{"report_id":"cedf12ce-9799-403b-9ae3-3890d96c3263","version":6,"status":"done","tags":[],"date":"2026-05-19T12:45:13Z","url":{"schema":"http","addr":"bugunherzamnkndenguzel345306t5.click","fqdn":"bugunherzamnkndenguzel345306t5.click","domain":"bugunherzamnkndenguzel345306t5.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":0,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"http","addr":"bugunherzamnkndenguzel345306t5.click/","fqdn":"bugunherzamnkndenguzel345306t5.click","domain":"bugunherzamnkndenguzel345306t5.click","tld":"click"},"title":"Web Server's Default Page","dom":{"size":16440,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (9150)","md5":"f6af9bb250daf887f17f1a1a80957ed0","sha1":"b447221d8c15f7fdaa6479e1e9516dd51f8b10d4","sha256":"e0fac011833c4ed03dc122fa239e8396ddb2c46e4e45f3e4af8de4c3f5cf6a02","sha512":"bab4c128402ced902ba4e43620989d85e5e7c3b6b8c2b0f75a75f85fbbd88061ff86eba59cbcc5e0d340040c5fd407112e2304304342d5e0b7595aa12e7f1a6d","ssdeep":"192:XY6TUPW7YUd0xcP1bMW6XQ8Thb6nud3XOKxDVbidbv2IaiUCrmCwl/EdVcdYITP:dq9muRhizd6C/fcdDT","tlshash":"3672b6729257956f0163c0d5fbb66740338d844be809c669b6dea36c6fcfaa0e49370c","dom_hash":"domhash82e8e9f58d72e2ccb81b0d8b81f5e277","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bugunherzamnkndenguzel345306t5.click","fqdn":"bugunherzamnkndenguzel345306t5.click","domain":"bugunherzamnkndenguzel345306t5.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":0,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-23T12:45:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T12:44:51Z","timestamp":1779194691,"ip_dst":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":45546,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-19T12:44:51.583553+0000\",\"flow_id\":1960248227336709,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":45546,\"dest_ip\":\"31.56.209.11\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"bugunherzamnkndenguzel345306t5.click\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":813},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":693,\"bytes_toclient\":1307,\"start\":\"2026-05-19T12:44:51.201221+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T12:44:52Z","timestamp":1779194692,"ip_dst":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":45546,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-19T12:44:52.329019+0000\",\"flow_id\":1960248227336709,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":45546,\"dest_ip\":\"31.56.209.11\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"bugunherzamnkndenguzel345306t5.click\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://bugunherzamnkndenguzel345306t5.click/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":4,\"bytes_toserver\":1276,\"bytes_toclient\":1823,\"start\":\"2026-05-19T12:44:51.201221+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-19","alert":"Phishing Block","trigger":"bugunherzamnkndenguzel345306t5.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-19","alert":"Sinkholed","trigger":"bugunherzamnkndenguzel345306t5.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"uat-proxy.plesk.com","ip":{"addr":"63.35.40.1","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"domain_registered":"1999-06-13","domain_rank":0,"first_seen":"2025-08-21T20:20:46.51845Z","last_seen":"2026-05-15T00:36:49.797693Z","alert_count":0,"request_count":2,"received_data":1941,"sent_data":1928,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]}]},{"fqdn":"bugunherzamnkndenguzel345306t5.click","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-05-18","domain_rank":0,"first_seen":"2026-05-19T12:45:13.557191Z","last_seen":"2026-05-19T12:45:13.557191Z","alert_count":9,"request_count":3,"received_data":1946,"sent_data":1323,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"assets.plesk.com","ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"domain_registered":"1999-06-13","domain_rank":2025050,"first_seen":"2016-07-25T13:41:51Z","last_seen":"2026-05-14T15:25:15.137262Z","alert_count":0,"request_count":9,"received_data":324376,"sent_data":4692,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/default-server-index.js","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"17c1c4a9c72520a1f0006cb0ac30e39d","sha1":"2badb9f917ad3173de18f979155caee3846819b7","sha256":"a44276679581dd744aa4fe4d26d9b62cb45e849a0319beba2b584674fe3943e5","sha512":"f1d3abafe04395d3c68b5a0b4e127c1e19ba2879be6f9acf2480363558827181b3136c1047fe4756003839e8188fe84955653b65b9a2dabe8f90d5abe33b9a84","ssdeep":"192:Pa8j2rrxw0dAZ+hbXIK6XocTqW1ryoBBX/Lfe28bz11NDHQi0HXHYQRQKkuTAiU2:ue/7H8XFDHqXvQKk4r79XXdDd","tlshash":"d6c21756b243717d02538ae5fbbb1310733a7418e0194278f29de3b61faf9a5c592b2c","size":26256,"data":"","first_seen":"2026-04-12T16:19:45.593408Z","last_seen":"2026-05-20T19:37:42.301832Z","times_seen":608,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/bundle.js","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"cc9dcc7b2e956c9a8d0a5fcff8ebab6d","sha1":"0c2d4f90e7189abfb3a2ea35c6e3da56e9cf3976","sha256":"0de697d6f42b799cd7c19d736db69f3aaaff66e1fa440b0e75fe15ef8b819092","sha512":"a3659d2203996b708dbab5180ecfab61b1670e9dad3e803ad82e16b51806404819fa61a6ccd2dd300537218be885fd070dd730ccf63583a234c78f082a8e8a30","ssdeep":"3072:LnxZf6ptxerngWj+H5i/cwTd7D0/lu1J4q/fRx:LxBmmgWjq5i/F9D0/0PL","tlshash":"91d31a9531a1b17503da15d1f4394601f2391a59309cc8acfbfc98ebe8e68c69a37f39","size":137339,"data":"","first_seen":"2026-05-18T16:43:18.850376Z","last_seen":"2026-05-20T19:37:42.296647Z","times_seen":107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"f33fadd20b70dc3fe89e6c26187f378e","sha1":"aa726aa6094aaaf46ed7b2e4b67290b6cee2a488","sha256":"9513c2c8265e32a316e37c979a85a527c8cc534752c0ff75464172440cd6ea22","sha512":"217746ad8e7d38ad54b85e67c2a3e515524878ad291dbcb3e4dbb04322f0aa6a68ec8336f0f83fb9b77b87541ad71722a738b1be23d789dd58da3db1e69edb58","ssdeep":"192:0Y6TUPW7YUd0xcP1bMW6XQ8Thb6nud3XOKxDVbidbv2m70iUCrP7wlc/xVDdYIKX:qq9muRhiNXb7ZrDdDq","tlshash":"e472b572d287956e0113c094fbb66740738d844be809c669b6dea36c6fcfaa1e49370d","size":16434,"data":"","first_seen":"2026-05-19T12:45:16.501936Z","last_seen":"2026-05-19T12:45:16.501936Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"uat-proxy.plesk.com/","fqdn":"uat-proxy.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"63.35.40.1","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:53.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"uat-proxy.plesk.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Fri, 01 Aug 2025 00:00:00 GMT","end":"Sun, 30 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C8:5B:6C:B7:19:D1:F4:7B:E1:8C:07:D2:A7:7E:84:36:29:07:F3:07","sha256":"4B:46:37:E8:81:F5:46:5D:48:54:2D:9C:36:A9:A2:1E:0E:BC:41:8C:54:04:8B:05:56:7D:21:4A:77:E1:C7:59"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: uat-proxy.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\namz-sdk-invocation-id: 93f4346f-2dbf-4f29-b50c-47a7f72a3b1e\r\namz-sdk-request: attempt=1; max=3\r\nauthorization: AWS4-HMAC-SHA256 Credential=00000000000000000000/20260519/us-west-2/firehose/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9ef4bce83a0105aec88c6041e731bd1446e4e215797bbdd7b75f1d5b771b9588\r\ncontent-type: application/x-amz-json-1.1\r\nx-amz-content-sha256: 0b619662e2c40e10f84d88acf0712072e9ae61b94b6349754ae7704a454f2926\r\nx-amz-date: 20260519T124452Z\r\nx-amz-target: Firehose_20150804.PutRecord\r\nx-amz-user-agent: aws-sdk-js/3.1042.0 ua/2.1 os/Windows lang/js md/browser#Firefox_unknown api/firehose#3.1042.0 m/N,E,e\r\nContent-Length: 108\r\nOrigin: http://bugunherzamnkndenguzel345306t5.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":108,"data":"{\"DeliveryStreamName\":\"default-page-stats\",\"Record\":{\"Data\":\"MjAyNi0wNS0xOVQxMjo0NDo1Mi41MDdafFZJRVd8Cg==\"}}"}},"response":{"raw":"HTTP/2 400 Bad Request\r\ndate: Tue, 19 May 2026 12:44:53 GMT\r\ncontent-type: application/x-amz-json-1.1\r\ncontent-length: 115\r\nset-cookie: AWSALB=zwq9/fA9ZHexiN009Wv1WUIKUhFcWDEXS8H33L1hjLg+PwoFw8TMu/8dcp5t/nsWDdn+uvmUCXRrkzAWhyK+lt1424RnrP38KhXDtTcf8MxnI1W30Sz76kU1YOUJ; Expires=Tue, 26 May 2026 12:44:53 GMT; Path=/\nAWSALBCORS=zwq9/fA9ZHexiN009Wv1WUIKUhFcWDEXS8H33L1hjLg+PwoFw8TMu/8dcp5t/nsWDdn+uvmUCXRrkzAWhyK+lt1424RnrP38KhXDtTcf8MxnI1W30Sz76kU1YOUJ; Expires=Tue, 26 May 2026 12:44:53 GMT; Path=/; SameSite=None; Secure\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-amz-request-id,x-amz-id-2,x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date\r\ncontent-encoding: gzip\r\nx-amz-id-2: 6mv+R9KlVcd7bix6RmdBq1aWIWTjHfQ+/C8GAItJFyGee9dLRNfTy8c9bl4UGES1emupxPKafEchlnfjKXQ9WFqWaKR5femC\r\nx-amzn-requestid: c666d72a-36e1-7ce6-a4e0-8aaf62dcc3ba\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]}],"data":{"size":107,"size_decoded":0,"mime_type":"application/x-amz-json-1.1","magic":"JSON text data","md5":"5c435e7b8a7443a25d8317f4c7756515","sha1":"0b41c7cc1ae1c2af69aac626163270e948fb6043","sha256":"efa5829d50af9ef88d781b2dc5afe21ecfed83b28365e95d03c6ee111ee8d382","sha512":"dffcccf83279bde359c100cde9674b8bf4cbeb1d47eb38aa65ed04dd5b73298acd5654248770f0818b7a25e97e6577771497e69d072f755528ebe83efc69e7e7","ssdeep":"","tlshash":"03b01204921c7e3a13858197fcad8f8907dc256863851625041847ddb3cf6ab5203189","first_seen":"2025-03-24T17:54:49.014312Z","last_seen":"2026-05-20T19:37:42.300783Z","times_seen":2146,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bugunherzamnkndenguzel345306t5.click/","fqdn":"bugunherzamnkndenguzel345306t5.click","domain":"bugunherzamnkndenguzel345306t5.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-19T12:44:50.672Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: bugunherzamnkndenguzel345306t5.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T23:50:58.05423Z","times_seen":15504075,"resource_available":true,"data":null}},"time_used":396,"timings":{"blocked":396,"dns":0,"connect":57,"send":0,"wait":0,"receive":0,"ssl":65},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T12:44:51Z","timestamp":1779194691,"ip_dst":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.19","port":45546,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-19T12:44:51.583553+0000\",\"flow_id\":1960248227336709,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":45546,\"dest_ip\":\"31.56.209.11\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"bugunherzamnkndenguzel345306t5.click\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":813},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":693,\"bytes_toclient\":1307,\"start\":\"2026-05-19T12:44:51.201221+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-19","alert":"Phishing Block","trigger":"bugunherzamnkndenguzel345306t5.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-19","alert":"Sinkholed","trigger":"bugunherzamnkndenguzel345306t5.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"bugunherzamnkndenguzel345306t5.click/favicon.ico","fqdn":"bugunherzamnkndenguzel345306t5.click","domain":"bugunherzamnkndenguzel345306t5.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:52.268Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bugunherzamnkndenguzel345306t5.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T23:50:58.05423Z","times_seen":15504075,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T12:44:52Z","timestamp":1779194692,"ip_dst":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.19","port":45546,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-19T12:44:52.329019+0000\",\"flow_id\":1960248227336709,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":45546,\"dest_ip\":\"31.56.209.11\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"bugunherzamnkndenguzel345306t5.click\",\"url\":\"/favicon.ico\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_refer\":\"http://bugunherzamnkndenguzel345306t5.click/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":4,\"bytes_toserver\":1276,\"bytes_toclient\":1823,\"start\":\"2026-05-19T12:44:51.201221+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-19","alert":"Phishing Block","trigger":"bugunherzamnkndenguzel345306t5.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-19","alert":"Sinkholed","trigger":"bugunherzamnkndenguzel345306t5.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/fonts/inter-v12-latin-700-54321e.woff2","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:52.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/fonts/inter-v12-latin-700-54321e.woff2 HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://bugunherzamnkndenguzel345306t5.click\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 12:44:52 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 17784\r\nx-amz-id-2: gWjs8qPPcF38ip/4M2uRL/sK92mBwdAO8H96h85zaVJcawBr8KQIQjOvLOdH5QmV+k14PNHdXlA=\r\nx-amz-request-id: F8NTTMYN1QKWAHR1\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 0\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\nlast-modified: Mon, 01 Dec 2025 09:47:29 GMT\r\nx-amz-version-id: fR5BRNIdeneYGhReRTKVWmhWLyrKPBF8\r\netag: \"8d7a3f034881d1712b3325cc71425c10\"\r\nx-77-nzt: k7p9ATQ70ocDlSCNph9U5yuOPkBrAEQZ0Tm/fE2/RhHfKuhaxD8vfNoRfS4ArUmx+oUUgVY\r\nx-77-nzt-ray: 2a494a150e9d8abc695b0c6a0e59a314\r\nx-77-cache: HIT\r\nx-77-age: 92094\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":17784,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 17784, version 1.0","md5":"8d7a3f034881d1712b3325cc71425c10","sha1":"9594f24367800a20297a96c2d4f957e62c63e207","sha256":"ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3","sha512":"e7edbfcbb46c2df1de915c59bc6188d8b068bd5ec3c97ba73659829dc30c7db73de9d150db72621101e4f6a5b74c771bf5d624712c9cba391ddb04a9e7c91cb3","ssdeep":"384:ADWWIntFC5IYQXXkFENAQzkJj3r5dzt+eb7SOd:kWWIne5I3X0F0RK7vWW","tlshash":"c382d0eab27c8431fd1693390c48aad07dc72d5ec68e314c571890817a57297acdee63","first_seen":"2023-04-30T17:57:31Z","last_seen":"2026-05-20T20:32:30.316176Z","times_seen":11221,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/img/robot-4b152c.svg","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:52.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/img/robot-4b152c.svg HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 12:44:52 GMT\r\ncontent-type: image/svg+xml\r\nx-amz-id-2: WPbKUjw1mp21ZSTMOs0CJaNu+SclWYi5g+j1aIPsZ2uhKUehWd0ioRyBlu9mpOJFWf4TW+OJwFY=\r\nx-amz-request-id: 9XK33DEKPAHJNA9G\r\nlast-modified: Wed, 01 Oct 2025 14:43:44 GMT\r\nx-amz-version-id: rCGYQ3D6amBozzV2DJc_C1STmhR27xMI\r\netag: W/\"a11790af7b8e734f7391d2695e96bfc8\"\r\nx-77-nzt: k0kLNsahdfZdae+6NWalUe4rEqb2R2pW7TRHZPlpbPKaM4sXW1YArKHQ0OMiK6Tq+GI0d2c\r\nx-77-nzt-ray: 2a494a150e9d8abc695b0c6a35e24914\r\nx-77-cache: HIT\r\nx-77-age: 348526\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":89014,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a11790af7b8e734f7391d2695e96bfc8","sha1":"af73e0993f9a486721d75bc21d6eb6e17104ece9","sha256":"01084e18312cb2af2d6b89b7348a7f1e5ae8faf10c0bd9ce478dd38adb2955a3","sha512":"8251f0b56927fa275e73d87f0964e9d755ec9105f464ed41f8741906eb5a9a450396b70bc89e42c341faec469fd9ea00ea043f9b98c6594a7c1f403978b7acf9","ssdeep":"1536:1EGgXdRFhrpPC8OGcFIgpDeeNrNPdUYbzyP:todXzcGcF7lrsGyP","tlshash":"2d93002cc358a3bc9d5787f88b3560b0769e50eeb0e19328897dc5b063529d8d2ef8d5","first_seen":"2023-05-01T16:30:05Z","last_seen":"2026-05-20T19:37:42.298446Z","times_seen":8074,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"uat-proxy.plesk.com/","fqdn":"uat-proxy.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"63.35.40.1","port":443,"asn":16509,"as":"AMAZON-02","country":"Ireland","country_code":"IE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:52.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"uat-proxy.plesk.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Fri, 01 Aug 2025 00:00:00 GMT","end":"Sun, 30 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C8:5B:6C:B7:19:D1:F4:7B:E1:8C:07:D2:A7:7E:84:36:29:07:F3:07","sha256":"4B:46:37:E8:81:F5:46:5D:48:54:2D:9C:36:A9:A2:1E:0E:BC:41:8C:54:04:8B:05:56:7D:21:4A:77:E1:C7:59"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: uat-proxy.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\nOrigin: http://bugunherzamnkndenguzel345306t5.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 12:44:53 GMT\r\ncontent-length: 20\r\nset-cookie: AWSALB=sn8jRnVdLG+1nWF4bOkMzpc0xOjliOzt6HNQoHcIaaBvuoqLpNfNpvV2ubepCONYCpOUnYA2L5VM6yxIVgAkG6tXVV4NPv+/nNTatQDLleFoVizBBSTJba80g7Sh; Expires=Tue, 26 May 2026 12:44:53 GMT; Path=/\nAWSALBCORS=sn8jRnVdLG+1nWF4bOkMzpc0xOjliOzt6HNQoHcIaaBvuoqLpNfNpvV2ubepCONYCpOUnYA2L5VM6yxIVgAkG6tXVV4NPv+/nNTatQDLleFoVizBBSTJba80g7Sh; Expires=Tue, 26 May 2026 12:44:53 GMT; Path=/; SameSite=None; Secure\r\naccess-control-allow-headers: amz-sdk-invocation-id,amz-sdk-request,authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent\r\naccess-control-allow-methods: POST\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-amz-request-id,x-amz-id-2,x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date\r\naccess-control-max-age: 172800\r\ncontent-encoding: gzip\r\nx-amzn-requestid: d1c5d68d-b3b0-4597-b343-8b088a178f0f\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon ALB","description":"Amazon Application Load Balancer (ALB) distributes incoming application traffic to increase availability and support content-based routing.","website":"https://aws.amazon.com/elasticloadbalancing/","common_platform_enumeration":"","icon":"Amazon ELB.svg","categories":["Load balancers"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T23:50:58.05423Z","times_seen":15504075,"resource_available":true,"data":null}},"time_used":1733,"timings":{"blocked":739,"dns":45,"connect":65,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/favicon-fc0691.ico","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:52.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/favicon-fc0691.ico HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 12:44:52 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\ncontent-length: 4286\r\nx-amz-id-2: VzJsoGOqdk/LD6g1xUjnjsF2CugVLi5y+BGludiOGlog3l8kuwQMp9fHjBQ/wuRoz9NFVULLXSo=\r\nx-amz-request-id: CVHSAMZW1D2Z2JPG\r\nlast-modified: Mon, 01 Dec 2025 09:47:29 GMT\r\nx-amz-version-id: JqcW_S9YcLEoN5iLWCRfb_rHRzI8nQ6W\r\netag: \"650b28c6cf1b473aed15ba26bad1da92\"\r\nx-77-nzt: kxPjIvrz1YqG/5SyZb3cStZNKHsaZCC/LnQcwttYyIEalBZLPcSXdv+BDOicM8jGNuZmtmg\r\nx-77-nzt-ray: 2a494a150e9d8abc695b0c6a4fae8627\r\nx-77-cache: HIT\r\nx-77-age: 91671\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"650b28c6cf1b473aed15ba26bad1da92","sha1":"63f99c1d32ab6387db0f981f242fcefcb875ac21","sha256":"1f7437e15be65fcfd977e547e957da7950167f957deeac877086e9b66c11be87","sha512":"ee3c937542bdb10fc5a2bdf41fc6c89bfe699a870a69368f276963af3efbb711827e916dd05aa7e653524770f2e0bd0d38ee6a5e3b6c7255cac1cd74930b7541","ssdeep":"48:QwL+ah0QWs3z1gL9LSJN798lyBbr9bgozxXoAOg81XAHoctUjpeqeDzTCZmNV:QHaDxAiWSbq0S2Igepe9DT/","tlshash":"8891f3ef98b48405e259463c81cdd99b3d3e8a3db0f1e28d3a516c69dc33943abc9532","first_seen":"2023-04-30T20:36:14Z","last_seen":"2026-05-20T19:37:42.300247Z","times_seen":6177,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"bugunherzamnkndenguzel345306t5.click/","fqdn":"bugunherzamnkndenguzel345306t5.click","domain":"bugunherzamnkndenguzel345306t5.click","tld":"click"},"ip":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-19T12:44:51.202Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: bugunherzamnkndenguzel345306t5.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Tue, 19 May 2026 12:44:51 GMT\r\nContent-Type: text/html\r\nContent-Length: 813\r\nConnection: keep-alive\r\nLast-Modified: Mon, 06 Apr 2026 12:58:19 GMT\r\nETag: \"67a-64eca388710c0-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1658,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (406)","md5":"b2d8856ecd91b1451dca7e7bead0a37c","sha1":"a7e19e613a252d73f89e03ec5bbb96886a35b224","sha256":"1632db182ac1233cb51e6393bebfa42ad4efc3159691da3aa6579b48e7b8fa38","sha512":"43e5978d8b4d77a0a0e8cc307237e2621392c840c0c1db5dc3fe09f33d2ac43e45b24fa56234938ca3d829c8e7acc0fbb8262014ddde3e01b3d2303646c9bab0","ssdeep":"","tlshash":"a03114f751a8901f0330f15a7f10a22c9a47984bddd999db728d185d3f45356c80729f","first_seen":"2026-02-22T10:46:17.925412Z","last_seen":"2026-05-20T10:09:17.224234Z","times_seen":95,"resource_available":true,"data":null}},"time_used":440,"timings":{"blocked":57,"dns":1,"connect":57,"send":0,"wait":325,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-19T12:44:51Z","timestamp":1779194691,"ip_dst":{"addr":"31.56.209.11","port":80,"asn":25369,"as":"Hydra Communications Ltd","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"172.18.0.19","port":45546,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ETPRO INFO HTTP Request to a *.click domain","source":"{\"timestamp\":\"2026-05-19T12:44:51.583553+0000\",\"flow_id\":1960248227336709,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.19\",\"src_port\":45546,\"dest_ip\":\"31.56.209.11\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2858675,\"rev\":1,\"signature\":\"ETPRO INFO HTTP Request to a *.click domain\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2024_10_10\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_10_10\"]}},\"http\":{\"hostname\":\"bugunherzamnkndenguzel345306t5.click\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":813},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":693,\"bytes_toclient\":1307,\"start\":\"2026-05-19T12:44:51.201221+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-19","alert":"Phishing Block","trigger":"bugunherzamnkndenguzel345306t5.click","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-19","alert":"Sinkholed","trigger":"bugunherzamnkndenguzel345306t5.click","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/default-server-index.js","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:51.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/default-server-index.js HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 12:44:51 GMT\r\ncontent-type: text/javascript\r\nx-amz-id-2: WaO3YaNZeI7O10fHwWgbtV4OLUTJOZgHwuRUU9Y5ebAdeVST/NI7Hcccodvj1R+L7cDKy7gTAFzy+sv6xQrurUkSUENGAw1S\r\nx-amz-request-id: FFZ0F51XBTQJJQHC\r\nlast-modified: Wed, 08 Apr 2026 13:25:30 GMT\r\nx-amz-version-id: 2vhQcpK6wratfIf18NwQPJij2WZvvGol\r\netag: W/\"17c1c4a9c72520a1f0006cb0ac30e39d\"\r\nx-77-nzt: k8r1R31Sr1j2xyuFDQNGxbZhhSCx2hgLvSG7BJgKnaAAg69yLdbwUnChSRukwCbuRKAkAgY\r\nx-77-nzt-ray: 2a494a150e9d8abc685b0c6a6ca1f933\r\nx-77-cache: HIT\r\nx-77-age: 92093\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":26256,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17142)","md5":"17c1c4a9c72520a1f0006cb0ac30e39d","sha1":"2badb9f917ad3173de18f979155caee3846819b7","sha256":"a44276679581dd744aa4fe4d26d9b62cb45e849a0319beba2b584674fe3943e5","sha512":"f1d3abafe04395d3c68b5a0b4e127c1e19ba2879be6f9acf2480363558827181b3136c1047fe4756003839e8188fe84955653b65b9a2dabe8f90d5abe33b9a84","ssdeep":"192:Pa8j2rrxw0dAZ+hbXIK6XocTqW1ryoBBX/Lfe28bz11NDHQi0HXHYQRQKkuTAiU2:ue/7H8XFDHqXvQKk4r79XXdDd","tlshash":"d6c21756b243717d02538ae5fbbb1310733a7418e0194278f29de3b61faf9a5c592b2c","first_seen":"2026-04-12T16:19:45.593408Z","last_seen":"2026-05-20T19:37:42.301832Z","times_seen":608,"resource_available":true,"data":null}},"time_used":664,"timings":{"blocked":175,"dns":51,"connect":33,"send":0,"wait":309,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/fonts/inter-v12-latin-regular-be7cb1.woff2","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:52.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/fonts/inter-v12-latin-regular-be7cb1.woff2 HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\nOrigin: http://bugunherzamnkndenguzel345306t5.click\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 12:44:52 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 16708\r\nx-amz-id-2: zQMm4Zau5tvywk+e7fwdXEO9N5GLKujvN8PxPUlcDYFVq/7LgeN5BShfugpvB1oQ9foQFovER+qrZyNq6i28q8kEC1x4/X+O\r\nx-amz-request-id: F8NH5PE2RG7594AE\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 0\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\nlast-modified: Mon, 01 Dec 2025 09:47:29 GMT\r\nx-amz-version-id: FLXzY1PkhMOuxxNBp3e3tQvF_ndGD7LC\r\netag: \"68c477c4c76baab3a8d1ef6a55aa986f\"\r\nx-77-nzt: k2WkmdCjwpy8K2g+o1A0AT4Vr9P4bJuRH0JB0CWfRlZGAC0SXSOYuJCnIgxoaC4EPpDei/w\r\nx-77-nzt-ray: 2a494a15adaba2c3695b0c6a54879217\r\nx-77-cache: HIT\r\nx-77-age: 92094\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":16708,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16708, version 1.0","md5":"68c477c4c76baab3a8d1ef6a55aa986f","sha1":"4af50379e13514558dd53d123db8ea101ec5e24c","sha256":"0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac","sha512":"92b34fe3b7f82f10cf6de8027ac08f4a5b8764fb4e0b31c93da6e3d5bd08e0bc83b79fd70b8207a1066b689583e0b6976fa3c885b0c067ea343e6f2031d55d25","ssdeep":"384:Nd1nZ+hLc8g3/2AY8VL6UBP38Y1dDq6w9ZD:bJZpv3h1Z3x+9ZD","tlshash":"0572d092b7f2d6b84d28bdfe122b04099ca91d8729f113f25942362ba5b1c6484fd071","first_seen":"2023-04-09T06:32:51Z","last_seen":"2026-05-20T20:33:23.761947Z","times_seen":13227,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":77,"dns":1,"connect":33,"send":0,"wait":67,"receive":6,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/img/logo-81ca7a.svg","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:52.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/img/logo-81ca7a.svg HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 12:44:52 GMT\r\ncontent-type: image/svg+xml\r\nx-amz-id-2: lXyn3f8Ji2TgSmjnKyO5QuaX6E2yaA6PRjNZ3B0yOqMSGnnYlrtAaHX9Mkuh2/xwUFkX3jicHiM=\r\nx-amz-request-id: AKPM7EX0Z5YF6TRK\r\nlast-modified: Wed, 01 Oct 2025 14:43:44 GMT\r\nx-amz-version-id: n1OaEp3MifiWuinPTAjjnlM0TG0d5HoH\r\netag: W/\"50f16a34400340b368e0ac5a991997f4\"\r\nx-77-nzt: k0SyszLyrJA71y1U9s825YyO+Zg77pi0Nqr/lXqH7RHsMPVCPk1Ekv643sWz0TirscVRc8E\r\nx-77-nzt-ray: 2a494a150e9d8abc695b0c6ac9956f13\r\nx-77-cache: HIT\r\nx-77-age: 531450\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":2099,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"50f16a34400340b368e0ac5a991997f4","sha1":"acba5b50993b1ac89f8ecf9531dd2561fb9d8038","sha256":"a459426d178bf696ac29aed37f5c2e73e24ee716d578678440b6513f54721b7e","sha512":"9bcf4b3b9895cdc5c0b795084f026e6f13996aadb3b00b1873cceb24e690f2143cec74e9dcab993be8f5fde96a98322ff586547e24d165d98a161a859e074cea","ssdeep":"","tlshash":"d741ce728618c5ac96078638ce7580f22b1fa8f73a5a13b8d2ffc77074439c5d252928","first_seen":"2023-05-09T02:17:30Z","last_seen":"2026-05-20T19:37:42.302916Z","times_seen":5616,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/img/wpg-b313a8.svg","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:52.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/img/wpg-b313a8.svg HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 12:44:52 GMT\r\ncontent-type: image/svg+xml\r\nx-amz-id-2: U+hHAza3KSYKHAN5bQlziUnqcjM7RO3+6dOGnXFw1dFUTRQ+UiCXsSho2370icUj3apHTUL1e5gmr+7gjTMl1kbNb8IUnw5U\r\nx-amz-request-id: S3DEG71GQAYKNVEY\r\nlast-modified: Wed, 01 Oct 2025 14:43:44 GMT\r\nx-amz-version-id: uZVR1H0XetJJbnppT_0f44epDF_mQ2W7\r\netag: W/\"67b7f0f50fe6837597cc7ea4ac4e3fa3\"\r\nx-77-nzt: kwI+MapgaYTzO5hOrhvoiZKVMmOmVfClccIMUILrmvbd5Z2UJcuzAn5miAaAUEjDS16wxb8\r\nx-77-nzt-ray: 2a494a150e9d8abc695b0c6a12488413\r\nx-77-cache: HIT\r\nx-77-age: 78327\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":1304,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"67b7f0f50fe6837597cc7ea4ac4e3fa3","sha1":"9aafb23c2c7b4466d0ab05e3e115c82757706762","sha256":"a205e44bdfd4d85a52d1412f0923f5cbdaae73050ac51529fb70b7a80c4d0b93","sha512":"dfe5a5097d639fe7cab87ea1c8691951b2b6a04959762aa0d2b2660eeecf184da057846fa08492ecc79102896db39aac1b817da7d8b371023aee95c1b7d5a23a","ssdeep":"","tlshash":"eb21f6a11979d86c0d970bf2cf7e85933b9fd0b9b21583ed55536170500a2cdc5c6d5c","first_seen":"2024-05-01T23:57:27Z","last_seen":"2026-05-20T19:37:42.295977Z","times_seen":5600,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/bundle.js","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:52.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/bundle.js HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 12:44:52 GMT\r\ncontent-type: text/javascript\r\nx-amz-id-2: SkeEcdx9SI7q7wj+JHe88wvQ6V5Y/NAnwHIUXRLM2Z+6aiBQLa9LfaomUhK8wCyyAe5jiQO9pHM=\r\nx-amz-request-id: WYBX33G67Z28E4VE\r\nlast-modified: Tue, 12 May 2026 08:52:43 GMT\r\nx-amz-version-id: peC73ZyMMGy_8nShxZaEwORP3qOz2usa\r\netag: W/\"cc9dcc7b2e956c9a8d0a5fcff8ebab6d\"\r\nx-77-nzt: k4XBeuvEV2Rmw5XN8/rxDLBFwAtKc6MAe5Jp8Uk0wE77SLtzaD0ySIsWrwnERmGlA3NDDwY\r\nx-77-nzt-ray: 2a494a150e9d8abc695b0c6a85ad8d13\r\nx-77-cache: HIT\r\nx-77-age: 92094\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":137339,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"cc9dcc7b2e956c9a8d0a5fcff8ebab6d","sha1":"0c2d4f90e7189abfb3a2ea35c6e3da56e9cf3976","sha256":"0de697d6f42b799cd7c19d736db69f3aaaff66e1fa440b0e75fe15ef8b819092","sha512":"a3659d2203996b708dbab5180ecfab61b1670e9dad3e803ad82e16b51806404819fa61a6ccd2dd300537218be885fd070dd730ccf63583a234c78f082a8e8a30","ssdeep":"3072:LnxZf6ptxerngWj+H5i/cwTd7D0/lu1J4q/fRx:LxBmmgWjq5i/F9D0/0PL","tlshash":"91d31a9531a1b17503da15d1f4394601f2391a59309cc8acfbfc98ebe8e68c69a37f39","first_seen":"2026-05-18T16:43:18.850376Z","last_seen":"2026-05-20T19:37:42.296647Z","times_seen":107,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.plesk.com/static/default-website-content/public/img/stars-fb15b6.svg","fqdn":"assets.plesk.com","domain":"plesk.com","tld":"com"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://bugunherzamnkndenguzel345306t5.click/","date":"2026-05-19T12:44:52.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1226552209.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 18:32:56 GMT","end":"Sat, 27 Jun 2026 18:32:55 GMT"},"fingerprint":{"sha1":"15:79:F1:DB:39:A4:F6:65:05:19:B5:F6:70:4E:3F:34:1E:FC:5B:12","sha256":"CD:72:9C:13:05:94:26:08:D8:30:50:A5:9B:9C:FF:8D:85:4A:85:5C:1A:88:F5:B6:D0:FC:A0:69:87:EC:91:9C"}}},"request":{"raw":"GET /static/default-website-content/public/img/stars-fb15b6.svg HTTP/1.1\r\nHost: assets.plesk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://bugunherzamnkndenguzel345306t5.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 19 May 2026 12:44:52 GMT\r\ncontent-type: image/svg+xml\r\nx-amz-id-2: e0zZL4J4kiVwNkbEVuIPpjnB/aejT/2treQ2p41oZPZXlezngGOyNd6H6phRbv3sapi7XoOLXMA=\r\nx-amz-request-id: AVJ8AWZ2TEN89TKF\r\nlast-modified: Wed, 01 Oct 2025 14:43:44 GMT\r\nx-amz-version-id: Up8sAenBbTqZtWPLG5melXtHHLPmg.QS\r\netag: W/\"18aa9407cb97208391f24bcef249457f\"\r\nx-77-nzt: kwnLqA4kXJ0KQjIlUaDlmc7ZKJ/bJlNdPEI+hUNoV0GHpze5TDyh2By6Eib3ZfCWtXaUmD0\r\nx-77-nzt-ray: 2a494a150e9d8abc695b0c6aac8b3a14\r\nx-77-cache: HIT\r\nx-77-age: 155208\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":23587,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"18aa9407cb97208391f24bcef249457f","sha1":"c76eef71591d7d92fb30f51b49dadf16ae600a05","sha256":"30628c4c5254e81ed7f953bd449c6976ce87210089c4b221f00c3a7a5d597736","sha512":"2092a8b785ed8edf6e63312a7d70ca42932851f3b491604bb6e3fa861c05c82ffcd2b3461c7b17fa3af6e73351b70acfcc1e4e20bf2ae00606a565c6a2f1867e","ssdeep":"96:ruEAlHCq+7wX+MTntIRT1jTgNOHgWIl0a6IP+5bDTIjvPj5jBjF76ydRyuK:y0COXRhRVxsDZB93dQp","tlshash":"a1b28fbd1397d9ec7c02e990be7611e3e52fe2dd209c07d09079c6202bd26dae78e585","first_seen":"2023-04-30T21:16:24Z","last_seen":"2026-05-20T19:37:42.297311Z","times_seen":8099,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}