d9272b670550ef4d48b58697953561d67a08c100c0f2535462495a92f08d5c4ff9c22b6455de5","ssdeep":"768:Wfn6p6RT45FTaRi4tZKtxRCdsep+t/WKyj8PrsuXxBAffPy2tJIb5drU+PpaS5pu:Rah","tlshash":"c923973651a22688e16bcc5277c537ba21148133c5170af8ea236f29c7db59f37a2b4d","first_seen":"2024-08-19T21:56:29.680296Z","last_seen":"2026-03-08T11:47:55.026616Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1902,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":1831,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/themes/izmir/fonts/arimo/P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.179.woff2","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:34.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /themes/izmir/fonts/arimo/P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.179.woff2 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/login-main.1.9.5.css\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:34 GMT\r\ncontent-type: text/html\r\ncontent-length: 2645\r\netag: \"6695c3fb-a55\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2645,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ca241997bb8496ef9ce1eb5216abfc58","sha1":"9c83fe51734ff4a1d4b21f9808f66ac120d318fe","sha256":"9d79e2f15b07b582dd5aa6efbad6d74a22b42fd8e4a06b5df66fffaf6ac35a8b","sha512":"a22fbf561247a3d67a9da444260d0100bc438788dda19e9966cd4871ba92b020a647457d8d6cdefb596c5e5635eb0526ed303d74457990017319773a518109b8","ssdeep":"","tlshash":"465164278aa7921a7442c0e47be3a75277168287d10ecdac7a5da1c9cf805f4d5b328c","first_seen":"2025-01-19T22:56:03.821205Z","last_seen":"2026-03-12T09:36:13.057186Z","times_seen":7,"resource_available":false,"data":null}},"time_used":6868,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5166,"receive":1702,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kimlik-ege-edu.serv00.net/themes/izmir/fonts/arimo/P5sCzZCDf9_T_10c9CNkiL2t2dk.179.woff2","fqdn":"kimlik-ege-edu.serv00.net","domain":"serv00.net","tld":"net"},"ip":{"addr":"31.186.83.254","port":443,"asn":57367,"as":"Atman Sp. z o.o.","country":"Poland","country_code":"PL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kimlik-ege-edu.serv00.net/","date":"2026-03-08T11:47:34.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kimlik-ege-edu.serv00.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 07 Jan 2026 21:02:08 GMT","end":"Tue, 07 Apr 2026 21:02:07 GMT"},"fingerprint":{"sha1":"78:97:27:FB:16:C2:C6:E1:52:9A:90:FB:EF:C3:03:F3:F2:F3:8F:7C","sha256":"4F:54:AD:BD:37:F9:F8:95:D1:74:0C:F5:6E:CB:5A:F3:6E:33:23:89:D3:07:78:D7:E3:A1:22:F5:BF:FD:C6:35"}}},"request":{"raw":"GET /themes/izmir/fonts/arimo/P5sCzZCDf9_T_10c9CNkiL2t2dk.179.woff2 HTTP/1.1\r\nHost: kimlik-ege-edu.serv00.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kimlik-ege-edu.serv00.net/e-Devlet%20Kap%C4%B1s%C4%B1_files/login-main.1.9.5.css\r\nCookie: anp-anubis-cookie-verification=019ccd45-fabc-7bd2-9233-eebd0ff0cd3b; anp-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTljY2Q0NS1mYWJjLTdiZDItOTIzMy1lZWJkMGZmMGNkM2IiLCJleHAiOjE3NzM1NzUyNDcsImlhdCI6MTc3Mjk3MDQ0NywibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3Mjk3MDM4NywicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.LZk92xVqnrZm1X2VcsNE-7rUoyRVz4cdDEtCUMAKHZ5xWk4BM7xNBFJ1EqM6aLdF7CEQp7Hjn3EVtILGQJQtAQ\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 08 Mar 2026 11:47:34 GMT\r\ncontent-type: text/html\r\ncontent-length: 2645\r\netag: \"6695c3fb-a55\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2645,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"ca241997bb8496ef9ce1eb5216abfc58","sha1":"9c83fe51734ff4a1d4b21f9808f66ac120d318fe","sha256":"9d79e2f15b07b582dd5aa6efbad6d74a22b42fd8e4a06b5df66fffaf6ac35a8b","sha512":"a22fbf561247a3d67a9da444260d0100bc438788dda19e9966cd4871ba92b020a647457d8d6cdefb596c5e5635eb0526ed303d74457990017319773a518109b8","ssdeep":"","tlshash":"465164278aa7921a7442c0e47be3a75277168287d10ecdac7a5da1c9cf805f4d5b328c","first_seen":"2025-01-19T22:56:03.821205Z","last_seen":"2026-03-12T09:36:13.057186Z","times_seen":7,"resource_available":false,"data":null}},"time_used":6869,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5167,"receive":1702,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-08","alert":"Phishing Block","trigger":"kimlik-ege-edu.serv00.net","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-08","alert":"Sinkholed","trigger":"kimlik-ege-edu.serv00.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}}]}