Report - uclerilaclama.com/

Report Overview

Submitted URL
uclerilaclama.com/
IP
31.169.94.14
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc
Submitted
2022-09-29 02:48:26
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.213.140.56
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	62 kB	34.120.237.76
uclerilaclama.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	1.1 MB	31.169.94.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-29	medium	uclerilaclama.com/	Phishing
2022-09-29	medium	uclerilaclama.com/	Phishing
2022-09-29	medium	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/base.css?ver=2	Phishing
2022-09-29	medium	uclerilaclama.com/wp-includes/css/dashicons.min.css?ver=6.0.2	Phishing
2022-09-29	medium	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/layout.css?ver=2	Phishing
2022-09-29	medium	uclerilaclama.com/wp-content/uploads/dynamic_avia/ut_kurumsal_profesyonel_kurumsal_tema.css?ver=61cd9288a5745	Phishing
2022-09-29	medium	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/grid.css?ver=2	Phishing
2022-09-29	medium	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/custom.css?ver=2	Phishing
2022-09-29	medium	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/shortcodes.css?ver=2	Phishing
2022-09-29	medium	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/mediaelement/skin-1/mediaelementplayer.css?ver=1	Phishing
2022-09-29	medium	uclerilaclama.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-09-29	medium	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia-compat.js?ver=2	Phishing
2022-09-29	medium	uclerilaclama.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2	Phishing
2022-09-29	medium	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/aviapopup/jquery.magnific-popup.min.js?ver=2	Phishing
2022-09-29	medium	uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16	Phishing
2022-09-29	medium	uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2	Phishing
2022-09-29	medium	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	uclerilaclama.com/	120 B	2023-03-08	2023-03-17
Pretty URL uclerilaclama.com/ IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:18:39 Last Seen2023-03-17 12:35:00 Times Seen1 Hash e1699e37d0b7cd984e90e08e2a32aec5 94c5fb498edee744716ad0d6a0aace3508fc413e 6233bf66ddbf1b1b0f5d6e4da61bb6b6511714f0b7abf6ae45f0fe1cb57f66dc Loading...

	uclerilaclama.com/	413 B	2023-03-08	2023-03-17
Pretty URL uclerilaclama.com/ IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:18:39 Last Seen2023-03-17 12:35:00 Times Seen1 Hash a22b5cda76e17ac3a5ee90e34d5167f8 c082b2ed3dbcc03252cb17457e1bcaff643420f2 299029989a990969006e68294411a5ff7a269cf69970dae7ffdf6f47117863e2 Loading...

	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia.js?ver=3	105 kB	2023-03-08	2023-06-04
Pretty URL uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia.js?ver=3 IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:18:39 Last Seen2023-06-04 03:51:11 Times Seen9 Hash 87c49c4a599081ceeb58377cc9101c5b 9c48113e490066fd4be077217402a5d839623ad8 951b84077538aa7a82673d468708ee4f63cb130e5e3443a93eb8d85725bb4727 Loading...

	uclerilaclama.com/	2.9 kB	2023-03-07	2023-12-26
Pretty URL uclerilaclama.com/ IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:07 Last Seen2023-12-26 02:43:27 Times Seen76 Hash 533f8069f875d3297c912878c6e074ae eb619cf7fa8735b18cee973915385812f63d3839 82c7f6423a0c3b9b20db1559c93bbae9a343de0be62a2aa61e5655427d09fdec Loading...

	uclerilaclama.com/	2.2 kB	2023-03-08	2023-03-17
Pretty URL uclerilaclama.com/ IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:18:39 Last Seen2023-03-17 12:35:00 Times Seen1 Hash 4692453b2498990db246e863c5ca1c03 3137013919da956fdf6d005c4ed24481d2183fc0 b91198bf7145c5e029c1118b0cb1e3e8f9e41949e6541af245751f158da16239 Loading...

	uclerilaclama.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-27
Pretty URL uclerilaclama.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen68686 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia-compat.js?ver=2	1.1 kB	2023-03-08	2023-11-02
Pretty URL uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia-compat.js?ver=2 IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:18:39 Last Seen2023-11-02 09:37:50 Times Seen25 Hash 33c52fd9376755389eef98b5069d8f9c 4a564088be96fc25c7f8ed2cb4e33e42d9c815d2 8717b99fda450e20d7a384ec8e58050b90f132d12412430290c7d6bdffa1bda5 Loading...

	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/shortcodes.js?ver=3	131 kB	2023-03-08	2023-06-04
Pretty URL uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/shortcodes.js?ver=3 IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:18:39 Last Seen2023-06-04 03:51:11 Times Seen9 Hash b51bc3bfd988e0a14cbc123ae73d41a7 7dc2a10f682bb0f3e66c5344ddcc1def4635c36c 6352e0ac823d54b6798b5514642604e6d1d12dd364dc8219481133f02e59c5c5 Loading...

	uclerilaclama.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-04-26
Pretty URL uclerilaclama.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 23:19:42 Times Seen38071 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	uclerilaclama.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2	906 B	2023-03-07	2024-04-25
Pretty URL uclerilaclama.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2 IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-04-25 21:53:59 Times Seen3873 Hash 2c6d3b562a48e0df5474999dd47e58fb 945220e990eb176c14e53cc663fb01e04e31b59f 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550 Loading...

	uclerilaclama.com/wp-includes/js/comment-reply.min.js?ver=6.0.2	3.0 kB	2023-03-07	2024-04-27
Pretty URL uclerilaclama.com/wp-includes/js/comment-reply.min.js?ver=6.0.2 IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-27 05:20:15 Times Seen29355 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	uclerilaclama.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-27
Pretty URL uclerilaclama.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen31858 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/aviapopup/jquery.magnific-popup.min.js?ver=2	21 kB	2023-03-07	2024-04-27
Pretty URL uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/aviapopup/jquery.magnific-popup.min.js?ver=2 IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-04-27 01:48:40 Times Seen1722 Hash f62227501a7654f2b87cc1f1016ed0dc 9a45cea8875b8e067276f942eb8ba5d08e820cc9 4ef35581d56516af9c0a792f09316bda2494a5f497edf5de30e6ab74052bc380 Loading...

	uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16	158 kB	2023-03-07	2024-04-25
Pretty URL uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-25 12:50:40 Times Seen2404 Hash 6de31d697a1b1b2b0e2a3b29b1fb458b c9b6c996a66918f7c4d49c9b60134ce282c47143 443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008 Loading...

	uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2	1.2 kB	2023-03-07	2024-04-27
Pretty URL uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2 IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-04-27 05:20:15 Times Seen9207 Hash 51300497928562f8c86c7aaba99237cd e5826832b85c6afc6502b74cbb8ac5394b04c363 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f Loading...

	uclerilaclama.com/	149 B	2023-03-07	2024-04-26
Pretty URL uclerilaclama.com/ IP 31.169.94.14 ASN #56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-26 05:47:43 Times Seen2862 Hash 931deb2e7bef82d78d1c1b0a3fe4fe32 2a468d77a19124c4bcd1745b7f51eff01b269ade afb2b21f29cd5d7fc5b63a8ea02ece9649603b9e63a2afa55927c508345e1ee7 Loading...

HTTP Transactions (54)

URL IP Response Size

uclerilaclama.com/

31.169.94.14

301 Moved Permanently

149 B

URL HTTP/1.1
uclerilaclama.com/
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
149 B (149 bytes)
Hash
7158f28316696ee86e1f1fb23ba642ef
bc41496c47005a49bc33ca1e1fcf3e4c24bce439
6dd61af234f17eb1784beba80456ce9e05a2d23660134c9e2019b28fe22b5347

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://uclerilaclama.com/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 29 Sep 2022 02:48:10 GMT
Content-Length: 149

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15531
Expires: Thu, 29 Sep 2022 07:07:06 GMT
Date: Thu, 29 Sep 2022 02:48:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 02:15:49 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UUOVkWUgIy5zy1932QRWo09SZ_RbKHGjqYuq4ifj0PzgPWuegT9HIA==
Age: 1946

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Il6P8hqgEWlq5Y_X5HsSaUFlFCgiYqJN3z8aFmg4SIPyuEZpgFNvnA==
age: 76789
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:48:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 02:29:34 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 02:32:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ejrvhI0Z9xajOD-rUfVoK6UwCDC9FK7sBvLVtKytG6wMYWXbA5pMNw==
Age: 1122

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2848
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:48:15 GMT
Last-Modified: Thu, 29 Sep 2022 02:00:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.213.140.56

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.140.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FV7joXo5oXGeui9hdLvdLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Jcq5vZviDYNSG4ya+57jN3R2X4Q=

uclerilaclama.com/

31.169.94.14

200 OK

12 kB

URL HTTP/2
uclerilaclama.com/
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size
12 kB (12181 bytes)
Hash
dc7843a281da3f68911e89f6418e68fc
d17aa5ed0d1d59e15d6ac3ecc4eebfcf074a13d6
53586b2e55f28437eaafcbe51a97394f2597653db1c7c34a18ede204de50eef2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
expires: Thu, 19 Nov 1981 08:52:00 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854; path=/
link: <https://uclerilaclama.com/wp-json/>; rel="https://api.w.org/", <https://uclerilaclama.com/wp-json/wp/v2/pages/62>; rel="alternate"; type="application/json", <https://uclerilaclama.com/>; rel=shortlink
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:12 GMT
content-length: 12181
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.0

31.169.94.14

200 OK

432 B

URL HTTP/2
uclerilaclama.com/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.0
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (815), with no line terminators
Size
432 B (432 bytes)
Hash
4fe0e5a22981b5bbac29bc0fb21f2bde
aa6db5c16bff7367461df92707358b31a796ed6c
20e00837ed71c965f0c30db75c6547f5a43796f6a5c7a57222cc8cb5eba4527e

HTTP Headers

GET /wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.0 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Mon, 26 Sep 2022 08:53:15 GMT
accept-ranges: bytes
etag: "8ef07f6a85d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 432
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Thu, 29 Sep 2022 03:31:23 GMT
Date: Thu, 29 Sep 2022 02:48:17 GMT
Connection: keep-alive

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/aviapopup/magnific-popup.css?ver=1

31.169.94.14

200 OK

2.7 kB

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/aviapopup/magnific-popup.css?ver=1
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text
Size
2.7 kB (2652 bytes)
Hash
ece4026dab43930f2a10a7a92084b988
70fec3915e6e16510065f61323b07a1d553ca910
86317ac980858b7b4cf089efd1fef1ed3e10463afda60a9a474001f33e0a3d8f

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/js/aviapopup/magnific-popup.css?ver=1 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:10:53 GMT
accept-ranges: bytes
etag: "f6a031653d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 2652
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Thu, 29 Sep 2022 03:31:23 GMT
Date: Thu, 29 Sep 2022 02:48:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Thu, 29 Sep 2022 03:31:23 GMT
Date: Thu, 29 Sep 2022 02:48:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Thu, 29 Sep 2022 03:31:23 GMT
Date: Thu, 29 Sep 2022 02:48:17 GMT
Connection: keep-alive

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/base.css?ver=2

31.169.94.14

200 OK

5.5 kB

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/base.css?ver=2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (493)
Size
5.5 kB (5465 bytes)
Hash
9f0008b4ef5a708f8ce1f360b2899434
f10c14cb7a9834386b82ef33313fd3f417fea1aa
d9324d7afee43e2ec303cfcfdaaf1904a49b5273688be00521cf22bef9e0628d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/css/base.css?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:35 GMT
accept-ranges: bytes
etag: "6aca94363d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 5465
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Thu, 29 Sep 2022 03:31:23 GMT
Date: Thu, 29 Sep 2022 02:48:17 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9688 bytes)
Hash
28799c10f9ea39af55c7003f4254cc60
523da6aeec4cc23897fe01b0bc8b5da254edb3a8
2d1640fbd1f61aee3f2be670b37eb06e20bb265f702a428fadb550a4b51d64ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9688
x-amzn-requestid: 68e9fd78-af17-4a8f-ad4b-6fe563ae94fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4JHF5IAMFSXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9a-603f13d3016d77fa2ca94492;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gIg0vR5I9vnA6Z7MJtTNaXn2TK8YeHWWcJEodiNJ6BEB7z7LUrcV1Q==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:04:56 GMT
age: 17001
etag: "523da6aeec4cc23897fe01b0bc8b5da254edb3a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8508 bytes)
Hash
515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 5568f81c-2f99-44bf-9bd8-f015c604c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMJlzFywoAMFamw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bc8b-1d335c5c536e895a19b5965f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:28:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2RLqacSoBXtv1i-6fRV9nejJ5tulXVJ-VsKVDvsMqAgPqXKWe_2cJw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 22:42:49 GMT
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
age: 14728
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.3 kB (3332 bytes)
Hash
6ac86079d2901fb11bfaff81d91bb2d2
4fc0699c763f67a2602b4b3f46b8b4013d2049c6
8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3332
x-amzn-requestid: fb6cb616-5b4d-4aaf-a891-50b4de8b6f95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJ_6AGNYIAMFSHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333e03f-377fe02d1cc7ad2b3a15ca1a;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 05:48:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nJJZxZlapt4k5988yU-V94pBBH2SmfSZ0Zb_oJXA07mppg0lF04wLg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 17:18:10 GMT
age: 34207
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0734a230-932d-4bc0-bc12-9177b543b103.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5222 bytes)
Hash
eece069cebb7039dbba50ec1cd73daab
4a35c50b5b16779582a75078b6df090892358d3b
41ad701a8ea3dcbfc38cb0701f3b24a6b833f6b1197014e10530c40496b6a13c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0734a230-932d-4bc0-bc12-9177b543b103.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5222
x-amzn-requestid: cb2849d8-9579-42c1-84c9-e59700104aba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKaUGnAoAMFrTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bddb-3649a45539964e985ee41911;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: v1EEfyICGujupCV26P4JAgnY-NHtvFVVWwxA0PNLs-Ky-FuR0TTDOA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 17871
etag: "4a35c50b5b16779582a75078b6df090892358d3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14073 bytes)
Hash
11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dyDhatfeYzzSQpRY7JpOIu3VhjlI8IOWcKCLCBWYaxJ1CYgCxqdQjA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:42 GMT
age: 17915
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdb677db-4158-4190-afa5-c7e93c0604d3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9376 bytes)
Hash
cfaeb2d7a9c2bcf18210ea632eef1863
f698793f7ac8acb44d968fd884e87409f8e25507
0f9d0a861e5893bed675b362153cb172a8431f39726f67f0ac18e8ee27b30738

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdb677db-4158-4190-afa5-c7e93c0604d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: 65987361-599d-4945-a48a-e3be96b49af4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKaJHOzIAMFmMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bdda-1efbd69273170b124b4f7799;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SEn__0eLKKLbDG_gcfoEQFGnqOEHPoKl-U1mDy0JvAr0ljzG5GWnZQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 17871
etag: "f698793f7ac8acb44d968fd884e87409f8e25507"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

uclerilaclama.com/wp-includes/css/dashicons.min.css?ver=6.0.2

31.169.94.14

200 OK

37 kB

URL HTTP/2
uclerilaclama.com/wp-includes/css/dashicons.min.css?ver=6.0.2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (58981)
Size
37 kB (36934 bytes)
Hash
f78a02b0f6bff5a88729d7d0de68b6e6
a1b8d2435f9451e64592c4d879b35d1bc3462767
acd15b271ccd48a46077f74c8f7a215ce3923f1e33662a53f2562e3cee70a27f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:38 GMT
accept-ranges: bytes
etag: "23311dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 36934
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/layout.css?ver=2

31.169.94.14

200 OK

31 kB

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/layout.css?ver=2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (320)
Size
31 kB (30699 bytes)
Hash
3e560b09af8f1b7c15946252e780d3ee
7c91f7852b1bd8d31bc6bd473f9b96c35d02a577
0c3405853f2427bb1c36692e00e9688280ef1154b169244c0b0c2c4de680266c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/css/layout.css?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:36 GMT
accept-ranges: bytes
etag: "99752373d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 30699
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/uploads/dynamic_avia/ut_kurumsal_profesyonel_kurumsal_tema.css?ver=61cd9288a5745

31.169.94.14

200 OK

39 kB

URL HTTP/2
uclerilaclama.com/wp-content/uploads/dynamic_avia/ut_kurumsal_profesyonel_kurumsal_tema.css?ver=61cd9288a5745
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (65536), with no line terminators
Size
39 kB (38783 bytes)
Hash
453a2b4e181600cd3b36d6bf945c1bc4
ef087ccae0648fc50e41a6452daa02ae226e7b51
417c359b21dffec8f7162db03d6ecc2f2cbc6984753590c71e0e9ca554fb09a1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/dynamic_avia/ut_kurumsal_profesyonel_kurumsal_tema.css?ver=61cd9288a5745 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Thu, 30 Dec 2021 11:05:44 GMT
accept-ranges: bytes
etag: "6f607316dfdd71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 38783
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/grid.css?ver=2

31.169.94.14

200 OK

2.4 kB

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/grid.css?ver=2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text
Size
2.4 kB (2372 bytes)
Hash
66ba4c2895a650f6562b080e32941b93
457c72b024710a9099d1e4c19b88569b392084b0
f06984fae5acad0091afe49d01e09e185ac1f2cbf07f4222a624495335a6787f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/css/grid.css?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:35 GMT
accept-ranges: bytes
etag: "95a8b8363d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 2372
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/custom.css?ver=2

31.169.94.14

200 OK

393 B

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/custom.css?ver=2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text
Size
393 B (393 bytes)
Hash
ba6aa2b9960616ee1f48cc92e47dab73
b41d5e73519d50ff34ae4f50b83181d2f5cb5dfc
2151079e1fd9085fbe0215ae087282251e9dfa5dbe3e28a99f2dad918a465b90

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/css/custom.css?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:35 GMT
accept-ranges: bytes
etag: "2ea28d363d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 393
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/shortcodes.css?ver=2

31.169.94.14

200 OK

50 kB

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/shortcodes.css?ver=2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (1454)
Size
50 kB (49767 bytes)
Hash
923f33c62e7e41c99b0ae56d0182547a
ad90957f2e1cb856203320f0f5264140137ba3ae
fb99f579ebbe6c1a18d3716983c463939ef290bfbaa6ae800d0c1ee25c6c7e5e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/css/shortcodes.css?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:36 GMT
accept-ranges: bytes
etag: "49766373d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 49767
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/mediaelement/skin-1/mediaelementplayer.css?ver=1

31.169.94.14

200 OK

5.6 kB

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/mediaelement/skin-1/mediaelementplayer.css?ver=1
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text
Size
5.6 kB (5593 bytes)
Hash
4c962c4387a6c9927318c8c905059cd6
f3938c652004f1e68689e6335c9552f54a621553
af2188feff2be3febb97414a67edf8ac77a8d0a27937ac936c689b2050804d56

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/js/mediaelement/skin-1/mediaelementplayer.css?ver=1 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:12:03 GMT
accept-ranges: bytes
etag: "fa8def8e3d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 5593
X-Firefox-Spdy: h2

uclerilaclama.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

31.169.94.14

200 OK

31 kB

URL HTTP/2
uclerilaclama.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (65447)
Size
31 kB (30896 bytes)
Hash
a8a97fc5f9e91d5a2b04880dca969a1c
bcd75f947baa777646f3fce0a72d2f79fa359050
8fc30820552ce8cf176059992e07bc60b58eb0d4b8fb049b61197d7eed7de211

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "80c968dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 30896
X-Firefox-Spdy: h2

uclerilaclama.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

31.169.94.14

200 OK

4.2 kB

URL HTTP/2
uclerilaclama.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4165 bytes)
Hash
590a9c263938cc421936b863a02ef22c
2db3958cf8ab92b0a53e9a6f1ab334008b5685a9
3ddf8088fd0862cfa38a70dc1aa0b5e39db6454f2c97891eb1daf03fc50887d1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "80c968dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 4165
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia-compat.js?ver=2

31.169.94.14

200 OK

641 B

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia-compat.js?ver=2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text
Size
641 B (641 bytes)
Hash
abecd1c44a5626b6ae576d8537faf0dd
763ea33c3bd626fc2d64797f36b5231412568b1d
a1a6c867019f4e866a73889c7fcd166e56307cc1c07925de3af73c291bbef73e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/js/avia-compat.js?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:41 GMT
accept-ranges: bytes
etag: "7c5093a3d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 641
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/uploads/2017/11/uclerilaclamalogo-300x85.png

31.169.94.14

200 OK

21 kB

URL HTTP/2
uclerilaclama.com/wp-content/uploads/2017/11/uclerilaclamalogo-300x85.png
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
PNG image data, 300 x 85, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20937 bytes)
Hash
c4828c7526bc02622928b3b3a0d3e4e2
51db6f84e399abb24374c5b0feead519748388d4
c3b7a2fa2f31e418cbdccf114d3eb0aed63a70a7ecabfea52e95676e41297cdd

HTTP Headers

GET /wp-content/uploads/2017/11/uclerilaclamalogo-300x85.png HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 29 Nov 2017 18:15:43 GMT
accept-ranges: bytes
etag: "af21ed113e69d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 20937
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/uploads/2017/11/critter-get-ritter-6HexagonLogo-web-300x46.png

31.169.94.14

200 OK

12 kB

URL HTTP/2
uclerilaclama.com/wp-content/uploads/2017/11/critter-get-ritter-6HexagonLogo-web-300x46.png
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
PNG image data, 300 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11616 bytes)
Hash
0dd04f3f9ae7b6c78522997b072a89ad
34bd2c41f9c7c5139ef3ea97741d00e8c8d901e2
a4a96abbe2efe4edfdb39562e00ba36b713065714eda188e589111631b2726eb

HTTP Headers

GET /wp-content/uploads/2017/11/critter-get-ritter-6HexagonLogo-web-300x46.png HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 29 Nov 2017 19:00:09 GMT
accept-ranges: bytes
etag: "2aba51474469d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 11616
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/uploads/2017/11/kayseri-ilaclama-jel-ilaclama-300x208.jpg

31.169.94.14

200 OK

10 kB

URL HTTP/2
uclerilaclama.com/wp-content/uploads/2017/11/kayseri-ilaclama-jel-ilaclama-300x208.jpg
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 300x208, components 3\012- data
Size
10 kB (10525 bytes)
Hash
7877eab659c3370260ce601562c309b6
6878fafc47fcc05149149ec56be2132f2f857111
78b4795f090d0a35dd2ca60f4524ebdcdfdbecdef2314f9184ad57cb0ad66a56

HTTP Headers

GET /wp-content/uploads/2017/11/kayseri-ilaclama-jel-ilaclama-300x208.jpg HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 11 Jan 2020 14:17:55 GMT
accept-ranges: bytes
etag: "499baaea89c8d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 10525
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/uploads/2017/11/kayseri-pire-ilaclama-300x286.gif

31.169.94.14

200 OK

40 kB

URL HTTP/2
uclerilaclama.com/wp-content/uploads/2017/11/kayseri-pire-ilaclama-300x286.gif
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
GIF image data, version 87a, 300 x 286\012- data
Size
40 kB (39662 bytes)
Hash
91603c983de90800e7ae0d1435d4e360
40588052947fc2990fd1435b0a28993d7b467ce0
2b8a1ce11cc65d46af9bcc711092fc921b7680e840fbd1f54c839a5916051d6d

HTTP Headers

GET /wp-content/uploads/2017/11/kayseri-pire-ilaclama-300x286.gif HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/gif
last-modified: Sat, 11 Jan 2020 14:23:44 GMT
accept-ranges: bytes
etag: "98fcfba8ac8d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 39662
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/uploads/2017/11/kayseri-hamambocegi-ilaclama-300x169.jpg

31.169.94.14

200 OK

7.3 kB

URL HTTP/2
uclerilaclama.com/wp-content/uploads/2017/11/kayseri-hamambocegi-ilaclama-300x169.jpg
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 300x169, components 3\012- data
Size
7.3 kB (7345 bytes)
Hash
f413a24c8a6eaa322299d87a1f0f2477
1a7b3a7b7994b31262195446d46b4721a75fb429
fa2d24c91a1a4250def72c50a67a1ec9bb200419ee08f7f35eb3664b3158ce4d

HTTP Headers

GET /wp-content/uploads/2017/11/kayseri-hamambocegi-ilaclama-300x169.jpg HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 11 Jan 2020 14:26:13 GMT
accept-ranges: bytes
etag: "ddb8fd138bc8d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 7345
X-Firefox-Spdy: h2

uclerilaclama.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

31.169.94.14

200 OK

21 kB

URL HTTP/2
uclerilaclama.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (43771)
Size
21 kB (21064 bytes)
Hash
d4dfc7103119f66721e0a5c2fccef07e
9616e53f7a229ffde2dd99ea8b0f4d9f1eaade90
c43926a8c7edaf1a51cffed039900c7f1d76c570d6c300eef201671e383f7d17

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:38 GMT
accept-ranges: bytes
etag: "d61cddfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 21064
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/uploads/2017/11/who_we_img-300x290.jpg

31.169.94.14

200 OK

18 kB

URL HTTP/2
uclerilaclama.com/wp-content/uploads/2017/11/who_we_img-300x290.jpg
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 300x290, components 3\012- data
Size
18 kB (18125 bytes)
Hash
50158a8388840b6fe9d1e3bca5631d47
18e5195b10834f2c77810fc7200020ed223ceea6
d93e455ede3a571521d7358b7a0812a1ca7665ce82e45ad538721e6ff4a302c8

HTTP Headers

GET /wp-content/uploads/2017/11/who_we_img-300x290.jpg HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 06 Jan 2020 08:10:22 GMT
accept-ranges: bytes
etag: "a53566be68c4d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 18125
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia.js?ver=3

31.169.94.14

200 OK

29 kB

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/avia.js?ver=3
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
Unicode text, UTF-8 text, with very long lines (8713)
Size
29 kB (28825 bytes)
Hash
0295b1c00d2bc28689b7b849dfceb3e9
66515ed038f9339ef7a730195609a4449b69bc33
e65f298582fc885cfd01dd5f2909d038ec325e722cb03cc3b8532db4eae2e95d

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/js/avia.js?ver=3 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 29 Nov 2017 18:09:41 GMT
accept-ranges: bytes
etag: "80a0f2393d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 28825
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/shortcodes.js?ver=3

31.169.94.14

200 OK

31 kB

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/shortcodes.js?ver=3
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text
Size
31 kB (31172 bytes)
Hash
87c8fb8348245ed3c4bcf8960ad96347
d41127ec2aca3f63f35a44fcf89a933cd01d633e
59b5a5abfff32937eba6e75a0175760f7e249f81d7f5b78e3197a2122588b544

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/js/shortcodes.js?ver=3 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 29 Nov 2017 18:09:42 GMT
accept-ranges: bytes
etag: "0378b3a3d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 31172
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/uploads/2017/11/kayseriilaclama-ucler-ilaclama-fare-ilaclama-300x300.jpg

31.169.94.14

200 OK

10 kB

URL HTTP/2
uclerilaclama.com/wp-content/uploads/2017/11/kayseriilaclama-ucler-ilaclama-fare-ilaclama-300x300.jpg
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Size
10 kB (10218 bytes)
Hash
2adc7b2d8c209b1d583cd0b159983312
ea7c17743680b3aadfab9028996313b7517c8577
90840b7ecd71c695d2e662f7bb1887802055b5d2691d90d65c8a7ce7ef738b6e

HTTP Headers

GET /wp-content/uploads/2017/11/kayseriilaclama-ucler-ilaclama-fare-ilaclama-300x300.jpg HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Sat, 11 Jan 2020 14:22:49 GMT
accept-ranges: bytes
etag: "a96f219a8ac8d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 10218
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/aviapopup/jquery.magnific-popup.min.js?ver=2

31.169.94.14

200 OK

7.6 kB

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/js/aviapopup/jquery.magnific-popup.min.js?ver=2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (20818)
Size
7.6 kB (7591 bytes)
Hash
ea39864c04f0473859626da082abd186
b493f46826ada10ddbeb6a9a7a6d34311e2919aa
5cffc9b4483f6a87fe9b26b05ed7b7233caf9b71df25592929769fbb7944a691

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/js/aviapopup/jquery.magnific-popup.min.js?ver=2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 29 Nov 2017 18:10:53 GMT
accept-ranges: bytes
etag: "80f4dc643d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 7591
X-Firefox-Spdy: h2

uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

31.169.94.14

200 OK

39 kB

URL HTTP/2
uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (65266)
Size
39 kB (38593 bytes)
Hash
3d15488ae611e0a10a520cab430764a7
d8bb5fc7ad8cfe7b1911702001b3593cd628a5e4
f46d1e1a7295e3e7c019bb19b08017f788c62b6c2faccc7f8c95897bb2332d7b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "80c968dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 38593
X-Firefox-Spdy: h2

uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2

31.169.94.14

200 OK

634 B

URL HTTP/2
uclerilaclama.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (1191), with no line terminators
Size
634 B (634 bytes)
Hash
3ef722cb0624a7cd044a3179b55b6e60
529571141c40f6625cdff5481e7b7da0974c303a
97744b7e0f69199f4b1c943c392e715b3ab2e1d1034417495b5291de8596e74f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "79dbe3dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 634
X-Firefox-Spdy: h2

uclerilaclama.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2

31.169.94.14

200 OK

552 B

URL HTTP/2
uclerilaclama.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
HTML document, ASCII text, with very long lines (906), with no line terminators
Size
552 B (552 bytes)
Hash
0c2b4b8d9de4e13c50c60e0ae5ae9a88
60ca6908a59b62ebe718bf8064fce069729878b3
53b9d35b861f85323cd76aa8eab8d17400cfd4ea59382b27b19781da9ac1ea14

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "e2d5e8dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 552
X-Firefox-Spdy: h2

uclerilaclama.com/wp-includes/js/comment-reply.min.js?ver=6.0.2

31.169.94.14

200 OK

1.5 kB

URL HTTP/2
uclerilaclama.com/wp-includes/js/comment-reply.min.js?ver=6.0.2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (2946)
Size
1.5 kB (1542 bytes)
Hash
59afbd08a33ecd2045162ef72db35209
e079c653437f87e5e29ceaa960ff9882cc9a62f0
2b87580330a35712da63832e95b667622badfe0e9fc182aa312168f024d88ce5

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:39 GMT
accept-ranges: bytes
etag: "a24a71dfb2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 1542
X-Firefox-Spdy: h2

uclerilaclama.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

31.169.94.14

200 OK

6.7 kB

URL HTTP/2
uclerilaclama.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with very long lines (15660)
Size
6.7 kB (6688 bytes)
Hash
403b857ed5e4f3b2daf7300768078928
bc8033dfdb036b3cb0d688d0cf5226fa44cc740a
af3ef8b999639e443a7e5a022a5bb10de3cd87fa87eec6f9e3b59093d1518f83

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
last-modified: Mon, 26 Sep 2022 14:18:40 GMT
accept-ranges: bytes
etag: "9029e0b2d1d81:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 6688
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/print.css?ver=1

31.169.94.14

200 OK

2.1 kB

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/css/print.css?ver=1
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
ASCII text, with CRLF line terminators
Size
2.1 kB (2148 bytes)
Hash
efca6b281b3276c12c1b47a95bae4895
57de0127c12fad9c65bf8a018d8dc30dceeba01e
58f4d884b7e446436b86c1210338932dc7e82275ed95b523b05b353ce664dfd2

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/css/print.css?ver=1 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-encoding: br
last-modified: Wed, 29 Nov 2017 18:09:35 GMT
accept-ranges: bytes
etag: "b693e1363d69d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 2148
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/images/background-images/diagonal-bold-dark.png

31.169.94.14

200 OK

165 B

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/images/background-images/diagonal-bold-dark.png
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
PNG image data, 135 x 135, 1-bit colormap, non-interlaced\012- data
Size
165 B (165 bytes)
Hash
4aa61cbe68567297637b5662acbea570
850148ef685ded5e25cf34c189ee6766d3163759
7b5d544a6e7cda5387f0595a77daf5c5f0bf3a891b5871b1bf25ab3ebb839c05

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/images/background-images/diagonal-bold-dark.png HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/wp-content/uploads/dynamic_avia/ut_kurumsal_profesyonel_kurumsal_tema.css?ver=61cd9288a5745
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 29 Nov 2017 18:10:37 GMT
accept-ranges: bytes
etag: "b313a15b3d69d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 165
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3

31.169.94.14

200 OK

31 kB

URL HTTP/2
uclerilaclama.com/wp-content/themes/kurumsalulusalticaret/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
Web Open Font Format, TrueType, length 30804, version 1.0\012- data
Size
31 kB (30804 bytes)
Hash
a1aeb367498d7280cd2246f4974e988a
57058b69ea614e2bdee874e882a92c4f32058c4d
75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/kurumsalulusalticaret/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff?v=3 HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: font/x-woff
last-modified: Wed, 29 Nov 2017 18:12:32 GMT
accept-ranges: bytes
etag: "b3fe59a03d69d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 30804
X-Firefox-Spdy: h2

uclerilaclama.com/wp-content/uploads/2017/11/uclerilaclamakayseri.jpg

31.169.94.14

200 OK

608 kB

URL HTTP/2
uclerilaclama.com/wp-content/uploads/2017/11/uclerilaclamakayseri.jpg
IP
31.169.94.14:0
ASN
#56582 Netfactor Telekominikasyon Ve Teknoloji Hizmetleri Sanayi Ve Jsc

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=909, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1920x909, components 3\012- data
Size
608 kB (608403 bytes)
Hash
13cde8d4cae41c1f9804208b5b7ed53b
67983a56e36e26dac9b3d24071aab8130667f428
3b40957c313de7fbc15a76ef284ba6be2ab800c834dfad46167141d48aa1aede

HTTP Headers

GET /wp-content/uploads/2017/11/uclerilaclamakayseri.jpg HTTP/1.1
Host: uclerilaclama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uclerilaclama.com/
Cookie: PHPSESSID=qp3f50bk27pjcnqbaove58c854
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Mon, 06 Jan 2020 07:52:26 GMT
accept-ranges: bytes
etag: "4c82d73c66c4d51:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 29 Sep 2022 02:48:13 GMT
content-length: 608403
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.1 kB (4093 bytes)
Hash
aed4d25286420a1405c3274931194002
c17c7bdfa4b40f9a0634da65c610869e5c410bf1
f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 88076712-b2bb-4aee-81a7-ae35201748ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKZtEXeoAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bdd7-317a47e2018160b928a40ff9;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:34:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VztBCwvlCphzQJw_HAODqlJjRAaYDoKFzmkAYhrhUTZJ5rmNtNSzuQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:50:26 GMT
age: 17878
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations