{"report_id":"a54b25b6-fcee-47e8-90f0-791232af29eb","version":6,"status":"done","tags":[],"date":"2026-04-28T16:14:29Z","url":{"schema":"http","addr":"casibom-tr2026.com","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":0,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"final":{"url":{"schema":"https","addr":"casibom-tr2026.com/","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"title":"Постоянная прописка в Москве и области — от собственника | Агентство собственников жилья","dom":{"size":14792,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"07d68c181d34b87f6fb75f5ba4df7ce1","sha1":"5dc630ffdca32f6958c477f8d80ee9f4f5706a0b","sha256":"70d6ceacc7896e277f46a73d6a48f187d18d13132ad881e4887f97546c3c8ba2","sha512":"34d5a92327f0365319eb9c4ed80f8ae5b5c4eaa57a30a81b054da138b9eccfc3e4fa75f1abffa59544f04be590145197c073d3da1dc5923501304f857c1e4c0a","ssdeep":"384:zv//s72B24NT51iawlgdBb61LqdBbOsW8ws113dBbK100xW4v:C4N/iawZJxW4v","tlshash":"6462996059f9287b0142e086e9106a1b7edae57fea6b430132ec5fee2fd3c51ca1710d","dom_hash":"domhash2cf19d35b760d987ab8636e9f7ea187e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"casibom-tr2026.com","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":0,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T16:14:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"casibom-tr2026.com","ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2026-03-10","domain_rank":0,"first_seen":"2026-04-28T16:14:30.299496Z","last_seen":"2026-04-28T16:14:30.299496Z","alert_count":12,"request_count":12,"received_data":1174557,"sent_data":6751,"comment":"","tags":null,"fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"casibom-tr2026.com/main.js","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"3c42d5a293cbeb4246766319eeb57db6","sha1":"081f23074b8f8069679dae3d01aeac0a146de100","sha256":"ec99dccf7374ec0b66f782440067bbd9a2ac6ee4e0c40fddd070e62099de3d9f","sha512":"eced111ce23d517866f82d99d3c01ddaa2fc0462d09ac72e915de2c83f6032cb4d71191336d627dcb0f722dc8e7f0ee6ba48f537663329ccb04c2d0c4275dfd8","ssdeep":"","tlshash":"f771619a40171c3648b7a376cb0bc749f7a5102311024604becc86c61fb2a35c7b3ddd","size":3548,"data":"","first_seen":"2026-02-02T16:58:03.657979Z","last_seen":"2026-04-28T17:57:10.075605Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"casibom-tr2026.com/data/settings.json","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://casibom-tr2026.com/","date":"2026-04-28T16:14:07.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET /data/settings.json HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://casibom-tr2026.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=HgMkkBVmhyXsGj8T; __ddg10_=1777392847; __ddg9_=91.90.42.154; __ddg1_=XWRGdSgZWDntg1P8xWbT\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=pRAqu2TJOHlBFbLs; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg10_=1777392847; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:07 GMT\r\ncontent-type: application/json\r\nlast-modified: Thu, 15 Jan 2026 16:13:17 GMT\r\netag: W/\"ab-6486f80a30140\"\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":171,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"a7a1f65741903a42d668d23d26333dce","sha1":"e07a3061ab0e26af4b86311cc7cdb7687c240086","sha256":"19b748cad86fa5bf0ad4325ba340ebf02253c05f68c6a17ee5f72e8c071ef78e","sha512":"c0a6ad99601722a1bb3ea056b6b23d14acbdac2cfad1955fdcf120d71968168dc0033b8804705211a68e4a019e6a8131debe36a5e79797e4fd9c13fe5a640562","ssdeep":"","tlshash":"f3c080d357558d322055b0d3343766597051e3137c40e8053108e4561fac45fb46554b","first_seen":"2026-04-28T16:10:37.077671Z","last_seen":"2026-04-28T17:57:10.078266Z","times_seen":64,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"casibom-tr2026.com/data/prices.json","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://casibom-tr2026.com/","date":"2026-04-28T16:14:07.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET /data/prices.json HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://casibom-tr2026.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __ddg8_=HgMkkBVmhyXsGj8T; __ddg10_=1777392847; __ddg9_=91.90.42.154; __ddg1_=XWRGdSgZWDntg1P8xWbT\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=jATaNpB9TrGowyWp; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg10_=1777392847; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:08 GMT\r\ncontent-type: application/json\r\nlast-modified: Thu, 15 Jan 2026 16:13:17 GMT\r\netag: W/\"688-6486f80a30140\"\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":1672,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0305d71d29c9b9201e7c74ea05b6f400","sha1":"21ceaf3d4c6ef8b2b27df8ce934328c0d986763d","sha256":"f9fcb198fd4caf1024df24c3738e01d58e4c79d3771f86a1865baabbbdd7da00","sha512":"6a747403b4103cbf052c0ae07994ab737ebad6d62a970aaa0cad2e2de25b69c8dbc286851aab933664604df86c380db041b5ee8a5d54399f9674e3ca4ce17b1c","ssdeep":"","tlshash":"f331faa9cab40c47582f20b18659652271ada29f1ebd3e90bb8c0d4e6ffcc0dd83520d","first_seen":"2026-04-28T16:10:37.070547Z","last_seen":"2026-04-28T17:57:10.071354Z","times_seen":64,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"casibom-tr2026.com/","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T16:14:07.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=lKwq0KUspZb5qtP6; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg10_=1777392847; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg1_=XWRGdSgZWDntg1P8xWbT; Domain=.casibom-tr2026.com; HttpOnly; Path=/; Expires=Wed, 28-Apr-2027 16:14:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:07 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 3320\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":15435,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"306d388e37d0cf9a90ac5e921da079a6","sha1":"f46e34cae0dcad642d54b460ead74a4049b23aad","sha256":"2343b72dcb36765c3da3777eb0f472249c476ee3c6f744a8db43ccf423ccd7b7","sha512":"9ddb1d69fefd8bfb687d5dffed282a4c0479945fec4f58c40c33ec397183f1ce38fa57ad12f2a7a3940468b851c67923c1db917f43553f98fadc38655a0ea415","ssdeep":"384:Pr5LG3IL7SyMYUHI8+DMYUHZsnvw28QqMYUHS8d/SGrj:Pr5QIL7u/hMzSGrj","tlshash":"9362376055c9687b0177e086d9106b5afdda81abeb1b834632ec6beb2ff3c14ca17105","first_seen":"2026-04-28T16:10:37.071542Z","last_seen":"2026-04-28T17:57:10.065707Z","times_seen":64,"resource_available":true,"data":null}},"time_used":407,"timings":{"blocked":106,"dns":55,"connect":21,"send":0,"wait":195,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"casibom-tr2026.com/img/consultation-img.jpg","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://casibom-tr2026.com/","date":"2026-04-28T16:14:07.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET /img/consultation-img.jpg HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://casibom-tr2026.com/\r\nCookie: __ddg8_=lKwq0KUspZb5qtP6; __ddg10_=1777392847; __ddg9_=91.90.42.154; __ddg1_=XWRGdSgZWDntg1P8xWbT\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=wf0oVoIAePWfa8Hg; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg10_=1777392847; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:07 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 25 Dec 2025 16:18:08 GMT\r\netag: W/\"810aa-646c91f507000\"\r\ncontent-encoding: gzip\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":528554,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 890x480, components 3","md5":"973b6340e11f883578d24e2355d606da","sha1":"d9a048e60adba0e8891f6bb02bcaeed27c4fd9d2","sha256":"9513797eebeacb2c30c02a2da2a61ea807c9017398f8152788dab3cbd598760a","sha512":"df3a2afa3c6e01690e19b88917c99bc0f5f98122d35944a3bd3b60067e58c3b3d6cf1d0c040076988433edea9b41c2f742180ab2517e8aee3c27e753f115b8b4","ssdeep":"12288:6IBuM+EeKnxBU4uvX4LpBZMRqZeLP2X3ioNMbsh:tXlnc9wLpBoaXSoGa","tlshash":"aab42319e0ee817b2dee331c3fe56b902961415909fe76bc243db19ee24bc57e68440b","first_seen":"2026-04-28T16:10:37.074482Z","last_seen":"2026-04-28T17:57:10.074677Z","times_seen":64,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"casibom-tr2026.com/img/icon-tg.svg","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://casibom-tr2026.com/","date":"2026-04-28T16:14:07.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET /img/icon-tg.svg HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://casibom-tr2026.com/style.23-01-2026v3.css\r\nCookie: __ddg8_=HgMkkBVmhyXsGj8T; __ddg10_=1777392847; __ddg9_=91.90.42.154; __ddg1_=XWRGdSgZWDntg1P8xWbT\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=7EKAFGiSsnMPvG8X; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg10_=1777392847; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:07 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 25 Dec 2025 16:18:07 GMT\r\netag: W/\"1ce-646c91f412dc0\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":462,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e838334a6258409c9a4b698a9a2790de","sha1":"2a76155da3ebbc552b401d8b6c2d62ab2282e8b5","sha256":"63e5c7def111b8d4b45b8f8bc044dea6eece02087d275569626d33d7c17fabc1","sha512":"1a454a453adb5633059a8929b8985df203888f95335b5f669d7cdbb8f1b358107e3c326bdc007378744fc2a9c3f70a6d9c7ee5027fbef86f6913799d34ca500e","ssdeep":"","tlshash":"6bf0dc64229c8d1c9b008701dbcf31700225a391920ec129f66516352d1c09f7a6e3ec","first_seen":"2026-02-02T16:58:03.665529Z","last_seen":"2026-04-28T17:57:10.077424Z","times_seen":65,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"casibom-tr2026.com/fonts/InterTight-Regular.woff2","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://casibom-tr2026.com/","date":"2026-04-28T16:14:07.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET /fonts/InterTight-Regular.woff2 HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://casibom-tr2026.com/style.23-01-2026v3.css\r\nCookie: __ddg8_=HgMkkBVmhyXsGj8T; __ddg10_=1777392847; __ddg9_=91.90.42.154; __ddg1_=XWRGdSgZWDntg1P8xWbT\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=wkpvEZ9zYWy7OidT; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg10_=1777392847; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:07 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 108116\r\nlast-modified: Thu, 25 Dec 2025 16:18:45 GMT\r\netag: \"1a654-646c921850340\"\r\naccept-ranges: bytes\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":108116,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 108116, version 1.0","md5":"ac0bc46d62f1ab2404c3ab64d6b74a65","sha1":"28e5185416d2b4b70849a634da80aedf07357f5d","sha256":"415a4607eabce9c74f1b4c2bc7959dc4807c454a476bf16a6e68d1ebd878d577","sha512":"13be82531495aab9fbf7d7802a0faa4a21f374fa6c12c528d76d82d6be17abfced32b3a393a55251801e04bc572b8f71f89973567cd980195728d3fb8368dd15","ssdeep":"1536:d3Ly6is8oFGqYS3G7wXMQtLtXs5GcyiAOX8AeZuj4wmNAKU84b9G4k/quQPpBJR5:d3LNi/vqL2s3BrcXDMNXhd2YsxRRMg","tlshash":"2cb312d4d430d58eca96e2729da279b57793c3632a9dc0b8a2093c39e73b300d79c784","first_seen":"2025-11-13T13:30:37.29705Z","last_seen":"2026-04-28T17:57:10.079247Z","times_seen":67,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"casibom-tr2026.com/fonts/InterTight-SemiBold.woff2","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://casibom-tr2026.com/","date":"2026-04-28T16:14:07.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET /fonts/InterTight-SemiBold.woff2 HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://casibom-tr2026.com/style.23-01-2026v3.css\r\nCookie: __ddg8_=HgMkkBVmhyXsGj8T; __ddg10_=1777392847; __ddg9_=91.90.42.154; __ddg1_=XWRGdSgZWDntg1P8xWbT\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=nWSR4VkqNPsZaa8V; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg10_=1777392847; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:07 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 112468\r\nlast-modified: Thu, 25 Dec 2025 16:18:45 GMT\r\netag: \"1b754-646c921850340\"\r\naccept-ranges: bytes\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":112468,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 112468, version 1.0","md5":"89b4d7660463be3154dbb28394cbaa95","sha1":"e55bb473cf1620943b784430df0866ce7983f8f7","sha256":"9302be72f834c049446aa2355ce1b71752e97161dfda2853348c86a099f92987","sha512":"2a0646e60c829057d85324c9d73e858adb066bcecef4eb7c060091390627d26a1f4755447a1937852a3e17a0c309cb60e8c60ef8d07541489bf2c6c4666df45b","ssdeep":"3072:zeJV4SKYBMFuq0S7KbZ4iiGzpsjCrGqUs:SJV4SK2S7YemFhGqF","tlshash":"6eb312372b4fe52ccb6483b673b1a5476072497236c62cf0760ed25fe5ea688b1dc421","first_seen":"2025-11-13T13:30:37.253822Z","last_seen":"2026-04-28T17:57:10.064696Z","times_seen":66,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"casibom-tr2026.com/favicon.ico","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://casibom-tr2026.com/","date":"2026-04-28T16:14:08.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://casibom-tr2026.com/\r\nCookie: __ddg8_=jATaNpB9TrGowyWp; __ddg10_=1777392847; __ddg9_=91.90.42.154; __ddg1_=XWRGdSgZWDntg1P8xWbT\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=I2E16UmDmK2pE1FX; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:08 GMT\n__ddg10_=1777392848; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:08 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:08 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:08 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":281,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"52de9a6eeccdf5e0bc42a748a5589652","sha1":"2089b51a3d99bf1be5376fc4c552fe8716c78fd8","sha256":"dd316263f1bfddc80558afe49133c71d26e46fcae3f1edb5d1290ec434e9a13a","sha512":"68fd6a2b94966ada8703ad8b662eb0cb2051bf3d0712e5ffe92a3b269f020b4c7a21f0cef41da156c805d0521c1b0ed9d65f6f765fb32d7e93e279c81b3fd2fb","ssdeep":"","tlshash":"60d02bef9043638b4812165039c265c2268d12f6a43a85e83d86d48752a867ecd9abdd","first_seen":"2026-04-28T16:14:31.871495Z","last_seen":"2026-04-28T16:47:26.592724Z","times_seen":2,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"casibom-tr2026.com/style.23-01-2026v3.css","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://casibom-tr2026.com/","date":"2026-04-28T16:14:07.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET /style.23-01-2026v3.css HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://casibom-tr2026.com/\r\nCookie: __ddg8_=lKwq0KUspZb5qtP6; __ddg10_=1777392847; __ddg9_=91.90.42.154; __ddg1_=XWRGdSgZWDntg1P8xWbT\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=HgMkkBVmhyXsGj8T; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg10_=1777392847; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 23 Jan 2026 12:28:01 GMT\r\netag: W/\"42c8-6490d49c03640-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":17096,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"1f82e1a6493e3072bf2f72a9b50dd69d","sha1":"995688d4605f1f0b779c855b968d5d3d02f98472","sha256":"72db5877ad38d3e7b495ce9f783860747d3eb12defa3c8740e6171fc9dbd71e2","sha512":"88b571e4cccc8320e7055759ed43f54ad26d546f5a41bfece405222815428cc2854da3e36f433e427df5de23c0560b22e44de294f1343cb3dd12e3d6176963e5","ssdeep":"192:bsMHXwd2cQV3Xt+cff7OtvHYQUOO9ltO8amRvdHhrR+Vv9d20d3trpdWyD59kyOX:Olj+rR+Vld2kt/Sw7Gt","tlshash":"4b724358ab0a10057137ffb4eba20b19e3984023c64612b97ff5524cabd97a94366fcd","first_seen":"2026-02-02T16:58:03.656909Z","last_seen":"2026-04-28T17:57:10.066657Z","times_seen":65,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"casibom-tr2026.com/main.js","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://casibom-tr2026.com/","date":"2026-04-28T16:14:07.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET /main.js HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://casibom-tr2026.com/\r\nCookie: __ddg8_=lKwq0KUspZb5qtP6; __ddg10_=1777392847; __ddg9_=91.90.42.154; __ddg1_=XWRGdSgZWDntg1P8xWbT\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=llerFjIrWPhvevza; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg10_=1777392847; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:07 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Thu, 25 Dec 2025 16:17:39 GMT\r\netag: W/\"ddc-646c91d95eec0-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":3548,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with CRLF line terminators","md5":"3c42d5a293cbeb4246766319eeb57db6","sha1":"081f23074b8f8069679dae3d01aeac0a146de100","sha256":"ec99dccf7374ec0b66f782440067bbd9a2ac6ee4e0c40fddd070e62099de3d9f","sha512":"eced111ce23d517866f82d99d3c01ddaa2fc0462d09ac72e915de2c83f6032cb4d71191336d627dcb0f722dc8e7f0ee6ba48f537663329ccb04c2d0c4275dfd8","ssdeep":"","tlshash":"f771619a40171c3648b7a376cb0bc749f7a5102311024604becc86c61fb2a35c7b3ddd","first_seen":"2026-02-02T16:58:03.657979Z","last_seen":"2026-04-28T17:57:10.075605Z","times_seen":65,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"casibom-tr2026.com/img/hero-bg.webp","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://casibom-tr2026.com/","date":"2026-04-28T16:14:07.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET /img/hero-bg.webp HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://casibom-tr2026.com/style.23-01-2026v3.css\r\nCookie: __ddg8_=HgMkkBVmhyXsGj8T; __ddg10_=1777392847; __ddg9_=91.90.42.154; __ddg1_=XWRGdSgZWDntg1P8xWbT\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=MFwpxK1ZuTMcXvLJ; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg10_=1777392847; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:07 GMT\r\ncontent-type: image/webp\r\ncontent-length: 266994\r\nlast-modified: Thu, 25 Dec 2025 16:18:08 GMT\r\netag: \"412f2-646c91f507000\"\r\naccept-ranges: bytes\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":266994,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1840x1020, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0707bab0df4f6043c059d4c487990f2b","sha1":"cd088affe7c168c4b39412b0a742f631059b92a3","sha256":"7102bd6c99bf70ae23ecc13dc346e9b2d8b29ae176018980d3434904154802f6","sha512":"0ed39c5a1d781ed0b2fd11eea8f3d6e917c79ca0dc601d3f52f189ca6d6fb55fda4e1801ed0d3bf1493104f19cbd7f2dbd799ebd4e1acdf2c33dc8ed10591a9f","ssdeep":"6144:xj+FWlvN69dNSBA4AuBAgv1u2l0i5Y4koCveohw/9isC:Dl1QXSaKBE2Gz4FC2z9isC","tlshash":"e444230933fc735eeb5b9a23e04dd431958b485a98c7ae0b760e50b37f63e791871242","first_seen":"2026-04-28T16:10:37.075398Z","last_seen":"2026-04-28T17:57:10.076576Z","times_seen":64,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"casibom-tr2026.com/fonts/InterTight-Medium.woff2","fqdn":"casibom-tr2026.com","domain":"casibom-tr2026.com","tld":"com"},"ip":{"addr":"45.10.243.69","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://casibom-tr2026.com/","date":"2026-04-28T16:14:07.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"casibom-tr2026.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 10 Mar 2026 18:12:52 GMT","end":"Mon, 08 Jun 2026 18:12:51 GMT"},"fingerprint":{"sha1":"56:5D:F3:DF:56:90:4F:4A:6A:DD:15:2C:E7:3D:4A:DE:7A:FD:1F:24","sha256":"9C:F9:60:45:24:27:2A:98:6C:27:EE:B0:2E:43:17:A9:2D:E6:25:97:00:B5:4B:D2:D5:A8:52:C5:E2:7F:CD:E9"}}},"request":{"raw":"GET /fonts/InterTight-Medium.woff2 HTTP/1.1\r\nHost: casibom-tr2026.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://casibom-tr2026.com/style.23-01-2026v3.css\r\nCookie: __ddg8_=HgMkkBVmhyXsGj8T; __ddg10_=1777392847; __ddg9_=91.90.42.154; __ddg1_=XWRGdSgZWDntg1P8xWbT\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=XoCH5INv4q2nonQg; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg10_=1777392847; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\n__ddg9_=91.90.42.154; Domain=.casibom-tr2026.com; Path=/; Expires=Tue, 28-Apr-2026 16:34:07 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Tue, 28 Apr 2026 16:14:07 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 112108\r\nlast-modified: Thu, 25 Dec 2025 16:18:45 GMT\r\netag: \"1b5ec-646c921850340\"\r\naccept-ranges: bytes\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":112108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 112108, version 1.0","md5":"c3770c7ea6eaa76b0e2f9a2aee9b7167","sha1":"f67a53fc39247d405c183900986f79e9af0cc2d0","sha256":"35f515e248f7083ba6c2cffddd584ba57e72f8f596b46ad9e7dc8680d8eeb389","sha512":"c380742664354d05b61b80b47f383ace504e1da1e857845bb30ba77b5a991f199caeaf11d2b749921a2a7301722b9d29305b9886e86da72e742b2f41a1ab6d2b","ssdeep":"3072:N5eb1zdZqAR2xQC86FGLKUZFDc752PqIkv06P:Cb1zOIo8UJeFQ7kPzkB","tlshash":"71b3125bfb86abc0d7ad137b6765accad4e46912037911ba63b37260320ff972332104","first_seen":"2025-11-13T13:30:37.257334Z","last_seen":"2026-04-28T17:57:10.080434Z","times_seen":66,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"casibom-tr2026.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}