| trguncelhaberlist.xyz/modules/notifier/global.js?1713193742 | 172.67.146.45 | 200 OK | 5.4 kB |
URL GET HTTP/3trguncelhaberlist.xyz/modules/notifier/global.js?1713193742 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeJavaScript source, ASCII text, with very long lines (15786), with no line terminators Hash0a2b52075f8a54124b35dc9126c92726 6331ac8ad9f2e2e5b61ab5ff7d367d2e675fa569 5b173d5b8df9e717103f557caf42b46e3e29fe9eb529e413fd8704b402be5f8f
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /modules/notifier/global.js?1713193742 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 15:09:02 GMT
etag: W/"661d430e-3daa"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2BqFyDlrD%2BebIJ%2F8YE%2F9rqFfuEXb0g0GiqcxV72ibFVDfYRd8jBFSMkbVrn33nl%2FxAu9ozdC6getSflN24wj61OI6wWoHioNT58K8xW5FnhOxyd29e4N7fyhLaJ7PKesdyk9yTC0GFU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba8f5f016dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/modules/letsencrypt/global.css?1713193990 | 172.67.146.45 | 200 OK | 301 B |
URL GET HTTP/3trguncelhaberlist.xyz/modules/letsencrypt/global.css?1713193990 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
Hash50186bab48df0fb765c5e62893fcf211 5dafe8f3b22fbb0776758d7ab6c81b47c68d119a f1b7502665bd7cb890a9d0d3f7d0aa377b7adfbb03f9f8101a2aca3cfa3532fc
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /modules/letsencrypt/global.css?1713193990 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: text/css
last-modified: Mon, 15 Apr 2024 15:13:10 GMT
etag: W/"661d4406-2a4"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FmbANzq8rUznHnGP0LNDPlJvXhvsGJ65u%2FaExgy9PzPROIGiiTSmvlrpDoW4%2B3CiqyiqC911UC0HI7yzezTC%2FZ2v6ejz4MXWadiGPF%2BJxF1EyWeX4Ss%2F4%2FIfZvLfZkKPlJIFzVZx3Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba8f5eed6dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5 | 172.67.146.45 | 200 OK | 60 kB |
URL GET HTTP/3trguncelhaberlist.xyz/ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 59600, version 1.0 Hashe78dce533ecee30c5efd812bb23c248d 87d988c2f0343952ccded7c17b000e33db6f3d15 03e2544599e5a06566b2579f82ac6e445b724435fccb1f3e8988e58f45b1fc5e
GET /ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/ui-library/plesk-ui-library.css?1711700501
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:03 GMT
content-type: font/woff2
content-length: 59600
last-modified: Fri, 29 Mar 2024 08:21:41 GMT
etag: "66067a15-e8d0"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZEzDLsCw%2BMjQgGpsFj5JErFsEJrpByAbgaAPMepgZzkjasqzJX69siQl7FXQGBSg4ZEPMDoTnVwjfbcvU1LcjadgIarj%2BoflyqlBQ4Xk%2FxO5Vkz4ljFvWDqg4osu6V5CX3dqQuJRhs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba94da336dee-CPH
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/cp/javascript/externals/prototype.js?1711559509 | 172.67.146.45 | 200 OK | 92 kB |
URL GET HTTP/3trguncelhaberlist.xyz/cp/javascript/externals/prototype.js?1711559509 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeJavaScript source, ASCII text, with very long lines (60990) Hashf3c2df5ad4d5eac8e02d5df6618a2d58 e53c366f0366c90451b434bef2dd7fe17a46f05b 1b1b65cf1903477b6bcdc0cba93312b89e77b83c4b62b93a1c6f7dd6cfedad49
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /cp/javascript/externals/prototype.js?1711559509 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 17:11:49 GMT
etag: W/"66045355-17b93"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZKBXsQP6ZqHM8yUv83wZAJiaYMLih01ddedyddQZA3WtpjuSNbspZNeLM5x9sM3%2FizmttMAwBAdIWwJfkTO169tyh39GprAo6oqHlwvLFjLARN1hInDmoQz%2BHTuI11NP%2Fjq39jThN9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba8f5eee6dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/cp/javascript/vendors.js?1711559509 | 172.67.146.45 | 200 OK | 432 kB |
URL GET HTTP/3trguncelhaberlist.xyz/cp/javascript/vendors.js?1711559509 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators Size432 kB (432397 bytes) Hash436b67dd36af91824980de3149b78e36 c901614a6f87256b7be9eed19dff1f3edc6595cb 79ce5c1bbe3d6039a69a26afd3716b5039b1be71d430738865dbbe1cff7423bf
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /cp/javascript/vendors.js?1711559509 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 17:11:49 GMT
etag: W/"66045355-18c53e"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GEv1tEnKsbstFwQk1qASIt2Thc%2FqdJ363JKSp0cVOjlle7dslj4jqDAo4QJhS7m1tSFPzQbAz3iTkhYDxUQTMJ8cPdgxyXgVPEGHmCktub9dOvuDDprnpGUjy7m3TfSLOrQPiom%2BmKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba8f5ef46dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/images/apple-touch-icon.png?1711650842 | 172.67.146.45 | 200 OK | 4.5 kB |
URL GET HTTP/3trguncelhaberlist.xyz/images/apple-touch-icon.png?1711650842 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hashebbd61fb584cc8ae62ffa726070c952f 7aefbffc866e859207b23f736faeac97f51414e6 b23ec702f16e22329aa8d8a74cede38c886e609acd467517a004439cbbb1da1c
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /images/apple-touch-icon.png?1711650842 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:04 GMT
content-type: image/png
content-length: 4528
last-modified: Thu, 28 Mar 2024 18:34:02 GMT
etag: "6605b81a-11b0"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LuMVnDbWXTm1ZG%2BPMDvrxS6IY8jRF2Xsb%2BVhbPzC6iNCEU9VAr7HoRb7NgH7h4tK7MaTQpd291q1doWwXjI7%2BJLZe0vY9wbe%2BisIQtESrK769UKPYs7IBiCV650PxbQ2UcCEu57wAxc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba971f1b6dee-CPH
alt-svc: h3=":443"; ma=86400
|
|
| firehose.us-west-2.amazonaws.com/ | 35.89.72.0 | 200 OK | 245 B |
URL OPTIONS HTTP/1.1firehose.us-west-2.amazonaws.com/ IP35.89.72.0:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerAmazon Subjectfirehose.us-west-2.amazonaws.com FingerprintC8:0B:E8:54:5E:CA:79:A8:22:9F:A6:5F:7B:32:42:88:60:0E:FF:7A ValidityMon, 26 Feb 2024 00:00:00 GMT - Sun, 16 Feb 2025 23:59:59 GMT
Hash1ce34768b4f2d3da4b840225cff4737b 04ead58b2e78c750bb17154d75372d640a8e0792 9184fcb88a58c1548dccd3c4101fce5cca1455b5dd1fb300a7cc58373f9e5e2f
POST / HTTP/1.1
Host: firehose.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Amz-User-Agent: aws-sdk-js/2.1584.0 callback
Content-Type: application/x-amz-json-1.1
X-Amz-Target: Firehose_20150804.PutRecord
X-Amz-Content-Sha256: 53abacb88de74e8f55eb8ad281446a07ea92ba3b5590304a34a76825c1e5c7a8
X-Amz-Date: 20240417T161803Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIAR4YEYRJLZOCG766Q/20240417/us-west-2/firehose/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=40f45743eae135a178361f94e0c471edb3fca8f30880a77a8ce22093c0639efc
Content-Length: 218
Origin: https://trguncelhaberlist.xyz
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amzn-RequestId: c371f9ef-77e1-635b-9de8-0193620401ad
Access-Control-Allow-Origin: *
Content-Encoding: gzip
x-amz-id-2: R9u9h/Bfi6dEh9Rw73337LgFIo93cLkSUfL5/Zo2LFgZ9UJt7z0MoYy3K6tjr5X1tClmcrpmqjagWvisjg59jct+7Y6BMabN
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Type: application/x-amz-json-1.1
Content-Length: 245
Date: Wed, 17 Apr 2024 16:18:03 GMT
|
|
| firehose.us-west-2.amazonaws.com/ | 35.89.72.0 | 200 OK | 20 B |
URL OPTIONS HTTP/1.1firehose.us-west-2.amazonaws.com/ IP35.89.72.0:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerAmazon Subjectfirehose.us-west-2.amazonaws.com FingerprintC8:0B:E8:54:5E:CA:79:A8:22:9F:A6:5F:7B:32:42:88:60:0E:FF:7A ValidityMon, 26 Feb 2024 00:00:00 GMT - Sun, 16 Feb 2025 23:59:59 GMT
File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Hash3970e82605c7d109bb348fc94e9eecc0 e03849ea786b9f7b28a35c17949e85a93eb1cff1 f5d031af01f137ae07fa71720fab94d16cc8a2a59868766002918b7c240f3967
OPTIONS / HTTP/1.1
Host: firehose.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Referer: https://trguncelhaberlist.xyz/
Origin: https://trguncelhaberlist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amzn-RequestId: f582fa63-df02-e910-ab1b-021fcae78be6
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 20
Date: Wed, 17 Apr 2024 16:18:04 GMT
|
|
| firehose.us-west-2.amazonaws.com/ | 35.89.72.0 | 200 OK | 244 B |
URL OPTIONS HTTP/1.1firehose.us-west-2.amazonaws.com/ IP35.89.72.0:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerAmazon Subjectfirehose.us-west-2.amazonaws.com FingerprintC8:0B:E8:54:5E:CA:79:A8:22:9F:A6:5F:7B:32:42:88:60:0E:FF:7A ValidityMon, 26 Feb 2024 00:00:00 GMT - Sun, 16 Feb 2025 23:59:59 GMT
Hash61832db3106c9c31011a86c5264373a5 3d0f7d3459ca8d66e3a5b2647ac222336edd26c3 892d1616eb75cd3ce6416264fbb3737ec2cd5ceb1ac9e2b903db5b4f6f0859da
POST / HTTP/1.1
Host: firehose.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Amz-User-Agent: aws-sdk-js/2.1584.0 callback
Content-Type: application/x-amz-json-1.1
X-Amz-Target: Firehose_20150804.PutRecord
X-Amz-Content-Sha256: 4ca6b766e48a7138e1292268ac18f079b86d82dbdb7bf35deee52f03ba4730d7
X-Amz-Date: 20240417T161804Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIAR4YEYRJLZOCG766Q/20240417/us-west-2/firehose/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=edd48e6770ae0fc3d56224782c2cdb1a815d5a7ee02e79e4b8d54eb8050e5935
Content-Length: 294
Origin: https://trguncelhaberlist.xyz
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amzn-RequestId: dfaaede7-c1eb-7cca-8133-159bd40e1e3c
Access-Control-Allow-Origin: *
Content-Encoding: gzip
x-amz-id-2: tHrwKALzSd9Lfrl1kOz9kQDAKHH3pTezsQtlMrlKJ+aAESbVh+C1xQtdu+9eR7YhjGD2o46U8zyvH3OJ6ssut2RG2plOUoeW
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Type: application/x-amz-json-1.1
Content-Length: 244
Date: Wed, 17 Apr 2024 16:18:04 GMT
|
|
| trguncelhaberlist.xyz/ui-library/plesk-ui-library.css?1711700501 | 172.67.146.45 | 200 OK | 40 kB |
URL GET HTTP/3trguncelhaberlist.xyz/ui-library/plesk-ui-library.css?1711700501 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashd94dd7db145f44f65eae8180c4f26be9 45c51109821973818b9f62714aa31f732d376720 725d6bd24e8569058ba7285f9a2b3f6bf36a3ad9f9e71d0ae1f66f9de589d534
GET /ui-library/plesk-ui-library.css?1711700501 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: text/css
last-modified: Fri, 29 Mar 2024 08:21:41 GMT
etag: W/"66067a15-2f830"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqeFLB4VT2NHgb%2F0HD7bD56TA847EX6vLElRcVU%2BKmxyKwv0eras0QHFubUD4aI8ZN1IWZf5phu8V%2BNFPsDd5UNB5geW%2BIFe5PDOjvODx4uM0s%2B%2BxYtQBEd%2Fke4AVijjARW7kSKQV3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba8f5ee06dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/cp/javascript/main.js?1711559509 | 172.67.146.45 | 200 OK | 158 kB |
URL GET HTTP/3trguncelhaberlist.xyz/cp/javascript/main.js?1711559509 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size158 kB (157975 bytes) Hash2c30480c621e234eacf931d67168a0ed 4664b0715c7e241dad04cd685c2157a8212149ec 26b8b9da53ed06dcd3ccec6be3378c7ab9a46ed452550da4224ea7b7ac4018fb
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /cp/javascript/main.js?1711559509 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 17:11:49 GMT
etag: W/"66045355-e30be"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLU%2Fy4%2Fxv5diBSIBKLQ2R8sS0qdU7h5%2FM13TtAp%2FOyVbrEIF0oLDbgfIsD11BmdXh6mlG7H0iTmpEBQJ2VnfVgdTxcjSMCnyaiGr9BganE9C3zWGDZ9rNpow6k%2BpWGuNOwsrh9RCB5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba8f5ef86dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/ui-library/plesk-ui-library.min.js?1711700501 | 172.67.146.45 | 200 OK | 151 kB |
URL GET HTTP/3trguncelhaberlist.xyz/ui-library/plesk-ui-library.min.js?1711700501 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeJavaScript source, ASCII text, with very long lines (23735) Size151 kB (151005 bytes) Hash2022b12538129324c89fc1385d57deac 80f9485ca99b3589aee7d4117585a52f1ae0b217 968d68224721b280133a62598aadae33b2cf905ad1ca3316e245d4cb71818a88
GET /ui-library/plesk-ui-library.min.js?1711700501 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 08:21:41 GMT
etag: W/"66067a15-7813f"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=damqe67nl9232FUz6E6%2FgHsW6%2FOXpRniEB3AS4w0Epc9CILDKgz2ZU%2BoMKhoWLuRPkmNoA99nLAWKEvuYw%2Fagzee%2FsdAbAqPCBaZV%2B3iSwPIVzXQw64ZqDlNUep2DRtmjo5gz9B2Rnc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba8f5ef06dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/modules/letsencrypt/global.js?1713193990 | 172.67.146.45 | 200 OK | 726 B |
URL GET HTTP/3trguncelhaberlist.xyz/modules/letsencrypt/global.js?1713193990 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeJavaScript source, ASCII text, with very long lines (745), with no line terminators Hash061b3ac4ba09f8096b22b5a0f30f67c8 59b40afce89e774b051eb197255b66aedc723510 88ec02c40660aeace16625aaa5a39e9d6539e470e1389caceb191e025a6aa39d
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /modules/letsencrypt/global.js?1713193990 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 15:13:10 GMT
etag: W/"661d4406-2d6"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGz4XzhTGmzwygun%2F4OSKLm2I%2BhMqJk84Wb%2FgSHtg8FhwWiKfdZEgCVf%2BbmbGIvtXxhjorl9g3YLMbslF2y0QYlIg0x%2Fhx%2B%2FmB7T5NVKF4CPWYaq5ic9s1aNy1A64HsdhvkKI3EG1Zo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba8f5f026dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/cp/theme/images/logos/plesk/logo.svg | 0.0.0.0 | | 0 B |
URL GET trguncelhaberlist.xyz/cp/theme/images/logos/plesk/logo.svg IP0.0.0.0:0
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /cp/theme/images/logos/plesk/logo.svg HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| trguncelhaberlist.xyz/cp/theme/images/logos/plesk/logo.svg | 172.67.146.45 | 200 OK | 2.7 kB |
URL GET HTTP/3trguncelhaberlist.xyz/cp/theme/images/logos/plesk/logo.svg IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeSVG Scalable Vector Graphics image Hashda72ae059c2d30d228788906b75bb33f 334b6c3b3f377f5193bff9a612aee63bc3bdbf58 3712d0b61a7c5cbe7cedbac13ec34e3bd0a2fbb07263bf365f64b359bdfd1f5a
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /cp/theme/images/logos/plesk/logo.svg HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:03 GMT
content-type: image/svg+xml
last-modified: Wed, 27 Mar 2024 17:11:49 GMT
etag: W/"66045355-aa8"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFCUsJ2Jv9mu01r%2B6%2Fx8vvg9bHEYv%2F7vs9dFAVUrp4zCNDtWGdHOEFMqUCfhR17nBsR%2FnbGrXLK29JGcaCXM0GvBj3uS065lYfnirhds3d3eRZhhhusgc3vnA6yffRemdBXtryg%2FSgc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba94ca186dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/ui-library/images/symbols.svg?74bb7981633207f7307bc8964423604e | 172.67.146.45 | 200 OK | 291 kB |
URL GET HTTP/3trguncelhaberlist.xyz/ui-library/images/symbols.svg?74bb7981633207f7307bc8964423604e IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeSVG Scalable Vector Graphics image Size291 kB (290811 bytes) Hashfe7309887bc78fe6b3669959161e8256 ea3c4737b7caba08d74179b4485a68ff6af670e8 0bcf4e14e4dc3d5ef81ce75db73ba4e255e67b56003cc7b0d83b809190f1949d
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /ui-library/images/symbols.svg?74bb7981633207f7307bc8964423604e HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:03 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Mar 2024 08:21:41 GMT
etag: W/"66067a15-46ffb"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3pEkZSR5JLT2gkwv1PZxXnOTCMwTprWR7QtHsabAPSkwTILxE1debQrMKExLHGOq2N2K5ilJGYDRDReNOQjqjw3I9LYLH0oG5EWobcYPjyVYqbG7mKHmh81bB4qrExG0wkwX92xqXGY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba94ca1c6dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd | 172.67.146.45 | 200 OK | 62 kB |
URL GET HTTP/3trguncelhaberlist.xyz/ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 61548, version 1.0 Hashe9681ca3d29d814a5621d4764dd1a11e bbda68459fc0531b915bdf9e524ecc8f782db0aa 51f0bacf9e49a400a5a2947ef6b14127ef3241b0760d97721e0aedd7add66456
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/ui-library/plesk-ui-library.css?1711700501
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:03 GMT
content-type: font/woff2
content-length: 61548
last-modified: Fri, 29 Mar 2024 08:21:41 GMT
etag: "66067a15-f06c"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CwcMdHLa16E%2B0uxflEUmBJq5cit8YFHgxqPx5dBfttcxHkGS72DIQFX50X1lm1lwBdHn6ZOrOu%2Ff4XFREF02t9XqDejDJ5o%2FQNhbkBF4gqQ%2BM3ZhtB%2FiZT4BnvZC0u8mHo8ARwIzqgY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba94ca266dee-CPH
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/login.php | 172.67.146.45 | 303 See Other | 34 kB |
URL User Request GET HTTP/2trguncelhaberlist.xyz/login.php IP172.67.146.45:443
CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /login.php HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: text/html; charset=utf-8
location: https://trguncelhaberlist.xyz/login_up.php
expires: Fri, 28 May 1999 00:00:00 GMT
last-modified: Wed, 17 Apr 2024 16:18:02 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F63HJ78OJeHpMvAUbLuIBAqrKYvEMJJc6xv%2FFcuEqasrjuZ%2FLLbNTSLFlHDcdpddvGTYmqypnAg6VnI4rQajn8%2F1mJMCsp0%2BqCla6rstiSugHdoT34oMZnOpeN8KSO9psCkrg09zE10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dba8acffd9297-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| trguncelhaberlist.xyz/cp/theme/css/main.css?1711559509 | 172.67.146.45 | 200 OK | 367 kB |
URL GET HTTP/3trguncelhaberlist.xyz/cp/theme/css/main.css?1711559509 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size367 kB (366840 bytes) Hash701de0441988d217b16981f5e172758b e02ce28021a99d74b5bf215aad25cc5e9e9caa9c aff9871c864d3cf377b920f8fa3d5db2e7a2aa35dd08d3004fe3b3fc5012fdea
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /cp/theme/css/main.css?1711559509 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: text/css
last-modified: Wed, 27 Mar 2024 17:11:49 GMT
etag: W/"66045355-598f8"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=94Tr24qt1Pf0GaQtapVt5UBtvTSEkaovnAhW7co9FDd%2BBDlRGxfABkz9UZO9%2BobW1ZpYFe1Je5xPpmq5l2YQlS4r5W7q9lgycCSYLcNqblzIbKAjtKpzwvtV1WLR2fR4sx1VNYkPiwA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba8f5ee26dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/images/favicon.svg?1711650842 | 172.67.146.45 | 200 OK | 634 B |
URL GET HTTP/3trguncelhaberlist.xyz/images/favicon.svg?1711650842 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeSVG Scalable Vector Graphics image Hash179969d47b019d6a3bdbd937f330b158 02834e66c6dadb553a3c32977668b8a3feade20b 58a29e0a252290a2cf64c1d8d2621f71a40a0b8d95235c26c8364bc5f33eec4a
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /images/favicon.svg?1711650842 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:04 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Mar 2024 18:34:02 GMT
etag: W/"6605b81a-27a"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YGSFKAWslmXBrxtc1y%2Fr3iO%2F8GDVFwdHJXLtXioiMXqgEiN2YfXoP8hIa7FNTyvbjCStyK942U4Ae85dwHxmH1fAVNAdUj4CVRUqSxQyw16G8EL6ToRqJGybqg1qvZLmQVKrP9Le3NU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba971f1c6dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| sentry.io/api/1327420/envelope/?sentry_key=50365a6fe24f4ff28f6b625410e04a35&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.108.0 | 35.186.247.156 | 200 OK | 2 B |
URL POST HTTP/2sentry.io/api/1327420/envelope/?sentry_key=50365a6fe24f4ff28f6b625410e04a35&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.108.0 IP35.186.247.156:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerDigiCert Inc Subjectsentry.io Fingerprint18:3C:11:53:56:65:8B:09:02:F1:6B:26:E3:C2:C9:37:E0:E8:72:98 ValidityTue, 08 Aug 2023 00:00:00 GMT - Sat, 07 Sep 2024 23:59:59 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1327420/envelope/?sentry_key=50365a6fe24f4ff28f6b625410e04a35&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.108.0 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://trguncelhaberlist.xyz/
Content-Type: text/plain;charset=UTF-8
Content-Length: 417
Origin: https://trguncelhaberlist.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 16:18:03 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| | 172.67.146.45 | 303 See Other | 34 kB |
URL User Request GET HTTP/2IP172.67.146.45:443
CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET / HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: text/html; charset=UTF-8
location: https://trguncelhaberlist.xyz/login.php
expires: Fri, 28 May 1999 00:00:00 GMT
last-modified: Wed, 17 Apr 2024 16:18:01 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zqPLfiLWqD5oZHrDVD2UfmXZVo2T8siRDL8JX3292q%2Fm3CbH0zFcgvT3pNF0KUptwUxcL%2B7VnsFZiQe0CDg4cIvXOdcDkSqnba%2Fs3hTNSJqsMUrFj%2FDYrqg2GFTY3hBJjY0Lej8sK%2BQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dba88ec839297-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| trguncelhaberlist.xyz/cp/javascript/externals/require.js?1711559509 | 172.67.146.45 | 200 OK | 18 kB |
URL GET HTTP/3trguncelhaberlist.xyz/cp/javascript/externals/require.js?1711559509 IP172.67.146.45:443
Requested byhttps://trguncelhaberlist.xyz/login_up.php CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
File typeJavaScript source, ASCII text, with very long lines (17560) Hash220acf7972072071438cc24778c255ff 590d02db4b7d2be0864a64efec3525e07a40e271 af09ac9bed074d089e213edb597d36acfe0ce46dfe9112f290776395fb61986d
GET /cp/javascript/externals/require.js?1711559509 HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trguncelhaberlist.xyz/login_up.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 17:11:49 GMT
etag: W/"66045355-4562"
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MvbjwMOlD2B3lUJ8HYD9e0let1B66Y41x5rnsjAonb6jq9MX454SCGL2N4P359CaHvnINN8TbGwSKXeshtu7d7Q2PZoslyp4M%2FZmn3VqzXvkhR2bmaTT9JNEzj8kmWJgfZTmHg8Y28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dba8f5efc6dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| trguncelhaberlist.xyz/login_up.php | 172.67.146.45 | 200 OK | 34 kB |
URL User Request GET HTTP/3trguncelhaberlist.xyz/login_up.php IP172.67.146.45:443
CertificateIssuerLet's Encrypt Subjecttrguncelhaberlist.xyz FingerprintBA:76:B5:20:60:85:40:68:0B:CE:69:65:92:A8:A6:11:C4:3C:CE:DE ValidityWed, 17 Apr 2024 02:08:52 GMT - Tue, 16 Jul 2024 02:08:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Government of Turkey |
GET /login_up.php HTTP/1.1
Host: trguncelhaberlist.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:18:02 GMT
content-type: text/html; charset=utf-8
expires: Fri, 28 May 1999 00:00:00 GMT
last-modified: Wed, 17 Apr 2024 16:18:02 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1hUDVG171HxKxcT716%2B%2BTpvUCZuyZOnvSoBS7ODaGtkM5QM8GaaJ7NFnKBvAg740vWCpMDiolxIeuTStk%2FADp4VrLdnnKz%2B2iXPW5CESU2evRry4gEAJ8eDZ1zR9EjbedObTwpfHmzc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dba8bf8296dee-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|