Report - yeniy4.com/

Report Overview

Visited public
2023-10-13 01:40:55
Tags
URL
yeniy4.com/
Finishing URL
yeniy4.com/
IP / ASN
172.67.170.1
#13335 CLOUDFLARENET
Title
Müşteri Portalı | e-Devlet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
yeniy4.com	unknown	2023-09-19	2023-09-19 14:25:12	2023-10-13 03:40:29	15 kB	624 kB	172.67.170.1
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-12 18:12:01	2.0 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-13 00:40:47	1.6 kB	134 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-10-13 00:24:52	1.0 kB	54 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey
2023-10-12	medium	yeniy4.com/	Government of Turkey

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	unknown	DomTimer	217 B	2023-08-26	2024-08-21
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-08-26 12:49 Last Seen2024-08-21 08:02 Times Seen103 Hash d8c031fe645e446bce01d3748070c62d 3d15323eb620aa846b2234d5ca3921e2fec7ba91 82469a6cdde853a015a1624f575234f59cf5b2f2f7ced7d676932c7c4d8240d3 Loading...

	yeniy4.com/js/jquery-1.12.4.min.js	ScriptElement	88 kB	2023-06-05	2025-06-21
Pretty URL yeniy4.com/js/jquery-1.12.4.min.js IP 172.67.170.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 16:56 Last Seen2025-06-21 11:29 Times Seen848 Hash 4fcf018b5c604c47ae980185cf0167c2 fa4ab55b154a5a4c4ef55cfad51a2a2d4407af61 32b42f9bc813dd6bad1b45129eade1df8dd1463908f79505209fbfa1aa71018a Loading...

	yeniy4.com/	ScriptElement	40 B	2023-03-07	2025-06-23
Pretty URL yeniy4.com/ IP 172.67.170.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-06-23 03:49 Times Seen8392 Hash 6bd43cf0ae158526c6ab93dc3be79f28 15c289e342bd3fdf5b1e95f7abf25a2bc78bf357 7a13d5ae0755d86c09084ec300c4a0f1a0a06921f74d9980eba9d966ff17ad38 Loading...

	yeniy4.com/	ScriptElement	1.2 kB	2023-06-01	2025-06-11
Pretty URL yeniy4.com/ IP 172.67.170.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 09:31 Last Seen2025-06-11 11:02 Times Seen242 Hash affae1457af4b92414fb8d8f23ce4858 bce05c7c5f12d2ecaecdb2e313b6e1b66f646482 866f512a87c674b201b16e84ef483c91805b73c287cd72737f1d29ebc1a554a9 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5531a5834816222280f20d1ef9e95f69	4 B	2023-03-12 12:17	2024-08-29 17:45
Pretty Observations First Seen2023-03-12 12:17 Last Seen2024-08-29 17:45 Times Seen7112 Hash 5531a5834816222280f20d1ef9e95f69 445cd2fd3273962bdf09425109a2d09f7170e837 d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f Loading...

HTTP Transactions (45)

URL IP Response Size

GET yeniy4.com/images/banks/akbank.jpg

172.67.170.1

200 OK

3.1 kB

URL GET HTTP/3
yeniy4.com/images/banks/akbank.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.1 kB (3052 bytes)
Hash
5efd7fb621b6e039549923f7e1fd4a17
043dfe10e2d4d90a72e5624166ec961be7b20b3a
6df70210d474fd90f14d08bb9dbc66c0411fb1f85f503dcd62916fec271a2c5a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/akbank.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 3052
last-modified: Thu, 24 Aug 2023 14:04:11 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2Bb0jKtOatQQ7plC9ycksXInxe12iBbC3X7xveZ1871mlC5WcojBlyZWcSi1bCYVlz47AtKBBVr1uuMKPm23YcOnnOJLfpWbJRIsIkc%2FygHuXo5B1MX9Ai9Z3I1P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0254b82569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/finans.jpg

172.67.170.1

200 OK

6.2 kB

URL GET HTTP/3
yeniy4.com/images/banks/finans.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.2 kB (6232 bytes)
Hash
23f8245ca4b48852594fd42621da538e
64ce65dd304712acca99110878facf125cfc029b
dc1ab0a4fbef32df24a561823e09cfd394cb1486bbcf4d5c74981fd74e039010

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/finans.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 6232
last-modified: Thu, 24 Aug 2023 14:04:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POBq7d0YjQTjMPYi0%2Fg3skt67%2BF3aW5EQn7ju0X8Hg%2FgCJw3%2FP4t3DJrrvAxTuv5Mpwt6JLsnktBhbR1FfWB02MEvJtiB38Gu6Gh7Vxi7onQ1bieVKuPOBRifj6V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0256b89569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/1.png

172.67.170.1

200 OK

2.2 kB

URL GET HTTP/3
yeniy4.com/images/1.png
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
PNG image data, 165 x 40, 8-bit colormap, interlaced\012- data
Size
2.2 kB (2220 bytes)
Hash
fdac5f9234036c2502cee52c30f7774b
cd24a9f757055e2ef598be0d164934c6a1b4e3cd
473f0d637169b8b400874ffb0c487dfc5f4bc544e8bfebe98502a6a5ceb781e7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/1.png HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/png
content-length: 2220
last-modified: Thu, 24 Aug 2023 14:04:07 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIlX8sKtuNTeg7MdcJIdGwy8JAMxLD4WiScmhKThuWNHufkfk75S94sVx8Gbwrt49U%2B1Byjkiw%2BPZ5voiiJeAuYIrIljS89c638PI3PGvuePZtX4bX0z5sm1PL9S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0254b81569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/garanti.jpg

172.67.170.1

200 OK

5.3 kB

URL GET HTTP/3
yeniy4.com/images/banks/garanti.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.3 kB (5268 bytes)
Hash
34cde1a4d95782dc8a404f3b7a22707c
11acdbecc2e820ea75a21efc9d19c7f3ebb62631
cf164d0f6dbdd0f6aa11ba954189b8dcf4cd07ad066083633986c176fc0019cd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/garanti.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 5268
last-modified: Thu, 24 Aug 2023 14:04:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43rmGxRKcvpDb2F%2Fpf9l794kQTnyoZXo%2BDcgFC4EgsCeMAW9kj%2BJix%2F0IGl%2BRiyeAeg4syicXgGr847D3tN%2BezGkORgg1LltYZbsMWnL%2FnR1Reg1w5MD%2FNWfW5Ru"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0257b8f569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/anadolu.jpg

172.67.170.1

200 OK

21 kB

URL GET HTTP/3
yeniy4.com/images/banks/anadolu.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:20:05], progressive, precision 8, 500x200, components 3\012- data
Size
21 kB (20736 bytes)
Hash
7e0925a6f6a401c7e8721b9836fc721f
9a0b48e0bd35ccc96c5391b2a30e8260098d7df7
ca3770bb64ef72ab2c7d2e1b28639fe9145970310eedef1657cb2b81bb3aa4c5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/anadolu.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 20736
last-modified: Thu, 24 Aug 2023 14:04:11 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4c03t76DjbRrDtifinGA5OGTMT3evIoQhp4YgCj5HBXrrYqe3jB3zfUXjoevmHgR4DqBrL%2BIWaAAsXuKNpyokAbL1FmlgTMyvOQL%2B0vIWkgCJCfApzS%2FMaHJOlC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0255b85569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/isbank.jpg

172.67.170.1

200 OK

5.0 kB

URL GET HTTP/3
yeniy4.com/images/banks/isbank.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.0 kB (4990 bytes)
Hash
fd5e77dc351059471eebc68959b970ac
a6e147f8e19ec340715a8180f9dc0a3171c1d159
d3f148ed9edfb70ea4138f1d06b50ad305da5fce6f8c4155642c84793dadacc2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/isbank.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 4990
last-modified: Thu, 24 Aug 2023 14:04:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bp74HSDp6C%2BBype9wccQ2YjeCqdyWRJdrI8DmcSq%2FNKyH3MLL3HzvNdYS20SPsJVanl1K1b%2FWXc712xbMWovKoGp0MTqq7jRYTjIp78FD4ULIDjjw2gU18NuV5S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b93569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/kuveyt.jpg

172.67.170.1

200 OK

4.1 kB

URL GET HTTP/3
yeniy4.com/images/banks/kuveyt.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.1 kB (4050 bytes)
Hash
c9d61e6409128b3b695da5d0f577709d
df9f6b72f626a34e1a0f7c5e09198616cd055dc6
4c353eb3748f302e18d210a9ab7cc1ba7e1b28a7357e038782e4e7a88088547a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/kuveyt.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 4050
last-modified: Thu, 24 Aug 2023 14:04:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4OlgGZYYtMZLj2%2Fph%2BwYieoSOJvD6%2BPrSBaV6H8wa%2FyMBuRqb%2BOr4vmZRwbIaNMSVvCQRWTaOttjgRu5VVBydhlYfuohPYItluLlyWkoKvNzUjwaD%2FOi81VnowC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b94569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/ykb.jpg

172.67.170.1

200 OK

4.0 kB

URL GET HTTP/3
yeniy4.com/images/banks/ykb.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.0 kB (4042 bytes)
Hash
f188c8bdec3ef94c06aaef6ee7381867
36dd9ecd9ecce60496899dcc092508d06add77dd
80f27648ba9bcfe1f3e29eaa9ea2b0c87c815cafaa0d708042d0ee926e295b14

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/ykb.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 4042
last-modified: Thu, 24 Aug 2023 14:04:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtgYk90agFJDg67oOEpZllNAoZAIAA10OtwtTFeWxuV7XnWt%2Fyxt8PdsVhedW7f3N%2BkrZydDM9KSatri6jZqSpSG%2BARsS9hNn6Z3NmrF3jVD081Be%2FSXqac7QFE%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b9e569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/deniz.jpg

172.67.170.1

200 OK

5.8 kB

URL GET HTTP/3
yeniy4.com/images/banks/deniz.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.8 kB (5774 bytes)
Hash
7995b5e53599897563011d13aa49ea5f
f56c2f94bfb6cd60d11d278e0fbeac6703590e72
d51ff84f13144f25ddc1daf353e519c9541ec6be63da2c25fb3868112064af32

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/deniz.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 5774
last-modified: Thu, 24 Aug 2023 14:04:11 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuUAC1Pre%2FmwfYvzC82PKUFdAhoB9ngprZk4NU0mmeXpI%2FW93GJoLrDh%2FxLm6gNlHLaoTDe0oihWEBZ9EUz3aWa9%2B0eKtjjcZd9mPkWwxEIafooTE2Kf5lPxxXLb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258ba1569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/fiba.jpg

172.67.170.1

200 OK

37 kB

URL GET HTTP/3
yeniy4.com/images/banks/fiba.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:28 03:31:15], progressive, precision 8, 500x200, components 3\012- data
Size
37 kB (36954 bytes)
Hash
55eac6447192dc06174ffd6fc925b12c
eb34ea301401fdaae5c50d52e2f11934738e98f5
652f9b7ef8cd5a0c66cb112ce2b7eb8ea7f9332d13552c7e82e9c7e5f532e075

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/fiba.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 36954
last-modified: Thu, 24 Aug 2023 14:04:11 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNx00QRsIjFCte%2B3%2FsJQYR7VqT4lgQx8LzfhEEMEvpAFUurqNBN96GNyV67WYYe0XsEca3ZM426%2Bmrjqi9TUjoUHMqlHD8lXwuistBJkaesk4hYuYK4z4zW0JWQ3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0255b87569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/ptt.jpg

172.67.170.1

200 OK

5.3 kB

URL GET HTTP/3
yeniy4.com/images/banks/ptt.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.3 kB (5260 bytes)
Hash
810a4de086e544a749cf1b43416178ee
a3102b2bb04886a9665207a1c70068d31f5bda71
1d2f039fdbea8658d2d94f561bc21b0431efac371adddc47d81bb95b6b8bc4bd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/ptt.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 5260
last-modified: Thu, 24 Aug 2023 14:04:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZkn7hcxW1fzf9BEV%2BShS0SDSjkFP0S5%2F2M%2FRW0UE2nDM5B9zrx0f%2BKNeDRmQnbkzT3BqkYK5qR4NZwUwoaMdVfELMWxyeoVc6uuwpw9SidNUp%2BevlixT%2Bm5qhgS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b97569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/vakif.jpg

172.67.170.1

200 OK

4.4 kB

URL GET HTTP/3
yeniy4.com/images/banks/vakif.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.4 kB (4414 bytes)
Hash
d1306ee481d42e8b5c9bedc7912750bd
69280f12c5a71880b049d64cca44b99aacaf6dc3
c005bb0a1e17fd46685cfff945353975bdac012d5f487be9c3bffe1c08f02fb0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/vakif.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 4414
last-modified: Thu, 24 Aug 2023 14:04:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMx14jhBmJEpQwj5DpxAS0ijiEt%2F0xBvuzJ0bHtVqSTkonwCDjh%2BmgD4zptlHqFQZhGCQRUvZcb1r2%2ByvxrVXgbYDgKnQ6OmiK6g7pRDXlmRSMP6vn%2BjrDtGFri7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b9d569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/turkiyefinans.jpg

172.67.170.1

200 OK

4.5 kB

URL GET HTTP/3
yeniy4.com/images/banks/turkiyefinans.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.5 kB (4528 bytes)
Hash
7d37026130c2a0b269bd4f9c165fad7f
f53514c0d1a2f644cb6db4ffadf0167fec4413bf
008b64adb48fe137b0210b3187450b8804fb291d5283e794e2eae52e05d61720

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/turkiyefinans.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 4528
last-modified: Thu, 24 Aug 2023 14:04:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXTKlWfX4drO9ow5CY12Feu8m5ZK5e4GOsQVTccnc3zjv6vRlsmP1n7TA8v3KgMebxoF1QEoDZoSw9P%2F7SvhB%2FIe2DPMPbDTndhOW208tdYMYHy7olKO5Om%2FIbAb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b9c569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/ziraat.jpg

172.67.170.1

200 OK

3.5 kB

URL GET HTTP/3
yeniy4.com/images/banks/ziraat.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
3.5 kB (3510 bytes)
Hash
43c944fa568502baedcce9455d812c3c
d9b1cfcad1a4af9ce14af46b37d91dd8551ae9bc
ee9df8faf35a0992e4dbffc2df4bb02fd6691184766d2915cf2e19bc4e906fe3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/ziraat.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 3510
last-modified: Thu, 24 Aug 2023 14:04:14 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al0pqIZ7Y%2BX0gFu9sNz8KSUlwWfAhnHaFEw3nKmoES4ube3bQOAqtdiVPtUAqsg5Wfkh2tmDUd3QY3L1%2BV1RCRzADB1pXjeJVLLa4J57%2BHPusRy5MWilNA4KkRNm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b9f569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/albaraka.jpg

172.67.170.1

200 OK

36 kB

URL GET HTTP/3
yeniy4.com/images/banks/albaraka.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 20:19:27], progressive, precision 8, 500x200, components 3\012- data
Size
36 kB (36270 bytes)
Hash
dff21d4248fc2a0b6b34a0d108b9121a
e52b06b2f5c7379ae46751b399a10e53425c02d4
599a24cf29ab06d972a5c2e4386f21051d3b78b27f93b9306eb3ffcc71263b94

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/albaraka.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 36270
last-modified: Thu, 24 Aug 2023 14:04:11 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gv7L0TKbn0MA7mHbHD6KXa3kmz4WbOPknuxlZ4Lw6rkNQJY%2FhvDP6kChrWCCCHO2s2jEsj6jleAKt3rXW%2FiljNWONN6C1xJYa68ajHrbTEhJf0AZi9Nu4TWbKHxa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0255b83569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/halk.jpg

172.67.170.1

200 OK

4.9 kB

URL GET HTTP/3
yeniy4.com/images/banks/halk.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
4.9 kB (4904 bytes)
Hash
a82f67a8bcfff4ea7793bb3fcc00cb4d
decc78e3f9341338eb0ab9757735e2338a5de451
871657ef72c4641d784288fbccbc14775b72a07437c69e2e29d7a2ae0bed9f73

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/halk.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 4904
last-modified: Thu, 24 Aug 2023 14:04:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3%2FEfHit510TsMFDMlDGDl4dQb0YzdNUq2DruKjg9h23CknZTp65hCDTp2XegWVuGDFEzIjUL3HFAvHlk%2FlzH36wgVXysG%2FwP3KuDvxNh%2FtexDwrB2gA3%2Fq4j0p7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0259ba2569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/alternatif.jpg

172.67.170.1

200 OK

46 kB

URL GET HTTP/3
yeniy4.com/images/banks/alternatif.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:19:10], progressive, precision 8, 500x200, components 3\012- data
Size
46 kB (46102 bytes)
Hash
6cffc318b97a4d585f3b967257f7e3b1
6b3b875b2d43d05c90dd5f1df832473b1b369d42
f420da08280cb364b9dd6ef4c6404923854a0e449deaa93f7a97044bed52b463

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/alternatif.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 46102
last-modified: Thu, 24 Aug 2023 14:04:11 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRDdBuqjDvnQxARa%2BU5Ju0hj5lkIgm0Wbp4XiwhHN1af0dzufwjCFs6Zw5EpgE0Au%2FWCeMO%2FXj9%2BTpeFL1mwL7smbkja1F64m8Z49FeKLgs06SiKUWK14C9Wefvv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0255b84569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/teb.jpg

172.67.170.1

200 OK

22 kB

URL GET HTTP/3
yeniy4.com/images/banks/teb.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:27 19:59:58], progressive, precision 8, 500x200, components 3\012- data
Size
22 kB (22502 bytes)
Hash
ac0cd030d45d9e6e66c084bde8e550bc
ddcd46644e2f43b14a8d399106f697631a138b2c
42ac0a069fb6314753f1fdd80c94daeeb7e784fbc34661ca692c7885390a86b9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/teb.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 22502
last-modified: Thu, 24 Aug 2023 14:04:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFYaTdioUWOzbH2awMPjMiDkGivSQjAb66ho%2FQIBbuIFvS3%2BAGX304DHRkA5SHuUubkRbtauwbCIK4akUADGFEm6XUcM2rQ2ar5avf5Ci0mdvCL3DNArn2cNu6gC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b9b569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/sekerbank.jpg

172.67.170.1

200 OK

31 kB

URL GET HTTP/3
yeniy4.com/images/banks/sekerbank.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 18:05:41], progressive, precision 8, 500x200, components 3\012- data
Size
31 kB (30853 bytes)
Hash
086ff182d1ce8900789c915f40274fba
8b3a467a19d3b3e1b014646b4d720570a44a129b
cfe6b1fdc9e2ab8bbda89190e3305a86866196d1b60bb3b3849d47cd5c89a3c6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/sekerbank.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 30853
last-modified: Thu, 24 Aug 2023 14:04:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPBwJZCdcvQd3nrEyeZnpFkugUNAHCrGSZWLaJ9fe8U2okxzjp9vx%2BFz2huPmjSwyYo4xisoQJcqB0Itl16O98M3zs6OQsjwwkFkHQcL8CufgV3NmsJJ36ldsRdu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b99569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/hsbc.jpg

172.67.170.1

200 OK

33 kB

URL GET HTTP/3
yeniy4.com/images/banks/hsbc.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:09:28 01:56:02], progressive, precision 8, 500x200, components 3\012- data
Size
33 kB (33055 bytes)
Hash
6b6d6494a2d5fe6292641588af2ff231
d4d82a589a1e71a4c917b0afc0267bac3c672480
c521f96b7435290fd70825a2d5e45a10dc3789fefd0d98851f72330c1d6f7a11

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/hsbc.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 33055
last-modified: Thu, 24 Aug 2023 14:04:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oi7WOnmkrXFlz6i%2BGWqwo3c6MR1w%2Btb5qIuwHNfEy5MXcHeO62d%2FpEqy9xzL4CqVfObHqcQy4Izoil4KP9f3feAC5Ib0hTQbL3HQZMwj0Xp2O%2Fl4tE1busGgafgs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b90569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/odea.jpg

172.67.170.1

200 OK

25 kB

URL GET HTTP/3
yeniy4.com/images/banks/odea.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:34:34], progressive, precision 8, 500x200, components 3\012- data
Size
25 kB (24936 bytes)
Hash
2c60ad4276905c8109bb3981c24bb068
fb8c7c8f07557ff9776d9a95cb50a946a3d326bb
497b1ce30cdf438891fc6f8dc9250206822acc3e0f3d81d88599c6e6dc177795

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/odea.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 24936
last-modified: Thu, 24 Aug 2023 14:04:13 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8Odjz1Ls3CWmtIHk57XJGXATuYJWsrG1Tj%2BQXFiNMW3An8MaFb6JdQstm%2BOExag83o8kCufmaPG5zmWXtsz%2BlDYHkJL7BSmGx%2FOxddCaMVWSBq0rBJh629TWYlZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b95569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/ing.jpg

172.67.170.1

200 OK

52 kB

URL GET HTTP/3
yeniy4.com/images/banks/ing.jpg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Windows), datetime=2022:10:01 17:48:36], progressive, precision 8, 500x200, components 3\012- data
Size
52 kB (52012 bytes)
Hash
2c6418346997fdb03349d4f026bed400
eb6fc219bb66829771c3d153fd1c042aa31b368b
fcc9fe739e09a1e8c65fa63d6802fe6d87aeb4bb73b3a41eaf90426a5f5d6cc0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/ing.jpg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/jpeg
content-length: 52012
last-modified: Thu, 24 Aug 2023 14:04:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzDnm%2B290pZDHwZCr0bTJNheDQ%2Fy%2FsnXLmZZvVeddd80uknKrHe0OmaRN37EQFMjKKAEy8TN2K7aXDwD3L56vgbUx0mJ04GSNT3T4x1KcN%2BGFhLJ%2F9XgzuF7k8J4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e0258b91569c-OSL
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/js/jquery-1.12.4.min.js

172.67.170.1

200 OK

32 kB

URL GET HTTP/3
yeniy4.com/js/jquery-1.12.4.min.js
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
ASCII text, with very long lines (65446), with CRLF line terminators
Size
32 kB (31873 bytes)
Hash
4fcf018b5c604c47ae980185cf0167c2
fa4ab55b154a5a4c4ef55cfad51a2a2d4407af61
32b42f9bc813dd6bad1b45129eade1df8dd1463908f79505209fbfa1aa71018a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /js/jquery-1.12.4.min.js HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: application/javascript
last-modified: Thu, 24 Aug 2023 14:04:15 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DP3q0CiD7LGIE9AA9azk9KNCHS2Y79uLbydbV1uFPnc13m9QeV9QJOAgc1pB50WgEZqo06jTsMe8TErW6YVnYQZ6IZG947uVutRmeWo3SSOyyjbNLYk4%2Fl0QlXK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153e0254b7f569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2ce1eb0a081cc326c64f59c2515473ef
62a9f26be5d03b1726da755369b6eeb814150c56
78d8522a7548edf4ccd533df3a8cf44749f249661f626befcc441c31b6630908

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 01:40:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2ce1eb0a081cc326c64f59c2515473ef
62a9f26be5d03b1726da755369b6eeb814150c56
78d8522a7548edf4ccd533df3a8cf44749f249661f626befcc441c31b6630908

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 01:40:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86dd6d9049c9126ed4d892019fe202f7
0a8c428748a264457cb0d21dd0446c781091ec0f
3e37edfb573c2be91caa2a0d41fa3dbb8c7f5d459c685cac67407e9c980b4dd5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 01:40:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86dd6d9049c9126ed4d892019fe202f7
0a8c428748a264457cb0d21dd0446c781091ec0f
3e37edfb573c2be91caa2a0d41fa3dbb8c7f5d459c685cac67407e9c980b4dd5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 01:40:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86dd6d9049c9126ed4d892019fe202f7
0a8c428748a264457cb0d21dd0446c781091ec0f
3e37edfb573c2be91caa2a0d41fa3dbb8c7f5d459c685cac67407e9c980b4dd5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 01:40:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://yeniy4.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Oct 2023 09:00:39 GMT
expires: Wed, 09 Oct 2024 09:00:39 GMT
cache-control: public, max-age=31536000
age: 232798
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://yeniy4.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Oct 2023 09:00:39 GMT
expires: Wed, 09 Oct 2024 09:00:39 GMT
cache-control: public, max-age=31536000
age: 232798
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.227

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35120, version 1.0\012- data
Size
35 kB (35120 bytes)
Hash
dd986ff1050050613be051863773d677
51a12487fd51cc02ca54a984f82d63318807ca2e
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://yeniy4.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Oct 2023 08:30:46 GMT
expires: Mon, 07 Oct 2024 08:30:46 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
content-type: font/woff2
age: 407391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86dd6d9049c9126ed4d892019fe202f7
0a8c428748a264457cb0d21dd0446c781091ec0f
3e37edfb573c2be91caa2a0d41fa3dbb8c7f5d459c685cac67407e9c980b4dd5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 01:40:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

POST yeniy4.com/veri.php?ip=91.90.42.154

172.67.170.1

200 OK

0 B

URL POST HTTP/3
yeniy4.com/veri.php?ip=91.90.42.154
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

POST /veri.php?ip=91.90.42.154 HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://yeniy4.com
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IerQZTnBrf5iQWfewVs6wVg1wcNUiS18pkuAqr8rNuJmBucwtlQCnO9aRNUjlPB1hcG7ayZWEZrwl6yeiLfrS7j4233I7cDBjTHkLmsOiqAgUzMeLnm2un8e9GOg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153e0383a35569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/css/edk.126.126.woff

172.67.170.1

200 OK

39 kB

URL GET HTTP/3
yeniy4.com/css/edk.126.126.woff
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
Web Open Font Format, CFF, length 38872, version 1.0\012- data
Size
39 kB (38872 bytes)
Hash
65b6f6d431921e83f59476161dcc6b50
e667ed647e5c2562f29c3de02a524562e81166a7
78e78c58a6dab82f460252e9a0dcdcb5d0c0eb2f2307998764dea1dc1796a4f0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /css/edk.126.126.woff HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: font/woff
last-modified: Thu, 24 Aug 2023 14:04:04 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUACELyjofVZVeuL%2Bbtb1wh%2FG88WdUQlN4nH0XbBumwK2JS1EHanEJcvRsVueq1L3ujkkWbRiIOkIDlY7VuEPz%2FyjblCGSwTE5HTyUUIYpcaQrsyYHmi%2BcgkIJ78"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153e0285c8a569c-OSL
alt-svc: h3=":443"; ma=86400

POST yeniy4.com/veri.php?ip=91.90.42.154

172.67.170.1

200 OK

0 B

URL POST HTTP/3
yeniy4.com/veri.php?ip=91.90.42.154
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

POST /veri.php?ip=91.90.42.154 HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://yeniy4.com
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxLkO99%2F0amGUNOUj6bcWgE6%2FEiQvy%2F0mJQgWnNs8HT%2F0cAm2XDrx7VnGkzWXVb%2F%2B1xFMftQl%2Bdxv%2FqCJVW6WJ8YzbKYGRYtwm%2FeW5S5u4XYT%2BkdCgvDCJltKs5q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153e028ac9a569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

POST yeniy4.com/veri.php?ip=91.90.42.154

172.67.170.1

200 OK

0 B

URL POST HTTP/3
yeniy4.com/veri.php?ip=91.90.42.154
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

POST /veri.php?ip=91.90.42.154 HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://yeniy4.com
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7mDvgecw4ruhp1u0dn7tRybsbXLB%2FmhZMrNM%2FfFiv0NoaEiCpip7BlOeqBlK0vg2HL%2FZmurQS3B1u0ZhGZpjzEFzDOAJjOwHr%2FUt1maGBjTLn4U%2FXj5wAHrmKeF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153e047deee569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

POST yeniy4.com/veri.php?ip=91.90.42.154

172.67.170.1

200 OK

0 B

URL POST HTTP/3
yeniy4.com/veri.php?ip=91.90.42.154
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

POST /veri.php?ip=91.90.42.154 HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://yeniy4.com
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCuN12tW4tOl4I8VIW5bQrJuAdihNXu77fCE4Xr7LT5CZ2RyVJIJH3%2FpJmpOhuuIu9uJ5XHd%2BG3s8Nm0PK6u6IH9Yh7kJXuS96NGfoB2hJlRctXqqZeTKwaoh4Ie"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153e0671833569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

20 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint73:C0:B4:AB:41:0A:6A:68:D4:AE:EE:E2:11:A4:38:23:EF:D2:86:B7
ValidityMon, 18 Sep 2023 08:25:07 GMT - Mon, 11 Dec 2023 08:25:06 GMT

File type
ASCII text
Size
20 kB (19926 bytes)
Hash
014a1b4efd3551a6a0a0f9bca2bff9e7
ba63fbc0524f4cb8cf0ac4829f64cba589855689
d0e54da84299131264a9197701b4755cba9e3de41914afae6717030c499b47e0

HTTP Headers

GET /css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&amp;display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 13 Oct 2023 01:40:37 GMT
date: Fri, 13 Oct 2023 01:40:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

142.250.74.106

200 OK

33 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint73:C0:B4:AB:41:0A:6A:68:D4:AE:EE:E2:11:A4:38:23:EF:D2:86:B7
ValidityMon, 18 Sep 2023 08:25:07 GMT - Mon, 11 Dec 2023 08:25:06 GMT

File type
ASCII text
Size
33 kB (33162 bytes)
Hash
2de3cdaa3b91ce1e4cab3d2189e7e166
c8c3a7e9f035990cef3a6061ac4063df21cb4afb
df3f46edd3dc78e34e7b8df01b494936e06e68f1566df5666d3a9e502b040b27

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&amp;display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 13 Oct 2023 01:40:37 GMT
date: Fri, 13 Oct 2023 01:40:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET yeniy4.com/

172.67.170.1

200 OK

12 kB

URL User Request GET HTTP/2
yeniy4.com/
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type

Size
12 kB (12093 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET / HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI41Dd8EpgndN5cdVw6JZjwla3im6uoYmEJb%2F2jXhdlZHbj6T1fYCHgNQ3qM6wo8kgok54Xf6kyvfpMcNTrYwRfmePJ47kP4PvqVkXFLvDY6NUkH2xM3FadVFfJ7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153e0234e41b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST yeniy4.com/veri.php?ip=91.90.42.154

172.67.170.1

200 OK

0 B

URL POST HTTP/3
yeniy4.com/veri.php?ip=91.90.42.154
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

POST /veri.php?ip=91.90.42.154 HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://yeniy4.com
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkX2nnGj429SOXzp9IYYqaqZWCkXlKya2g%2Fz2RAm6wTEdZ%2BRGG2PFzU6UbfA21tstMKtFrIJTkbCX5vbdnUjtEdFbJuzOSBvJh21lAMmSXVerl%2FQHXXtMuuHUwqj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153e076bc6c569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/css/style.css

172.67.170.1

200 OK

150 kB

URL GET HTTP/3
yeniy4.com/css/style.css
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type

Size
150 kB (149510 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /css/style.css HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: text/css
last-modified: Thu, 24 Aug 2023 14:04:06 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZyr2W51Bhv9DR%2FERgDOrFq9OW2iIZ6%2B8NXip6bc%2FHr2iYoyGrHcEohRWznpp1WBYRWO10DT5l0jRuJZjNh7q%2FBAmMkmasPDJ74%2BHuXJDsNsbwmvvUl%2F%2FMGMG8%2BQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153e0254b7a569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/edkkds.svg

172.67.170.1

200 OK

8.7 kB

URL GET HTTP/3
yeniy4.com/images/edkkds.svg
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (8800), with no line terminators
Size
8.7 kB (8746 bytes)
Hash
8e64c3f3a7c9d6ae7fc5b160ae557f46
a4e60b7e03393e230f7d6091d831f1c0878c659b
0e8c563883ec41151b10ec8b533b02f289531175e5ca2a816bc495edd38a6114

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/edkkds.svg HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:37 GMT
content-type: image/svg+xml
last-modified: Thu, 24 Aug 2023 14:04:07 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lK7De3cDu9jNbqjHBQ2ciyaOck%2Bk%2F0j10LZVwaiPDL%2BqZVmHYqOuL14%2FsttjEE5bOQpECl14KbAxK%2Fc2FjiUi6kzJV9m1APv%2BMrcE9sgAKojFh9M%2FWTKT8RBjflk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153e0285c88569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET yeniy4.com/images/banks/favicon-196x196.png

172.67.170.1

404 Not Found

315 B

URL GET HTTP/3
yeniy4.com/images/banks/favicon-196x196.png
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

GET /images/banks/favicon-196x196.png HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 13 Oct 2023 01:40:38 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FyS7z%2FEhTy%2BvZD5MJ7S1zp94rDokUv8hw%2Fw%2F38guiM%2BGJFUb42RqjcntndSgYTJ%2BWr30BVn47%2FMIFaHPQTlLRZvHcqkIdSe9iTSfAqQhFPYEnO8pIDApYh6cAW9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8153e029ecdc569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

POST yeniy4.com/veri.php?ip=91.90.42.154

172.67.170.1

200 OK

0 B

URL POST HTTP/3
yeniy4.com/veri.php?ip=91.90.42.154
IP
172.67.170.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://yeniy4.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectyeniy4.com
Fingerprint9F:FC:51:C6:F8:47:4D:3C:6A:E2:D7:F8:C5:0E:BB:EA:C4:11:0E:31
ValidityTue, 19 Sep 2023 11:46:54 GMT - Mon, 18 Dec 2023 11:46:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Government of Turkey

HTTP Headers

POST /veri.php?ip=91.90.42.154 HTTP/1.1
Host: yeniy4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://yeniy4.com
DNT: 1
Connection: keep-alive
Referer: https://yeniy4.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Fri, 13 Oct 2023 01:40:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOw4m%2BQF2PzaFzQz1aWZfVRwI2MN8Ae0DvmcvYoMtRDFosTRoCEc1q2RRxxvYSNPlvjJ0VzltcX16y7bekUMr6GOsn4yqBMhM5h5xCmwN8NRwQguSbWKVBtHyZQZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8153e0577b0a569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (45)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections