{"report_id":"9b8bfa9a-f902-402d-b361-ecd4fe2d89c8","version":0,"status":"done","tags":["e-devlet","phishing","government","turkey"],"date":"2026-06-20T07:51:19Z","url":{"schema":"http","addr":"kurasiz.sbs","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":0,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"kurasiz.sbs/","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"title":"e-Devlet Kapısı","dom":{"size":45189,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21146)","md5":"db70002789c6e2d80474d021305d7e4f","sha1":"7a07a8e9cf999fd8023135fbde9277bdae545db4","sha256":"0df01f194ab5d864c7bac425ffc98d9db548da92f4841ee7489edc3694fc4e66","sha512":"83b27384483dd7c983f0e10b42df41bd178744b31a75f2bae2c9467c54258d474912f4575313d32410fd04c6d4d9788cb65819f3ea5d751a7090b2628161ea1d","ssdeep":"768:jWP08Hw/Y21CbAelE+z8FFLgggmIT08Hw/bQwfZWpFO:o0Mw/51Cb8+YFF8g7IT0Mw/bQwBX","tlshash":"651322b36053030d1a73c89426687509ee53d29f8df6b4aff21c2b24bb456af57811af","dom_hash":"domhashaf2bf106a1e02388b5e3251a99edc1ba","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kurasiz.sbs","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":0,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-25T07:51:19Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]},"summary":[{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-06-14T22:40:52.388947Z","alert_count":0,"request_count":7,"received_data":661452,"sent_data":3409,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"kurasiz.sbs","ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"domain_registered":"2026-06-18","domain_rank":0,"first_seen":"2026-06-20T01:42:18.026412Z","last_seen":"2026-06-20T01:42:18.026412Z","alert_count":100,"request_count":20,"received_data":141756,"sent_data":10167,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:8.4.22","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:5.3.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-20T11:50:46.044093Z","times_seen":171364,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kurasiz.sbs/","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"4dc5460108b68e042224ca40bd4f884a","sha1":"ea5d1b91e833a0a2e8061038c6f59c4f6b627a2d","sha256":"44f14d0761c7681b1573a7295e192f0abbbfbb14c233d81da9faa9c715b195cb","sha512":"f399914087e617e4ddd16c9deef9e65710a23559510f83b1a5b8876c6ce255f452690f4dcbeaa711fae2313aeac4c70d8f9531f90fce1b9b22d54add9f8c2012","ssdeep":"","tlshash":"6d11c29c2baaa160035172ac6f5fc40ea239cc07146d751db44924883fd0d2891ebf7a","size":884,"data":"","first_seen":"2026-06-20T01:42:20.580485Z","last_seen":"2026-06-20T07:51:20.576681Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-20T11:50:46.044093Z","times_seen":171364,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/notify.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3a7d4b4cb39142641f0bf9b384d98094","sha1":"73cac251334558748894e27d0baa44b6e2046d90","sha256":"b524513a819f1964ef791a431c5896573f945edfb128d7bdd30c069f6e65a70f","sha512":"79f5138f71dd48fc1627d8237c647bd57f5cbecaed84803bf3f16f77f20df9fb6d415cbb5d690e0176f6f798fc0777269bf905295c6388d6332b0f484091c8b9","ssdeep":"384:Orl/WNs8LgkpYS0ia1YG0Ay2qcdhF8F/MX:S8UkpYS0iaWG0wdu/y","tlshash":"14524cb4f587b52551a3e1fc202b1009a83adf2dd909850cf27ae2f53deac486577e78","size":13666,"data":"","first_seen":"2023-03-08T02:20:20Z","last_seen":"2026-06-20T07:51:20.569258Z","times_seen":222,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.694Z","timestamp":1781941856694,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://kurasiz.sbs\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Tue, 29 Aug 2023 04:36:11 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 6207\r\nexpires: Thu, 10 Jun 2027 07:50:56 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t5FC560sCxkEj2bZ7zYz5BkFoZC20nsCYTH4V0s%2FXT0U6431jGqMKC0eX3%2FfN4cm8G%2FOiPzzNyV1URTlFc9B5Elp2oGq5%2FC22IDJ12kyNoJBLCmakxgnMFu%2B0Zmr9PNvQyBGHJNW\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a0e92f7c8d7676ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87533,"size_decoded":28436,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-20T11:50:46.044093Z","times_seen":171364,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":10,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/notify.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.696Z","timestamp":1781941856696,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/notify/0.4.2/notify.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://kurasiz.sbs\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Mon, 04 May 2020 16:13:31 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 61623\r\nexpires: Thu, 10 Jun 2027 07:50:56 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pjVM08ZkJR6fi9BXINW%2FxjtUCpX1nN4l1znPi0Ot5FXx1e9KXxPK0sKt7cuPI4XuSBv4mogtHU1u7SlkhB3D0EPX9KmwM1MsUgk0KZv373Rpp4xW8ELEbDJ4nhRMrO%2FhC30l%2FIQ7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a0e92f7c8d7376ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13666,"size_decoded":7545,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (13625)","md5":"3a7d4b4cb39142641f0bf9b384d98094","sha1":"73cac251334558748894e27d0baa44b6e2046d90","sha256":"b524513a819f1964ef791a431c5896573f945edfb128d7bdd30c069f6e65a70f","sha512":"79f5138f71dd48fc1627d8237c647bd57f5cbecaed84803bf3f16f77f20df9fb6d415cbb5d690e0176f6f798fc0777269bf905295c6388d6332b0f484091c8b9","ssdeep":"384:Orl/WNs8LgkpYS0ia1YG0Ay2qcdhF8F/MX:S8UkpYS0iaWG0wdu/y","tlshash":"14524cb4f587b52551a3e1fc202b1009a83adf2dd909850cf27ae2f53deac486577e78","first_seen":"2023-03-08T02:20:20Z","last_seen":"2026-06-20T07:51:20.569258Z","times_seen":222,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":11,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:57.143Z","timestamp":1781941857143,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:57 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sCzZCDf9_T_10c9CNkiL2t2dk.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:57.145Z","timestamp":1781941857145,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sCzZCDf9_T_10c9CNkiL2t2dk.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:57 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/edk-logo.png","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.702Z","timestamp":1781941856702,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/edk-logo.png HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 10604\r\nlast-modified: Sun, 28 Sep 2025 16:41:12 GMT\r\netag: \"68d96528-296c\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":10604,"size_decoded":10854,"mime_type":"image/png","magic":"PNG image data, 490 x 128, 8-bit colormap, non-interlaced","md5":"e58bc59fa41faf432a0814de664bedd2","sha1":"8d9132387fadb7cb17d46b6cd5341f3e62eae1e2","sha256":"7db1afe2e727172c7166f0a97d583a595481ddc6e3a6d1a9e51d854dab3f2344","sha512":"d71a88a4a0929516dbddba71b0b5d1864b14a0907259a45fe6c992ac8044a7223bd77dda4edc2590e999d898a8e832ada7ebcd5965fb3a16da0cce50cc896b3a","ssdeep":"192:eGmA3gTKIrK0L2stQDmaE28kpBoZK9bhDUICI0sweXSU766VhRrWrU7haiOlnKm0:zmMsiRE28MbhDzVlfS4rRKYUhKm5RXw","tlshash":"4022bf1b729fb57bc46e65fb59e1c4ea32c35fa9908c38c930e68c1808df4692359d84","first_seen":"2024-02-26T07:52:00Z","last_seen":"2026-06-20T07:51:20.570578Z","times_seen":177,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/DDO.png","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.709Z","timestamp":1781941856709,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/DDO.png HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 11864\r\nlast-modified: Sun, 28 Sep 2025 16:41:10 GMT\r\netag: \"68d96526-2e58\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":11864,"size_decoded":12114,"mime_type":"image/png","magic":"PNG image data, 332 x 48, 8-bit/color RGBA, non-interlaced","md5":"8e918017e73b3c1a7aaac484d64ff806","sha1":"0b2455144a322542a5d4db12b6ba8a99c6d00c4f","sha256":"dae42dd0054dbd0953f55d387bf0f1e10ae51646a3f7b83203d60b4d855bc1d2","sha512":"be58d89db2aacafb02b1929bbfcb6d56214a2d96016f55fb9aa0557fa8195f8c64c3a156cee3b54a761aae4f51ff8108495e2fed9cb6149337f90c4c4f73f39c","ssdeep":"192:4ft9NyJiXEJmVjCj/uTEbeb68NossY86jyTYDlLXuRntMEFSUQBlInwkyskvDHvr:4fbsItV1oDpzyBDRXuRaEFxQQnE7dJ","tlshash":"4332bf1f0739b623e8e1f27fe42a2a022cb7ad55a5843981682dec1320f7c974979615","first_seen":"2024-02-26T07:51:59Z","last_seen":"2026-06-20T07:51:20.571238Z","times_seen":181,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sCzZCDf9_T_10c9CNkiL2t2dk.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.905Z","timestamp":1781941856905,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sCzZCDf9_T_10c9CNkiL2t2dk.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/favicon.png","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:57.033Z","timestamp":1781941857033,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/favicon.png HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:57 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: W/\"328-6546081b3cdea\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":579,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sMzZCDf9_T_10ZxCFuj5-v.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:57.138Z","timestamp":1781941857138,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sMzZCDf9_T_10ZxCFuj5-v.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:57 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sBzZCDf9_T_1Wi4TRDrZKF09E3.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:57.140Z","timestamp":1781941857140,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sBzZCDf9_T_1Wi4TRDrZKF09E3.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:57 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-20T07:50:56.092Z","timestamp":1781941856092,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 13621\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-powered-by: PHP/8.4.22, PleskLin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:8.4.22","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:5.3.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}],"data":{"size":39393,"size_decoded":13854,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (21146), with CRLF line terminators","md5":"8207b045b6eeee1e4f1d7e77efa95642","sha1":"2a2d66c6bffcce72f2cf4975a4c4c8c9a174a58d","sha256":"4686e4b19242f37adcac0d9776fc30360d2a874645aee030dbf06e73636c4eac","sha512":"3b63a399986c12f52804e92d33854dd8e2db39400669acc24036167623af9ee53851e3611a91306fc67dbe7a9d2c26171b762a47c7d8f8acc8ba114cbd382503","ssdeep":"768:qTO0wpO/021CbAelE+z8FFLgggmE2mFGDfLDxev:Z0WO/l1Cb8+YFF8g7zfW","tlshash":"3803deb36042030d1b73c89516687249fe53d29f4df6b0aff21c2a21b7556af57821af","first_seen":"2025-10-11T12:38:09.535527Z","last_seen":"2026-06-20T07:51:20.571914Z","times_seen":24,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":33,"connect":21,"send":0,"wait":36,"receive":7,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.685Z","timestamp":1781941856685,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://kurasiz.sbs\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Tue, 20 Feb 2024 15:32:06 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 53054\r\nexpires: Thu, 10 Jun 2027 07:50:56 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yEcm4E1wzxShmk7smGBHPOGoye%2F4Tya637vFPlkb9X1kCTgP0vGA9NMiYvBepy5hI5pR9OcDPOQ2DAJxkcx9JvYlzqlT1Up47a5eYmYh3W8BoELTsBNHBui1GSg4C681k01T51pe\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a0e92f7c8d6f76ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":232803,"size_decoded":23678,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"a549af2a81cd9900ee897d8bc9c4b5e9","sha1":"c5ac1dee961cb59a045256ec203f69e317872f7c","sha256":"3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8","sha512":"8e74ae0384acd8f9248a448e2ed62cf0195821e7882b587df6dcb861fbd13c0973af7efbbebdc25c36fbb1bede1040588c3b5c623f808c11f714bbf9b9226e5e","ssdeep":"1536:O9YnIWbn98fdRfvO5wlP77k9P3EV98IsYRElV6V6pz600I41r:RnIw98fbV986I6V6pz600I41r","tlshash":"dc3482d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2024-02-25T11:27:02Z","last_seen":"2026-06-20T11:02:31.983066Z","times_seen":23480,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":22,"connect":14,"send":0,"wait":9,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.2/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.689Z","timestamp":1781941856689,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.7.2/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://kurasiz.sbs\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Mon, 16 Dec 2024 22:44:28 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 56923\r\nexpires: Thu, 10 Jun 2027 07:50:56 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8ce0E2diQ1qfASuYjCt5unwMlxYx6Y%2B3%2BmWqHEvWftjuVycPw7WftMP744dVxvNv9qGqxF%2Bz%2FMJ4Zw%2Fkxk5jRdVzVC5xIKC52nq1LAP%2BDTpjFBnLyyHTKz70bNPF2FvnFVYkcKYI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a0e92f7c8d7976ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73890,"size_decoded":19162,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (49899)","md5":"7441465cab20b640d4156626d19cc63e","sha1":"8230c4590eee915e9b587a08f6e593fb77fffeb2","sha256":"74005d7c17d4a02f2f25404ec0655d9bc2fdaa53166874c87d7b7eec69d9088a","sha512":"12fbfce0caf892a54644d4a02062ff17f6880ea41bef1436bdcadd230c5f8d38521fc09247b3c111a902af9d4293ec3efd4eacc14d889b5bd55f449593d00186","ssdeep":"1536:/bM1MvMaMfMRQZm0grfT/QypZhzZHpcjA691m:SlgrLXzZJ2191m","tlshash":"14730f12ad84019bb4568d7f3895bf34a6f2eb28aad14495e4344d847ef28fd314fb32","first_seen":"2024-12-23T14:25:51.255422Z","last_seen":"2026-06-20T11:17:09.41092Z","times_seen":28475,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":17,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/styles/metro/notify-metro.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.695Z","timestamp":1781941856695,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/notify/0.4.2/styles/metro/notify-metro.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://kurasiz.sbs\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Mon, 04 May 2020 16:13:31 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 22142\r\nexpires: Thu, 10 Jun 2027 07:50:56 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vD%2BJ6%2BscqCDH6wEMBPvaPrwT55n%2B%2FnhjbWGiM9zAmZtnXqfX%2FYRwM4ZNzjl3O4OZZgNkcNMAlool1KlVXechX9n5zW%2BBj4cLBPtvLiIG5jVvD2F0DO19hMD3ZsMyf%2FnDggYMafB%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a0e92f7c8d7576ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":932,"size_decoded":1235,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"251b4d7b76cfc78c9d88e6316ff7c591","sha1":"e37f700fe79a88497fbff4b3fe4f0e567a10060d","sha256":"bf79901a14c1822437dc14c5942fd475ee6210f4a6bbb50eaa99f809ab2c61b4","sha512":"089e95446948452574ec59ae94ff84702933171a09290b840866d736330c92abbbbf74188f7ec2925bdad10d03ff6df31b08ddbe83383b2f9f2082a17103d9f5","ssdeep":"","tlshash":"9911480b46a34100a62fa5487fc70f76643881539273e9697b4e1327cf714d9228e34e","first_seen":"2023-10-16T18:56:10Z","last_seen":"2026-06-20T07:51:20.573737Z","times_seen":71,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/1.png","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.706Z","timestamp":1781941856706,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/1.png HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: image/png\r\ncontent-length: 1855\r\nlast-modified: Sun, 28 Sep 2025 16:41:06 GMT\r\netag: \"68d96522-73f\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1855,"size_decoded":2103,"mime_type":"image/png","magic":"PNG image data, 165 x 40, 8-bit colormap, non-interlaced","md5":"7847c396db234c92dc4b1bb4b759c011","sha1":"cd8357fc05042cb787267f01fe0c38ba6526e0e4","sha256":"b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18","sha512":"f0eabda227f547754983cbf5a213686a9d0c7595d429224a65964dc871614439377d3a9761a45e81184b95dfbc0add2425ae706f154c4f3350b520c5de150823","ssdeep":"","tlshash":"7d31f9cdaa5d5bb4a7228c14ce0c692042ab99e0abb76108606d2112f8297c4de598a3","first_seen":"2023-04-30T19:06:20Z","last_seen":"2026-06-20T07:51:20.574305Z","times_seen":316,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.885Z","timestamp":1781941856885,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sBzZCDf9_T_1Wi4TRNrZKF09E3HY4.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sMzZCDf9_T_10XxCFuj5-v6dg.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.891Z","timestamp":1781941856891,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sMzZCDf9_T_10XxCFuj5-v6dg.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/favicon.png","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:57.035Z","timestamp":1781941857035,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/favicon.png HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:57 GMT\r\ncontent-type: text/html\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: W/\"328-6546081b3cdea\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":579,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sBzZCDf9_T_1Wi4TRDrZKF09E3.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.874Z","timestamp":1781941856874,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sBzZCDf9_T_1Wi4TRDrZKF09E3.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.2/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.897Z","timestamp":1781941856897,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.7.2/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://kurasiz.sbs\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.2/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\nlast-modified: Mon, 16 Dec 2024 22:44:28 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 6210\r\nexpires: Sat, 20 Jun 2026 11:50:56 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4eBxpXz%2FKQ81aAcyBKP7blElH19UH%2Bf%2BlLnAB9%2FHwHyU%2FPaXy5WLCDDeqpYKvrj0s%2FP6825pUpMVMNVoIAInNwGcJlnzW%2BR3cLZSIam9El7D%2FO%2BRt6M6QvRDFkhIJAhjTWHnMoXg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a0e92f7d991376ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":158220,"size_decoded":159195,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 158220, version 775.1280","md5":"4a6591ab5460ae5cbff1ecbd6e52193a","sha1":"7cd8afd6501962fda35d66f0e4c3b8815ac471d8","sha256":"aa75998623a391e61c6901794ace832e3ecdd288b56d608f21bea0411acc0b8e","sha512":"96c5d3283b71613b595b6b0420333bef5d64451af05c59dde27ec5b3e7cfe6e9549c604cddfbcb79cbc0fd4cd6f2e22a130c9a220b1b7ef933ac9df8c8e695d6","ssdeep":"3072:RauSB5FANIRLpsBaBrJGNG3ECNQztRvHHqkqLrlF:guSqN6ptrJGo3POh9KT9F","tlshash":"0ef312a710c6b95684a3a51b336adeb52c3ed363fcb6cd73be340114689da9c2e4d190","first_seen":"2024-12-19T10:41:23.153533Z","last_seen":"2026-06-20T11:02:29.590682Z","times_seen":29714,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.910Z","timestamp":1781941856910,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.957Z","timestamp":1781941856957,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://kurasiz.sbs\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Tue, 29 Aug 2023 04:36:11 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 6207\r\nexpires: Thu, 10 Jun 2027 07:50:56 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kgic7OseaGc%2BgnP6tuxTGTyTFXwNxbStLw52MuAG69WYg%2BvqAc%2FqiF9B7vvIfES7FOL%2FwT8uBZR%2BZ43qeO14tHcj0QLDcUyopgSSjRJzmuEiP3nQtda3t%2FD5XHOHPjCWtDQBkICe\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a0e92f7dfa1476ef-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87533,"size_decoded":28438,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-20T11:50:46.044093Z","times_seen":171364,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sMzZCDf9_T_10XxCFuj5-v6dg.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:57.144Z","timestamp":1781941857144,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sMzZCDf9_T_10XxCFuj5-v6dg.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:57 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:57.147Z","timestamp":1781941857147,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sCzZCDf9_T_10c9C1kiL2t2dkPJA.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:57 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/loading.gif","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.710Z","timestamp":1781941856710,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/loading.gif HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43889\r\nlast-modified: Sun, 28 Sep 2025 16:41:16 GMT\r\netag: \"68d9652c-ab71\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":43889,"size_decoded":44139,"mime_type":"image/gif","magic":"GIF image data, version 89a, 254 x 254","md5":"ed2c4fc16fcd23c5ad71cd8e802cd9a1","sha1":"09b3d73f8609d47b8cd11901fa6a826929380146","sha256":"165b12d6b0c201522cdfd223e1d6d318c6b6473f9018ca0348aeedc7d8703ca6","sha512":"61711913ff0e5ccf25abf3e5b4d32e0a479b8a6cefcf2aa94720fe6ad8be2ed82f7979de8a8592b345e5ac521d0f7bb18f1d2a32a283ce495e9ab0e8c01b6c00","ssdeep":"768:Cha6xo6Lv8YYXddVbEYYgu3l/JdnFWLqQTSSt5sHs4GGh+dwA+VMUAtQ:Ia6xo6LUBbVuD3lxdQTSA5s7GM+i1JAu","tlshash":"5313e26ea4718e0471ade10e05ec78eec1f5cff60b947d5cd64c2ac42827a9d14ad2a5","first_seen":"2023-05-18T20:41:26Z","last_seen":"2026-06-20T07:51:20.575498Z","times_seen":109,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/fonts/P5sMzZCDf9_T_10ZxCFuj5-v.204.woff2","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.871Z","timestamp":1781941856871,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/fonts/P5sMzZCDf9_T_10ZxCFuj5-v.204.woff2 HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/assets/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: text/html\r\ncontent-length: 808\r\nlast-modified: Tue, 16 Jun 2026 15:22:09 GMT\r\netag: \"328-6546081b3cdea\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":1036,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"a943672a32297727bab01c3e76977550","sha1":"3a667c4b7a457ef6c586cc581d533c128737bf53","sha256":"b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187","sha512":"0965d415f3a0cef31953702fdae345d46fefd72ce3c4c7a0255aede74a76e10b856892700529a444453a622793e0257248c5c99fae17d5b0b9fd4118e208068c","ssdeep":"","tlshash":"2e01bd0a08e0501bc0d3915169a0f22dc9c2f997aa5b180079ed91c6cfd5f89c9d35ac","first_seen":"2023-03-08T11:42:06Z","last_seen":"2026-06-20T10:34:20.265945Z","times_seen":37661,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}},{"url":{"schema":"https","addr":"kurasiz.sbs/assets/style.css","fqdn":"kurasiz.sbs","domain":"kurasiz.sbs","tld":"sbs"},"ip":{"addr":"31.56.209.11","port":443,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kurasiz.sbs/","date":"2026-06-20T07:50:56.690Z","timestamp":1781941856690,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"kurasiz.sbs","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 18 Jun 2026 07:03:21 GMT","end":"Wed, 16 Sep 2026 07:03:20 GMT"},"fingerprint":{"sha1":"7C:88:F7:EF:35:71:25:D6:90:5F:81:03:07:99:15:F2:A4:31:3B:E6","sha256":"18:F5:9C:23:EB:98:C5:D6:F1:D7:80:13:E5:93:68:5B:02:10:AC:6C:E2:67:13:72:A6:BF:2D:BE:A5:00:D0:CA"}}},"request":{"raw":"GET /assets/style.css HTTP/1.1\r\nHost: kurasiz.sbs\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kurasiz.sbs/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 20 Jun 2026 07:50:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Sun, 28 Sep 2025 16:40:58 GMT\r\netag: W/\"68d9651a-4732\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18226,"size_decoded":3636,"mime_type":"text/css","magic":"ASCII text, with very long lines (355), with CRLF line terminators","md5":"c58b3895483daa212d843a1dce9ec812","sha1":"948c3efdc3ddf3db1ed74828f862d61a4d02baf3","sha256":"689cec2b0901cd5b918f7eb5a8d147d76a01f7f32fe41796d88e031e20fbe1d3","sha512":"970e9a12163f2739ba4b07ab488bcf3ad8a15c070d581c3a257149760c2a2055abf5100148284243f9013fcae76d27ea11b8e62f86c17fd67cc23dde32a14220","ssdeep":"192:op6jI6xcp6KsCZuCZfGaPIpYouCZXCZNlFyRVSU4D1CZr71qRmo59p8l9vaCnHP4:7XaAKVGApyR61LOecy","tlshash":"c682303d8a001640a833cea85fe61756e6f8402b860711bebe8fb690cfb7554c7a1f5d","first_seen":"2025-10-11T12:38:09.547332Z","last_seen":"2026-06-20T07:51:20.576102Z","times_seen":48,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-20","alert":"Sinkholed","trigger":"kurasiz.sbs","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-20","alert":"Phishing Block","trigger":"kurasiz.sbs","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - e-Devlet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with e-Devlet phishing","tags":["e-devlet","phishing","government","turkey"],"meta":null}]}}]}