uclerilaclama.com/
31.169.94.14301 Moved Permanently 149 B IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7158f28316696ee86e1f1fb23ba642ef
bc41496c47005a49bc33ca1e1fcf3e4c24bce439
6dd61af234f17eb1784beba80456ce9e05a2d23660134c9e2019b28fe22b5347
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://uclerilaclama.com/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 29 Sep 2022 02:48:10 GMT
Content-Length: 149
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15531
Expires: Thu, 29 Sep 2022 07:07:06 GMT
Date: Thu, 29 Sep 2022 02:48:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 02:15:49 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UUOVkWUgIy5zy1932QRWo09SZ_RbKHGjqYuq4ifj0PzgPWuegT9HIA==
Age: 1946
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Il6P8hqgEWlq5Y_X5HsSaUFlFCgiYqJN3z8aFmg4SIPyuEZpgFNvnA==
age: 76789
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:48:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 02:29:34 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 02:32:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ejrvhI0Z9xajOD-rUfVoK6UwCDC9FK7sBvLVtKytG6wMYWXbA5pMNw==
Age: 1122
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2848
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:48:15 GMT
Last-Modified: Thu, 29 Sep 2022 02:00:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.213.140.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.140.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FV7joXo5oXGeui9hdLvdLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Jcq5vZviDYNSG4ya+57jN3R2X4Q=
uclerilaclama.com/
31.169.94.14200 OK 12 kB IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash dc7843a281da3f68911e89f6418e68fc
d17aa5ed0d1d59e15d6ac3ecc4eebfcf074a13d6
53586b2e55f28437eaafcbe51a97394f2597653db1c7c34a18ede204de50eef2
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
expires: Thu, 19 Nov 1981 08:52:00 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854; path=/
link: <https://uclerilaclama.com/wp-json/>; rel="https://api.w.org/", <https://uclerilaclama.com/wp-json/wp/v2/pages/62>; rel="alternate"; type="application/json", <https://uclerilaclama.com/>; rel=shortlink
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:12 GMT
content-length: 12181
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.0
31.169.94.14200 OK 432 B URL HTTP/2 uclerilaclama.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.0
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (815), with no line terminators
Hash 4fe0e5a22981b5bbac29bc0fb21f2bde
aa6db5c16bff7367461df92707358b31a796ed6c
20e00837ed71c965f0c30db75c6547f5a43796f6a5c7a57222cc8cb5eba4527e
GET /wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.0 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Mon, 26 Sep 2022 08:53:15 GMT
accept-ranges: bytes
etag: "8ef07f6a85d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 432
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Thu, 29 Sep 2022 03:31:23 GMT
Date: Thu, 29 Sep 2022 02:48:17 GMT
Connection: keep-alive
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/aviapopup/magnific-popup.css?ver=1
31.169.94.14200 OK 2.7 kB URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/aviapopup/magnific-popup.css?ver=1
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
Hash ece4026dab43930f2a10a7a92084b988
70fec3915e6e16510065f61323b07a1d553ca910
86317ac980858b7b4cf089efd1fef1ed3e10463afda60a9a474001f33e0a3d8f
GET /wp-content/themes/kurumsalulusalticaret/js/aviapopup/magnific-popup.css?ver=1 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:10:53 GMT
accept-ranges: bytes
etag: "f6a031653d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 2652
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Thu, 29 Sep 2022 03:31:23 GMT
Date: Thu, 29 Sep 2022 02:48:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Thu, 29 Sep 2022 03:31:23 GMT
Date: Thu, 29 Sep 2022 02:48:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Thu, 29 Sep 2022 03:31:23 GMT
Date: Thu, 29 Sep 2022 02:48:17 GMT
Connection: keep-alive
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/base.css?ver=2
31.169.94.14200 OK 5.5 kB URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/base.css?ver=2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (493)
Hash 9f0008b4ef5a708f8ce1f360b2899434
f10c14cb7a9834386b82ef33313fd3f417fea1aa
d9324d7afee43e2ec303cfcfdaaf1904a49b5273688be00521cf22bef9e0628d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kurumsalulusalticaret/css/base.css?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:35 GMT
accept-ranges: bytes
etag: "6aca94363d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 5465
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Thu, 29 Sep 2022 03:31:23 GMT
Date: Thu, 29 Sep 2022 02:48:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28799c10f9ea39af55c7003f4254cc60
523da6aeec4cc23897fe01b0bc8b5da254edb3a8
2d1640fbd1f61aee3f2be670b37eb06e20bb265f702a428fadb550a4b51d64ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9688
x-amzn-requestid: 68e9fd78-af17-4a8f-ad4b-6fe563ae94fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4JHF5IAMFSXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9a-603f13d3016d77fa2ca94492;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gIg0vR5I9vnA6Z7MJtTNaXn2TK8YeHWWcJEodiNJ6BEB7z7LUrcV1Q==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:56 GMT
age: 17001
etag: "523da6aeec4cc23897fe01b0bc8b5da254edb3a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 5568f81c-2f99-44bf-9bd8-f015c604c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMJlzFywoAMFamw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bc8b-1d335c5c536e895a19b5965f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:28:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2RLqacSoBXtv1i-6fRV9nejJ5tulXVJ-VsKVDvsMqAgPqXKWe_2cJw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:42:49 GMT
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
age: 14728
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ac86079d2901fb11bfaff81d91bb2d2
4fc0699c763f67a2602b4b3f46b8b4013d2049c6
8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3332
x-amzn-requestid: fb6cb616-5b4d-4aaf-a891-50b4de8b6f95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJ_6AGNYIAMFSHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333e03f-377fe02d1cc7ad2b3a15ca1a;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 05:48:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nJJZxZlapt4k5988yU-V94pBBH2SmfSZ0Zb_oJXA07mppg0lF04wLg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 17:18:10 GMT
age: 34207
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0734a230-932d-4bc0-bc12-9177b543b103.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0734a230-932d-4bc0-bc12-9177b543b103.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eece069cebb7039dbba50ec1cd73daab
4a35c50b5b16779582a75078b6df090892358d3b
41ad701a8ea3dcbfc38cb0701f3b24a6b833f6b1197014e10530c40496b6a13c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0734a230-932d-4bc0-bc12-9177b543b103.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5222
x-amzn-requestid: cb2849d8-9579-42c1-84c9-e59700104aba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKaUGnAoAMFrTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bddb-3649a45539964e985ee41911;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: v1EEfyICGujupCV26P4JAgnY-NHtvFVVWwxA0PNLs-Ky-FuR0TTDOA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 17871
etag: "4a35c50b5b16779582a75078b6df090892358d3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dyDhatfeYzzSQpRY7JpOIu3VhjlI8IOWcKCLCBWYaxJ1CYgCxqdQjA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:42 GMT
age: 17915
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdb677db-4158-4190-afa5-c7e93c0604d3.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdb677db-4158-4190-afa5-c7e93c0604d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfaeb2d7a9c2bcf18210ea632eef1863
f698793f7ac8acb44d968fd884e87409f8e25507
0f9d0a861e5893bed675b362153cb172a8431f39726f67f0ac18e8ee27b30738
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdb677db-4158-4190-afa5-c7e93c0604d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: 65987361-599d-4945-a48a-e3be96b49af4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKaJHOzIAMFmMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bdda-1efbd69273170b124b4f7799;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SEn__0eLKKLbDG_gcfoEQFGnqOEHPoKl-U1mDy0JvAr0ljzG5GWnZQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 17871
etag: "f698793f7ac8acb44d968fd884e87409f8e25507"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
uclerilaclama.com/wp-includes/css/dashicons.min.css?ver=6.0.2
31.169.94.14200 OK 37 kB URL HTTP/2 uclerilaclama.com/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (58981)
Hash f78a02b0f6bff5a88729d7d0de68b6e6
a1b8d2435f9451e64592c4d879b35d1bc3462767
acd15b271ccd48a46077f74c8f7a215ce3923f1e33662a53f2562e3cee70a27f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:38 GMT
accept-ranges: bytes
etag: "23311dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 36934
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/layout.css?ver=2
31.169.94.14200 OK 31 kB URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/layout.css?ver=2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (320)
Hash 3e560b09af8f1b7c15946252e780d3ee
7c91f7852b1bd8d31bc6bd473f9b96c35d02a577
0c3405853f2427bb1c36692e00e9688280ef1154b169244c0b0c2c4de680266c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kurumsalulusalticaret/css/layout.css?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:36 GMT
accept-ranges: bytes
etag: "99752373d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 30699
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/uploads/dynamic_avia/ut_kurumsal_profesyonel_kurumsal_tema.css?ver=61cd9288a5745
31.169.94.14200 OK 39 kB URL HTTP/2 uclerilaclama.com/wp-content/uploads/dynamic_avia/ut_kurumsal_profesyonel_kurumsal_tema.css?ver=61cd9288a5745
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (65536), with no line terminators
Hash 453a2b4e181600cd3b36d6bf945c1bc4
ef087ccae0648fc50e41a6452daa02ae226e7b51
417c359b21dffec8f7162db03d6ecc2f2cbc6984753590c71e0e9ca554fb09a1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/dynamic_avia/ut_kurumsal_profesyonel_kurumsal_tema.css?ver=61cd9288a5745 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Thu, 30 Dec 2021 11:05:44 GMT
accept-ranges: bytes
etag: "6f607316dfdd71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 38783
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/grid.css?ver=2
31.169.94.14200 OK 2.4 kB URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/grid.css?ver=2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
Hash 66ba4c2895a650f6562b080e32941b93
457c72b024710a9099d1e4c19b88569b392084b0
f06984fae5acad0091afe49d01e09e185ac1f2cbf07f4222a624495335a6787f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kurumsalulusalticaret/css/grid.css?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:35 GMT
accept-ranges: bytes
etag: "95a8b8363d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 2372
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/custom.css?ver=2
31.169.94.14200 OK 393 B URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/custom.css?ver=2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
Hash ba6aa2b9960616ee1f48cc92e47dab73
b41d5e73519d50ff34ae4f50b83181d2f5cb5dfc
2151079e1fd9085fbe0215ae087282251e9dfa5dbe3e28a99f2dad918a465b90
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kurumsalulusalticaret/css/custom.css?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:35 GMT
accept-ranges: bytes
etag: "2ea28d363d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 393
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/shortcodes.css?ver=2
31.169.94.14200 OK 50 kB URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/shortcodes.css?ver=2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (1454)
Hash 923f33c62e7e41c99b0ae56d0182547a
ad90957f2e1cb856203320f0f5264140137ba3ae
fb99f579ebbe6c1a18d3716983c463939ef290bfbaa6ae800d0c1ee25c6c7e5e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kurumsalulusalticaret/css/shortcodes.css?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:36 GMT
accept-ranges: bytes
etag: "49766373d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 49767
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/mediaelement/skin-1/mediaelementplayer.css?ver=1
31.169.94.14200 OK 5.6 kB URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/mediaelement/skin-1/mediaelementplayer.css?ver=1
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
Hash 4c962c4387a6c9927318c8c905059cd6
f3938c652004f1e68689e6335c9552f54a621553
af2188feff2be3febb97414a67edf8ac77a8d0a27937ac936c689b2050804d56
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kurumsalulusalticaret/js/mediaelement/skin-1/mediaelementplayer.css?ver=1 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:12:03 GMT
accept-ranges: bytes
etag: "fa8def8e3d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 5593
X-Firefox-Spdy: h2
uclerilaclama.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
31.169.94.14200 OK 31 kB URL HTTP/2 uclerilaclama.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (65447)
Hash a8a97fc5f9e91d5a2b04880dca969a1c
bcd75f947baa777646f3fce0a72d2f79fa359050
8fc30820552ce8cf176059992e07bc60b58eb0d4b8fb049b61197d7eed7de211
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "80c968dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 30896
X-Firefox-Spdy: h2
uclerilaclama.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
31.169.94.14200 OK 4.2 kB URL HTTP/2 uclerilaclama.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (11126)
Hash 590a9c263938cc421936b863a02ef22c
2db3958cf8ab92b0a53e9a6f1ab334008b5685a9
3ddf8088fd0862cfa38a70dc1aa0b5e39db6454f2c97891eb1daf03fc50887d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "80c968dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 4165
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia-compat.js?ver=2
31.169.94.14200 OK 641 B URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia-compat.js?ver=2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
Hash abecd1c44a5626b6ae576d8537faf0dd
763ea33c3bd626fc2d64797f36b5231412568b1d
a1a6c867019f4e866a73889c7fcd166e56307cc1c07925de3af73c291bbef73e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kurumsalulusalticaret/js/avia-compat.js?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:41 GMT
accept-ranges: bytes
etag: "7c5093a3d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 641
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/uploads/2017/11/uclerilaclamalogo-300x85.png
31.169.94.14200 OK 21 kB URL HTTP/2 uclerilaclama.com/wp-content/uploads/2017/11/uclerilaclamalogo-300x85.png
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type PNG image data, 300 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash c4828c7526bc02622928b3b3a0d3e4e2
51db6f84e399abb24374c5b0feead519748388d4
c3b7a2fa2f31e418cbdccf114d3eb0aed63a70a7ecabfea52e95676e41297cdd
GET /wp-content/uploads/2017/11/uclerilaclamalogo-300x85.png HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 29 Nov 2017 18:15:43 GMT
accept-ranges: bytes
etag: "af21ed113e69d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 20937
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/uploads/2017/11/critter-get-ritter-6HexagonLogo-web-300x46.png
31.169.94.14200 OK 12 kB URL HTTP/2 uclerilaclama.com/wp-content/uploads/2017/11/critter-get-ritter-6HexagonLogo-web-300x46.png
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type PNG image data, 300 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 0dd04f3f9ae7b6c78522997b072a89ad
34bd2c41f9c7c5139ef3ea97741d00e8c8d901e2
a4a96abbe2efe4edfdb39562e00ba36b713065714eda188e589111631b2726eb
GET /wp-content/uploads/2017/11/critter-get-ritter-6HexagonLogo-web-300x46.png HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 29 Nov 2017 19:00:09 GMT
accept-ranges: bytes
etag: "2aba51474469d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 11616
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/uploads/2017/11/kayseri-ilaclama-jel-ilaclama-300x208.jpg
31.169.94.14200 OK 10 kB URL HTTP/2 uclerilaclama.com/wp-content/uploads/2017/11/kayseri-ilaclama-jel-ilaclama-300x208.jpg
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 300x208, components 3\012- data
Hash 7877eab659c3370260ce601562c309b6
6878fafc47fcc05149149ec56be2132f2f857111
78b4795f090d0a35dd2ca60f4524ebdcdfdbecdef2314f9184ad57cb0ad66a56
GET /wp-content/uploads/2017/11/kayseri-ilaclama-jel-ilaclama-300x208.jpg HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 11 Jan 2020 14:17:55 GMT
accept-ranges: bytes
etag: "499baaea89c8d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 10525
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/uploads/2017/11/kayseri-pire-ilaclama-300x286.gif
31.169.94.14200 OK 40 kB URL HTTP/2 uclerilaclama.com/wp-content/uploads/2017/11/kayseri-pire-ilaclama-300x286.gif
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type GIF image data, version 87a, 300 x 286\012- data
Hash 91603c983de90800e7ae0d1435d4e360
40588052947fc2990fd1435b0a28993d7b467ce0
2b8a1ce11cc65d46af9bcc711092fc921b7680e840fbd1f54c839a5916051d6d
GET /wp-content/uploads/2017/11/kayseri-pire-ilaclama-300x286.gif HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
last-modified: Sat, 11 Jan 2020 14:23:44 GMT
accept-ranges: bytes
etag: "98fcfba8ac8d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 39662
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/uploads/2017/11/kayseri-hamambocegi-ilaclama-300x169.jpg
31.169.94.14200 OK 7.3 kB URL HTTP/2 uclerilaclama.com/wp-content/uploads/2017/11/kayseri-hamambocegi-ilaclama-300x169.jpg
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 300x169, components 3\012- data
Hash f413a24c8a6eaa322299d87a1f0f2477
1a7b3a7b7994b31262195446d46b4721a75fb429
fa2d24c91a1a4250def72c50a67a1ec9bb200419ee08f7f35eb3664b3158ce4d
GET /wp-content/uploads/2017/11/kayseri-hamambocegi-ilaclama-300x169.jpg HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 11 Jan 2020 14:26:13 GMT
accept-ranges: bytes
etag: "ddb8fd138bc8d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 7345
X-Firefox-Spdy: h2
uclerilaclama.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
31.169.94.14200 OK 21 kB URL HTTP/2 uclerilaclama.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (43771)
Hash d4dfc7103119f66721e0a5c2fccef07e
9616e53f7a229ffde2dd99ea8b0f4d9f1eaade90
c43926a8c7edaf1a51cffed039900c7f1d76c570d6c300eef201671e383f7d17
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:38 GMT
accept-ranges: bytes
etag: "d61cddfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 21064
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/uploads/2017/11/who_we_img-300x290.jpg
31.169.94.14200 OK 18 kB URL HTTP/2 uclerilaclama.com/wp-content/uploads/2017/11/who_we_img-300x290.jpg
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 300x290, components 3\012- data
Hash 50158a8388840b6fe9d1e3bca5631d47
18e5195b10834f2c77810fc7200020ed223ceea6
d93e455ede3a571521d7358b7a0812a1ca7665ce82e45ad538721e6ff4a302c8
GET /wp-content/uploads/2017/11/who_we_img-300x290.jpg HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 06 Jan 2020 08:10:22 GMT
accept-ranges: bytes
etag: "a53566be68c4d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 18125
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia.js?ver=3
31.169.94.14200 OK 29 kB URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia.js?ver=3
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type Unicode text, UTF-8 text, with very long lines (8713)
Hash 0295b1c00d2bc28689b7b849dfceb3e9
66515ed038f9339ef7a730195609a4449b69bc33
e65f298582fc885cfd01dd5f2909d038ec325e722cb03cc3b8532db4eae2e95d
GET /wp-content/themes/kurumsalulusalticaret/js/avia.js?ver=3 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 29 Nov 2017 18:09:41 GMT
accept-ranges: bytes
etag: "80a0f2393d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 28825
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/shortcodes.js?ver=3
31.169.94.14200 OK 31 kB URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/shortcodes.js?ver=3
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
Hash 87c8fb8348245ed3c4bcf8960ad96347
d41127ec2aca3f63f35a44fcf89a933cd01d633e
59b5a5abfff32937eba6e75a0175760f7e249f81d7f5b78e3197a2122588b544
GET /wp-content/themes/kurumsalulusalticaret/js/shortcodes.js?ver=3 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 29 Nov 2017 18:09:42 GMT
accept-ranges: bytes
etag: "0378b3a3d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 31172
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/uploads/2017/11/kayseriilaclama-ucler-ilaclama-fare-ilaclama-300x300.jpg
31.169.94.14200 OK 10 kB URL HTTP/2 uclerilaclama.com/wp-content/uploads/2017/11/kayseriilaclama-ucler-ilaclama-fare-ilaclama-300x300.jpg
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash 2adc7b2d8c209b1d583cd0b159983312
ea7c17743680b3aadfab9028996313b7517c8577
90840b7ecd71c695d2e662f7bb1887802055b5d2691d90d65c8a7ce7ef738b6e
GET /wp-content/uploads/2017/11/kayseriilaclama-ucler-ilaclama-fare-ilaclama-300x300.jpg HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 11 Jan 2020 14:22:49 GMT
accept-ranges: bytes
etag: "a96f219a8ac8d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 10218
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/aviapopup/jquery.magnific-popup.min.js?ver=2
31.169.94.14200 OK 7.6 kB URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/aviapopup/jquery.magnific-popup.min.js?ver=2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (20818)
Hash ea39864c04f0473859626da082abd186
b493f46826ada10ddbeb6a9a7a6d34311e2919aa
5cffc9b4483f6a87fe9b26b05ed7b7233caf9b71df25592929769fbb7944a691
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kurumsalulusalticaret/js/aviapopup/jquery.magnific-popup.min.js?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 29 Nov 2017 18:10:53 GMT
accept-ranges: bytes
etag: "80f4dc643d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 7591
X-Firefox-Spdy: h2
uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
31.169.94.14200 OK 39 kB URL HTTP/2 uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (65266)
Hash 3d15488ae611e0a10a520cab430764a7
d8bb5fc7ad8cfe7b1911702001b3593cd628a5e4
f46d1e1a7295e3e7c019bb19b08017f788c62b6c2faccc7f8c95897bb2332d7b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "80c968dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 38593
X-Firefox-Spdy: h2
uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2
31.169.94.14200 OK 634 B URL HTTP/2 uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (1191), with no line terminators
Hash 3ef722cb0624a7cd044a3179b55b6e60
529571141c40f6625cdff5481e7b7da0974c303a
97744b7e0f69199f4b1c943c392e715b3ab2e1d1034417495b5291de8596e74f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "79dbe3dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 634
X-Firefox-Spdy: h2
uclerilaclama.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2
31.169.94.14200 OK 552 B URL HTTP/2 uclerilaclama.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash 0c2b4b8d9de4e13c50c60e0ae5ae9a88
60ca6908a59b62ebe718bf8064fce069729878b3
53b9d35b861f85323cd76aa8eab8d17400cfd4ea59382b27b19781da9ac1ea14
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "e2d5e8dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 552
X-Firefox-Spdy: h2
uclerilaclama.com/wp-includes/js/comment-reply.min.js?ver=6.0.2
31.169.94.14200 OK 1.5 kB URL HTTP/2 uclerilaclama.com/wp-includes/js/comment-reply.min.js?ver=6.0.2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (2946)
Hash 59afbd08a33ecd2045162ef72db35209
e079c653437f87e5e29ceaa960ff9882cc9a62f0
2b87580330a35712da63832e95b667622badfe0e9fc182aa312168f024d88ce5
GET /wp-includes/js/comment-reply.min.js?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "a24a71dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 1542
X-Firefox-Spdy: h2
uclerilaclama.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
31.169.94.14200 OK 6.7 kB URL HTTP/2 uclerilaclama.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with very long lines (15660)
Hash 403b857ed5e4f3b2daf7300768078928
bc8033dfdb036b3cb0d688d0cf5226fa44cc740a
af3ef8b999639e443a7e5a022a5bb10de3cd87fa87eec6f9e3b59093d1518f83
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:40 GMT
accept-ranges: bytes
etag: "9029e0b2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 6688
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/print.css?ver=1
31.169.94.14200 OK 2.1 kB URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/print.css?ver=1
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type ASCII text, with CRLF line terminators
Hash efca6b281b3276c12c1b47a95bae4895
57de0127c12fad9c65bf8a018d8dc30dceeba01e
58f4d884b7e446436b86c1210338932dc7e82275ed95b523b05b353ce664dfd2
GET /wp-content/themes/kurumsalulusalticaret/css/print.css?ver=1 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:35 GMT
accept-ranges: bytes
etag: "b693e1363d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 2148
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/images/background-images/diagonal-bold-dark.png
31.169.94.14200 OK 165 B URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/images/background-images/diagonal-bold-dark.png
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type PNG image data, 135 x 135, 1-bit colormap, non-interlaced\012- data
Hash 4aa61cbe68567297637b5662acbea570
850148ef685ded5e25cf34c189ee6766d3163759
7b5d544a6e7cda5387f0595a77daf5c5f0bf3a891b5871b1bf25ab3ebb839c05
GET /wp-content/themes/kurumsalulusalticaret/images/background-images/diagonal-bold-dark.png HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/wp-content/uploads/dynamic_avia/ut_kurumsal_profesyonel_kurumsal_tema.css?ver=61cd9288a5745
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 29 Nov 2017 18:10:37 GMT
accept-ranges: bytes
etag: "b313a15b3d69d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 165
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3
31.169.94.14200 OK 31 kB URL HTTP/2 uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type Web Open Font Format, TrueType, length 30804, version 1.0\012- data
Hash a1aeb367498d7280cd2246f4974e988a
57058b69ea614e2bdee874e882a92c4f32058c4d
75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kurumsalulusalticaret/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/x-woff
last-modified: Wed, 29 Nov 2017 18:12:32 GMT
accept-ranges: bytes
etag: "b3fe59a03d69d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 30804
X-Firefox-Spdy: h2
uclerilaclama.com/wp-content/uploads/2017/11/uclerilaclamakayseri.jpg
31.169.94.14200 OK 608 kB URL HTTP/2 uclerilaclama.com/wp-content/uploads/2017/11/uclerilaclamakayseri.jpg
IP 31.169.94.14:0
ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=909, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1920x909, components 3\012- data
Size 608 kB (608403 bytes)
Hash 13cde8d4cae41c1f9804208b5b7ed53b
67983a56e36e26dac9b3d24071aab8130667f428
3b40957c313de7fbc15a76ef284ba6be2ab800c834dfad46167141d48aa1aede
GET /wp-content/uploads/2017/11/uclerilaclamakayseri.jpg HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 06 Jan 2020 07:52:26 GMT
accept-ranges: bytes
etag: "4c82d73c66c4d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 608403
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aed4d25286420a1405c3274931194002
c17c7bdfa4b40f9a0634da65c610869e5c410bf1
f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 88076712-b2bb-4aee-81a7-ae35201748ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKZtEXeoAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bdd7-317a47e2018160b928a40ff9;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VztBCwvlCphzQJw_HAODqlJjRAaYDoKFzmkAYhrhUTZJ5rmNtNSzuQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 17878
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2