{"report_id":"b2857024-1968-4105-9df7-4ba975a26e61","version":6,"status":"done","tags":[],"date":"2025-08-06T01:41:54Z","url":{"schema":"https","addr":"customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw","fqdn":"customize.cookplus.com","domain":"cookplus.com","tld":"com"},"ip":{"addr":"195.142.132.154","port":0,"asn":199484,"as":"SAGLAYICI Teknoloji Bilisim Yayincilik Hiz. Ticaret Ltd. Sti.","country":"Türkiye","country_code":"TR"},"final":{"url":{"schema":"https","addr":"customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw","fqdn":"customize.cookplus.com","domain":"cookplus.com","tld":"com"},"title":"邮件服务器验证程序"},"submit":{"url":{"schema":"https","addr":"customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw","fqdn":"customize.cookplus.com","domain":"cookplus.com","tld":"com"},"ip":{"addr":"195.142.132.154","port":0,"asn":199484,"as":"SAGLAYICI Teknoloji Bilisim Yayincilik Hiz. Ticaret Ltd. Sti.","country":"Türkiye","country_code":"TR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-09-10T01:41:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-08-06","alert":"Phishing - Generic/Spear Phishing","trigger":"customize.cookplus.com","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-06","alert":"Sinkholed","trigger":"mail.google.com.tw","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"customize.cookplus.com","ip":{"addr":"195.142.132.154","port":443,"asn":199484,"as":"SAGLAYICI Teknoloji Bilisim Yayincilik Hiz. Ticaret Ltd. Sti.","country":"Türkiye","country_code":"TR"},"domain_registered":"2003-11-23","domain_rank":0,"first_seen":"2025-08-04T07:03:08.032129Z","last_seen":"2025-08-04T07:03:08.032129Z","alert_count":7,"request_count":7,"received_data":36516,"sent_data":3677,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"mail.google.com.tw","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2000-08-29","domain_rank":0,"first_seen":"2025-07-31T04:26:59.861417Z","last_seen":"2025-07-31T04:26:59.861417Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":527,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"customize.cookplus.com/404/spazz/support/js/ban.js","fqdn":"customize.cookplus.com","domain":"cookplus.com","tld":"com"},"ip":{"addr":"195.142.132.154","port":443,"asn":199484,"as":"SAGLAYICI Teknoloji Bilisim Yayincilik Hiz. Ticaret Ltd. Sti.","country":"Türkiye","country_code":"TR"},"introduction_type":"scriptElement","is_inline":false,"md5":"5bfb54ce7479dceac44ece2a293fd135","sha1":"4f849108827ff61096cfc16c4cb1eddf26fc862c","sha256":"030470dd2d9f1f2ba294ef4a9110bcce186d03772cf1e423fbe721d12c3c1f9b","sha512":"e0a2a7c00a7630e8823ba08cd4e7524c76bb045b7187e12ac5bb5784fc31f9024574ae4ae5fb2063af95d45072dad8cce4b60a9cf81a04ce91f6c5b3530488db","ssdeep":"","tlshash":"a0711e0d052a09398737637ca6ab5049feb2d5a72d428349746cc60c3ff4c6489a1ffd","size":3743,"data":"","first_seen":"2024-10-22T09:24:41.089629Z","last_seen":"2026-03-25T10:10:51.717428Z","times_seen":509,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"customize.cookplus.com/404/spazz/support/signin.jpg","fqdn":"customize.cookplus.com","domain":"cookplus.com","tld":"com"},"ip":{"addr":"195.142.132.154","port":443,"asn":199484,"as":"SAGLAYICI Teknoloji Bilisim Yayincilik Hiz. Ticaret Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw","date":"2025-08-06T01:41:33.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customize.cookplus.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 17 Jul 2025 11:11:16 GMT","end":"Wed, 15 Oct 2025 11:11:15 GMT"},"fingerprint":{"sha1":"22:2B:62:FB:D6:15:ED:3E:4F:9A:4A:E2:BA:A4:20:BF:C0:53:E0:39","sha256":"D7:6F:21:4C:C6:F1:A8:B1:32:D4:C8:F2:41:B9:B6:26:58:8D:E1:6C:C5:22:3C:0A:37:FF:38:3D:5A:4A:8D:02"}}},"request":{"raw":"GET /404/spazz/support/signin.jpg HTTP/1.1\r\nHost: customize.cookplus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 18 Sep 2024 14:55:02 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3875\r\ncontent-type: image/jpeg\r\ndate: Wed, 06 Aug 2025 01:41:33 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3875,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 101x55, components 3","md5":"565824e7f1656d389eda6c49d5bd503e","sha1":"1653fa0bb739de839394862b82c6d5db9951074b","sha256":"afb0b6824e3a0bd79c334841f2b71f96df07c6f5baa54635a3ef6bde2c018813","sha512":"96c3c0fef2cd77ffa497be8fd1460b6d6686c3caf4c1cdc466a87c5f9cb30f0f73e47055bdb626d699c46038c13ea17d64e8991e57b61fbc1cbe8091778ab4e9","ssdeep":"","tlshash":"1381293909431cb83ecd75b60812d140d2afdad56953328d88bc9e1dff908da899ba69","first_seen":"2023-05-04T06:43:48Z","last_seen":"2026-03-17T12:43:54.328548Z","times_seen":919,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-08-06","alert":"Phishing - Generic/Spear Phishing","trigger":"customize.cookplus.com","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customize.cookplus.com/404/spazz/assets/php/policy.php","fqdn":"customize.cookplus.com","domain":"cookplus.com","tld":"com"},"ip":{"addr":"195.142.132.154","port":443,"asn":199484,"as":"SAGLAYICI Teknoloji Bilisim Yayincilik Hiz. Ticaret Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw","date":"2025-08-06T01:41:34.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customize.cookplus.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 17 Jul 2025 11:11:16 GMT","end":"Wed, 15 Oct 2025 11:11:15 GMT"},"fingerprint":{"sha1":"22:2B:62:FB:D6:15:ED:3E:4F:9A:4A:E2:BA:A4:20:BF:C0:53:E0:39","sha256":"D7:6F:21:4C:C6:F1:A8:B1:32:D4:C8:F2:41:B9:B6:26:58:8D:E1:6C:C5:22:3C:0A:37:FF:38:3D:5A:4A:8D:02"}}},"request":{"raw":"POST /404/spazz/assets/php/policy.php HTTP/1.1\r\nHost: customize.cookplus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw\r\nContent-Type: application/json\r\nContent-Length: 38\r\nOrigin: https://customize.cookplus.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Origin, Content-Type, X-Auth-Token\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 06 Aug 2025 01:41:34 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":221,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JSON text data","md5":"39959a20467eae9acaf84a236403b6d0","sha1":"4e35fe64adaabba9313f9efd919b5fc1d5e0fc9f","sha256":"f3b9b6f4f47fcfe1128ed374dd968d0eaa375c455a2447d125614b72bee79ce2","sha512":"745e459cb2703fd352f9cd6dbf6e2cada6a7ef329ca7db293fc460ec317d9a64f8748c3adbbb29987aab27263617dfe1720204cd7d9721533ac1d80b66e8bc0a","ssdeep":"","tlshash":"6cd0a7976a10d023d792b3c42858811ddb9043d31d68f997932d5c22cae0c6472080e2","first_seen":"2025-07-31T04:27:02.049493Z","last_seen":"2025-09-05T04:12:10.486789Z","times_seen":10,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":381,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-08-06","alert":"Phishing - Generic/Spear Phishing","trigger":"customize.cookplus.com","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customize.cookplus.com/404/spazz/support/favicon.jpg","fqdn":"customize.cookplus.com","domain":"cookplus.com","tld":"com"},"ip":{"addr":"195.142.132.154","port":443,"asn":199484,"as":"SAGLAYICI Teknoloji Bilisim Yayincilik Hiz. Ticaret Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw","date":"2025-08-06T01:41:34.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customize.cookplus.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 17 Jul 2025 11:11:16 GMT","end":"Wed, 15 Oct 2025 11:11:15 GMT"},"fingerprint":{"sha1":"22:2B:62:FB:D6:15:ED:3E:4F:9A:4A:E2:BA:A4:20:BF:C0:53:E0:39","sha256":"D7:6F:21:4C:C6:F1:A8:B1:32:D4:C8:F2:41:B9:B6:26:58:8D:E1:6C:C5:22:3C:0A:37:FF:38:3D:5A:4A:8D:02"}}},"request":{"raw":"GET /404/spazz/support/favicon.jpg HTTP/1.1\r\nHost: customize.cookplus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 315\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Wed, 06 Aug 2025 01:41:34 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-04-16T21:51:05.210996Z","times_seen":144236,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-08-06","alert":"Phishing - Generic/Spear Phishing","trigger":"customize.cookplus.com","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw","fqdn":"customize.cookplus.com","domain":"cookplus.com","tld":"com"},"ip":{"addr":"195.142.132.154","port":443,"asn":199484,"as":"SAGLAYICI Teknoloji Bilisim Yayincilik Hiz. Ticaret Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-06T01:41:33.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customize.cookplus.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 17 Jul 2025 11:11:16 GMT","end":"Wed, 15 Oct 2025 11:11:15 GMT"},"fingerprint":{"sha1":"22:2B:62:FB:D6:15:ED:3E:4F:9A:4A:E2:BA:A4:20:BF:C0:53:E0:39","sha256":"D7:6F:21:4C:C6:F1:A8:B1:32:D4:C8:F2:41:B9:B6:26:58:8D:E1:6C:C5:22:3C:0A:37:FF:38:3D:5A:4A:8D:02"}}},"request":{"raw":"GET /404/spazz/index.php?i=i\u0026mxid=info@google.com.tw HTTP/1.1\r\nHost: customize.cookplus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 06 Aug 2025 01:41:33 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":10576,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"358aebc3f608549a7e36ec5a591da5c1","sha1":"cb85feabccbf6c3190a1848cd23e9d65d1e32af7","sha256":"526f22cd62a3d354769828a006293a6a516972082823782f981ed7ec19a23f3b","sha512":"ebff85141cdb4aa650d73120c48010511bdf1aefa4b0813d777a38b2b3d81d1fc593ca04a8a107d4a711eeab1a24d2f6b39a76cedf83f5b0d0219aebe96373ea","ssdeep":"192:pdt/qEo0CZF+F2FdC/v+fHHppcsAmLpIABo9y9+WSlLnb1gtspGpQlalGfWnA0p3:8nF+F2FMn+vHpp/fLuABo9y9+WSlLnWj","tlshash":"61224060864e0d2d58ec7046e4344ed510bf6cf6b3714da4b5b71537fac42b07a192fa","first_seen":"2025-04-07T04:02:14.136121Z","last_seen":"2026-03-17T12:43:54.323244Z","times_seen":188,"resource_available":true,"data":null}},"time_used":351,"timings":{"blocked":121,"dns":1,"connect":54,"send":0,"wait":108,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-08-06","alert":"Phishing - Generic/Spear Phishing","trigger":"customize.cookplus.com","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customize.cookplus.com/404/spazz/support/js/ban.js","fqdn":"customize.cookplus.com","domain":"cookplus.com","tld":"com"},"ip":{"addr":"195.142.132.154","port":443,"asn":199484,"as":"SAGLAYICI Teknoloji Bilisim Yayincilik Hiz. Ticaret Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw","date":"2025-08-06T01:41:33.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customize.cookplus.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 17 Jul 2025 11:11:16 GMT","end":"Wed, 15 Oct 2025 11:11:15 GMT"},"fingerprint":{"sha1":"22:2B:62:FB:D6:15:ED:3E:4F:9A:4A:E2:BA:A4:20:BF:C0:53:E0:39","sha256":"D7:6F:21:4C:C6:F1:A8:B1:32:D4:C8:F2:41:B9:B6:26:58:8D:E1:6C:C5:22:3C:0A:37:FF:38:3D:5A:4A:8D:02"}}},"request":{"raw":"GET /404/spazz/support/js/ban.js HTTP/1.1\r\nHost: customize.cookplus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 18 Sep 2024 14:55:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3743\r\ncontent-type: application/javascript\r\ndate: Wed, 06 Aug 2025 01:41:33 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3743,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"5bfb54ce7479dceac44ece2a293fd135","sha1":"4f849108827ff61096cfc16c4cb1eddf26fc862c","sha256":"030470dd2d9f1f2ba294ef4a9110bcce186d03772cf1e423fbe721d12c3c1f9b","sha512":"e0a2a7c00a7630e8823ba08cd4e7524c76bb045b7187e12ac5bb5784fc31f9024574ae4ae5fb2063af95d45072dad8cce4b60a9cf81a04ce91f6c5b3530488db","ssdeep":"","tlshash":"a0711e0d052a09398737637ca6ab5049feb2d5a72d428349746cc60c3ff4c6489a1ffd","first_seen":"2024-10-22T09:24:41.089629Z","last_seen":"2026-03-25T10:10:51.717428Z","times_seen":509,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-08-06","alert":"Phishing - Generic/Spear Phishing","trigger":"customize.cookplus.com","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customize.cookplus.com/404/spazz/support/banner.jpg","fqdn":"customize.cookplus.com","domain":"cookplus.com","tld":"com"},"ip":{"addr":"195.142.132.154","port":443,"asn":199484,"as":"SAGLAYICI Teknoloji Bilisim Yayincilik Hiz. Ticaret Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw","date":"2025-08-06T01:41:33.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customize.cookplus.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 17 Jul 2025 11:11:16 GMT","end":"Wed, 15 Oct 2025 11:11:15 GMT"},"fingerprint":{"sha1":"22:2B:62:FB:D6:15:ED:3E:4F:9A:4A:E2:BA:A4:20:BF:C0:53:E0:39","sha256":"D7:6F:21:4C:C6:F1:A8:B1:32:D4:C8:F2:41:B9:B6:26:58:8D:E1:6C:C5:22:3C:0A:37:FF:38:3D:5A:4A:8D:02"}}},"request":{"raw":"GET /404/spazz/support/banner.jpg HTTP/1.1\r\nHost: customize.cookplus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 18 Sep 2024 14:54:44 GMT\r\naccept-ranges: bytes\r\ncontent-length: 12194\r\ncontent-type: image/jpeg\r\ndate: Wed, 06 Aug 2025 01:41:33 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":12194,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 422x71, components 3","md5":"5b0c9f5f16144d656edefe2b4c471b20","sha1":"866f78926112f0416515c2bd3c1c86e770ab9b74","sha256":"063f7cb5471301f5296d6334fa82ddb0ed5017a7ef7ce64645a1782a1e1da585","sha512":"979284bc8be95be52b9f084779178442fa0234540c404fe67103463e3fe6bf4eebace51618790d486d84c1d130e715d850e45f685ca016ad4d1d71a325af8e07","ssdeep":"192:fvccFYlfvIJLt+FQVqXxljIWbmWWUQP/g9WbwCexe8/jjq5g4e8UD:fkQYtGtAeopbmWS/gqwCeH/lyUD","tlshash":"d8428f4e8b80fe16acce4ebd290bcac5d1878858a86f45874df50f5f7d6927449840fd","first_seen":"2024-09-04T07:59:20Z","last_seen":"2026-03-17T12:43:54.326904Z","times_seen":594,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-08-06","alert":"Phishing - Generic/Spear Phishing","trigger":"customize.cookplus.com","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"customize.cookplus.com/404/spazz/support/modal.jpg","fqdn":"customize.cookplus.com","domain":"cookplus.com","tld":"com"},"ip":{"addr":"195.142.132.154","port":443,"asn":199484,"as":"SAGLAYICI Teknoloji Bilisim Yayincilik Hiz. Ticaret Ltd. Sti.","country":"Türkiye","country_code":"TR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw","date":"2025-08-06T01:41:33.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"customize.cookplus.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 17 Jul 2025 11:11:16 GMT","end":"Wed, 15 Oct 2025 11:11:15 GMT"},"fingerprint":{"sha1":"22:2B:62:FB:D6:15:ED:3E:4F:9A:4A:E2:BA:A4:20:BF:C0:53:E0:39","sha256":"D7:6F:21:4C:C6:F1:A8:B1:32:D4:C8:F2:41:B9:B6:26:58:8D:E1:6C:C5:22:3C:0A:37:FF:38:3D:5A:4A:8D:02"}}},"request":{"raw":"GET /404/spazz/support/modal.jpg HTTP/1.1\r\nHost: customize.cookplus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 18 Sep 2024 14:54:54 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4184\r\ncontent-type: image/jpeg\r\ndate: Wed, 06 Aug 2025 01:41:33 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":4184,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5], baseline, precision 8, 603x337, components 3","md5":"6823d7bce49dc756c0a6d3f14f68472f","sha1":"d508b8b1da312a9206bf013876a1ad8307b15e1a","sha256":"6de4e47dc7598fd599f3d81c7a20445d4f2b5e08788b4733306c59b1661a4d8f","sha512":"b8c2067e409de546de8aaa0f4d2a8a40cd3f0f4c86fea1dbce8890452805e871a290334b623e57bc3e80de3950434645761771101948fabb30a66064390c2866","ssdeep":"48:+/euERAle1dddddddddddddddddddddddddddz3Ditk5dddddddddddddddddddu:+pE6ezTECX0","tlshash":"be81380759088f93f46883e5fe438e9d6b462b0cf98739fb15520edb7e202665c8d03a","first_seen":"2024-09-04T07:59:20Z","last_seen":"2026-03-25T10:10:51.719447Z","times_seen":629,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"Blocklist","title":"OpenPhish","description":"OpenPhish","scan_date":"2025-08-06","alert":"Phishing - Generic/Spear Phishing","trigger":"customize.cookplus.com","verdict":"phishing","severity":"medium","comment":"Generic/Spear Phishing","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mail.google.com.tw/","fqdn":"mail.google.com.tw","domain":"google.com.tw","tld":"com.tw"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://customize.cookplus.com/404/spazz/index.php?i=i\u0026mxid=info@google.com.tw","date":"2025-08-06T01:41:34.467Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: mail.google.com.tw\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://customize.cookplus.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-16T22:13:15.714312Z","times_seen":13837110,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-06","alert":"Sinkholed","trigger":"mail.google.com.tw","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}