urlquery - report: denizbiankcom.tk/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
ocsp.digicert.com (2)	86	No data	No data	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	No data	No data	34.102.187.140
www.googletagmanager.com (1)	75	No data	No data	142.250.74.168
denizbiankcom.tk (26)	0	No data	No data	190.14.39.165	Unknown ranking
push.services.mozilla.com (1)	2140	No data	No data	44.237.163.41
img-getpocket.cdn.mozilla.net (6)	1631	No data	No data	34.120.237.76
r3.o.lencr.org (7)	344	No data	No data	23.36.76.226
contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
ocsp.pki.goog (2)	175	No data	No data	142.250.74.3
region1.google-analytics.com (1)	0	No data	No data	216.239.32.36	Domain (google-analytics.com) ranked at: 8401
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191

Scan Date	Severity	Indicator	Comment
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank
2022-11-24	2	denizbiankcom.tk/	Deniz Bank

Scan Date	Severity	Indicator	Comment
2022-11-25	2	denizbiankcom.tk/ruxitagentjs_ICA27SVfqrux_10221210805073954.js	Phishing
2022-11-25	2	denizbiankcom.tk/_assets/js/analytics.js	Phishing
2022-11-25	2	denizbiankcom.tk/	Phishing
2022-11-25	2	denizbiankcom.tk/runtime.c298608e9647c69cc550.js	Phishing
2022-11-25	2	denizbiankcom.tk/main.c01c0c9a76089d1c0f34.js	Phishing
2022-11-25	2	denizbiankcom.tk/polyfills.e7c27bf15bf48a72de71.js	Phishing
2022-11-25	2	denizbiankcom.tk/scripts.e8b3c78207fa4f6d6f74.js	Phishing
2022-11-25	2	denizbiankcom.tk/vendor.67eb8a7592425af0ba81.js	Phishing
2022-11-25	2	denizbiankcom.tk/_assets/img/login/login-footer-logo.svg	Phishing
2022-11-25	2	denizbiankcom.tk/_assets/img/logo-light.svg	Phishing
2022-11-25	2	denizbiankcom.tk/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2	Phishing
2022-11-25	2	denizbiankcom.tk/assets/opensans-semibold-webfont.1045337df148fc781940.woff2	Phishing
2022-11-25	2	denizbiankcom.tk/assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20	Phishing
2022-11-25	2	denizbiankcom.tk/assets/opensans-bold-webfont.7b013a3110831768093f.woff2	Phishing
2022-11-25	2	denizbiankcom.tk/assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff	Phishing
2022-11-25	2	denizbiankcom.tk/assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff	Phishing
2022-11-25	2	denizbiankcom.tk/assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff	Phishing
2022-11-25	2	denizbiankcom.tk/assets/icomoon.0014b4e7989bbfeaaef5.woff?bezj20	Phishing

Date	UQ / IDS / BL	URL	IP
2022-12-27 23:53:00 +0000	0 - 5 - 9	denizonaylama.tk/	190.14.39.165
2022-12-17 02:05:38 +0000	53 - 0 - 69	www.denizizbankcom.tk/	190.14.39.165
2022-12-17 02:05:20 +0000	53 - 0 - 69	www.denizdenv1acik.tk/	190.14.39.165
2022-12-17 02:04:59 +0000	53 - 0 - 69	www.denizonaylama.gq/	190.14.39.165
2022-12-17 02:04:37 +0000	63 - 0 - 99	www.dijitalsube-acikdenizv8-com.tk/	190.14.39.165

Date	UQ / IDS / BL	URL	IP
2023-02-01 12:00:56 +0000	0 - 0 - 76	denizinizv2.net/9e8cc3089f7ce8af868e.php	190.14.39.217
2023-02-01 11:08:54 +0000	0 - 0 - 49	denizdensevgii.xyz/	190.14.39.217
2023-02-01 10:03:39 +0000	0 - 2 - 20	mobilformonaydenzi.top/9e8cc3089f7ce8af868e.php	190.14.39.217
2023-02-01 09:39:20 +0000	0 - 1 - 0	piac-aero.com/Loki%201.8/aaaaa.exe	190.14.39.122
2023-02-01 09:14:23 +0000	0 - 0 - 76	denizinizv2.net/9e8cc3089f7ce8af868e.php	190.14.39.217

Date	UQ / IDS / BL	URL	IP
2022-12-10 14:07:17 +0000	53 - 0 - 43	denizbiankcom.tk/	190.14.39.165
2022-11-25 23:07:52 +0000	28 - 0 - 43	denizbiankcom.tk/	190.14.39.165
2022-11-08 02:01:21 +0000	0 - 0 - 43	denizbiankcom.tk/	190.14.39.165

Date	UQ / IDS / BL	URL	IP
2023-01-31 15:49:11 +0000	27 - 27 - 43	www.denizonaylama.gq/	190.14.39.135
2023-01-31 03:50:43 +0000	27 - 27 - 43	www.denizonaylama.gq/	190.14.39.135
2023-01-29 19:44:46 +0000	27 - 27 - 43	denlzbnikcom.ml/	190.14.39.135
2023-01-28 07:09:34 +0000	23 - 2 - 43	denizacikkv2.tk/	190.14.39.135
2023-01-27 07:44:45 +0000	27 - 0 - 43	acikdenizv2.de/	190.14.39.135

HTTP Transactions (50)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA" Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5452 Expires: Sat, 26 Nov 2022 00:38:33 GMT Date: Fri, 25 Nov 2022 23:07:41 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7c60904d097cde276e4e5632cef1b9f1 Sha1: 4f805026462589345d85e8df2d18eafba6237504 Sha256: 12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1300 Cache-Control: 'max-age=158059' Date: Fri, 25 Nov 2022 23:07:41 GMT Last-Modified: Fri, 25 Nov 2022 22:46:01 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 10730f388c028d64e19b8a48d414768f Sha1: e43b104e57e5ea7ff8568835776858cf2ede6f00 Sha256: f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 25 Nov 2022 22:17:29 GMT cache-control: public,max-age=3600 age: 3012 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 567df7db606cf5d0871aa5bc9311b6da Sha1: 4263faac7cbab2fcaf6661911dcad5091c06be17 Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6" Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5343 Expires: Sat, 26 Nov 2022 00:36:44 GMT Date: Fri, 25 Nov 2022 23:07:41 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8c63b226725ca6e92e3ef586ac19e603 Sha1: d21ae42a1927501e5293ff3564f52b49f6b0decc Sha256: 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: XAcTDmZtXWn8nWqXAZTjPbgTvYSulrnb/5lCpFD2+AcB7gSwzsToZgFdiupSxfHqlTlO92zsVpY= x-amz-request-id: S0ZG66PY7PEM2MTQ content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 25 Nov 2022 22:40:58 GMT age: 1603 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 25 Nov 2022 23:07:41 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 23:07:42 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: a0111a2443450172e5d2b48d350a8f57 Sha1: 75e89d4cd001303e66a93880f96d6c47e7d665ab Sha256: c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
GET /gtag/js?id=G-JV07ZMRWNH HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://denizbiankcom.tk/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtag/js?id=G-JV07ZMRWNH FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: a6fcdc45e2f3e920258cec5084c71d94bd19b93c1d2b148dcbe31e90b878789c 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 25 Nov 2022 23:07:42 GMT expires: Fri, 25 Nov 2022 23:07:42 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 75986 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (19102) Size: 75986 Md5: 747f2936be552d710fbb124dc666da48 Sha1: 2b8fa69e2d5be8311e25bca0f507788db56079af Sha256: a6fcdc45e2f3e920258cec5084c71d94bd19b93c1d2b148dcbe31e90b878789c
GET /ruxitagentjs_ICA27SVfqrux_10221210805073954.js HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/	URL: denizbiankcom.tk/ruxitagentjs_ICA27SVfqrux_102212108050 (...) FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:42 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 23:07:42 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e388353a642bc503beff27c23339e2b5 Sha1: 7849301df8cbfa3f9c019b1d4033b66e0f44c4bd Sha256: 5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 25 Nov 2022 22:08:53 GMT cache-control: public,max-age=3600 age: 3529 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /_assets/js/analytics.js HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/	URL: denizbiankcom.tk/_assets/js/analytics.js FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:42 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3225 Cache-Control: max-age=125572 Date: Fri, 25 Nov 2022 23:07:42 GMT Etag: "638085ab-1d7" Expires: Sun, 27 Nov 2022 10:00:34 GMT Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: df06e70fc8a35facf1d8db463d18e231 Sha1: fa8a2975566cc792898f870e48ae7518d3657326 Sha256: 4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
GET / HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: denizbiankcom.tk/ FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: 658006cacf24b1c85f48788362f7257eeb1daefb60f7638b78ad938314da6994 190.14.39.165 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Fri, 25 Nov 2022 23:07:41 GMT Server: Apache Keep-Alive: timeout=3, max=100 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (54347) Size: 266562 Md5: e34f93013390b988675daea8accf807d Sha1: fad481ea58954d5ef5ec21daf20d845db2704ae8 Sha256: 658006cacf24b1c85f48788362f7257eeb1daefb60f7638b78ad938314da6994 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: HIhfihn+k73zGGycm9lPzA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 44.237.163.41 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 44.237.163.41 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: kBzy5RHkaI7jV/K3c37e/NI0kig= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /runtime.c298608e9647c69cc550.js HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/ Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/runtime.c298608e9647c69cc550.js FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:42 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=99 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /main.c01c0c9a76089d1c0f34.js HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/ Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/main.c01c0c9a76089d1c0f34.js FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:42 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=99 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /polyfills.e7c27bf15bf48a72de71.js HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/ Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/polyfills.e7c27bf15bf48a72de71.js FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:42 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /scripts.e8b3c78207fa4f6d6f74.js HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/ Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/scripts.e8b3c78207fa4f6d6f74.js FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:42 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /vendor.67eb8a7592425af0ba81.js HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/ Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/vendor.67eb8a7592425af0ba81.js FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:42 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
POST /g/collect?v=2&tid=G-JV07ZMRWNH&gtm=2oeb90&_p=713615419&cid=1291823266.1669417662&ul=en-us&sr=1280x1024&_s=1&sid=1669417661&sct=1&seg=0&dl=http%3A%2F%2Fdenizbiankcom.tk%2F&dt=DenizBank%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://denizbiankcom.tk Connection: keep-alive Referer: http://denizbiankcom.tk/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.google-analytics.com/g/collect?v=2&tid=G-JV07ZM (...) FQDN: region1.google-analytics.com IP: 216.239.32.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.32.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: http://denizbiankcom.tk date: Fri, 25 Nov 2022 23:07:42 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /styles.14f38c16c3244b5492af.css HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/	URL: denizbiankcom.tk/styles.14f38c16c3244b5492af.css FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: 0ab27addfe127020ce7b9a6a5e3b57a133915e23edbe0852cff7b511507e56ea 190.14.39.165 HTTP/1.1 200 OK Content-Type: text/css Date: Fri, 25 Nov 2022 23:07:42 GMT Server: Apache Last-Modified: Mon, 07 Nov 2022 18:19:19 GMT Accept-Ranges: bytes Content-Length: 590413 Keep-Alive: timeout=3, max=99 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (53193), with CRLF line terminators Size: 590413 Md5: e15084a5fa844a4667363a77dbba388a Sha1: c2fc998a4874ca1ed1f87bc32562270b3a4711d2 Sha256: 0ab27addfe127020ce7b9a6a5e3b57a133915e23edbe0852cff7b511507e56ea Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank
GET /sifre.png HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/	URL: denizbiankcom.tk/sifre.png FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: 7ef622314ab427c8beae5b61a48b8e16710531e05406b135c0c5b4e8f1b22e17 190.14.39.165 HTTP/1.1 200 OK Content-Type: image/png Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Last-Modified: Mon, 07 Nov 2022 18:19:19 GMT Accept-Ranges: bytes Content-Length: 2496 Keep-Alive: timeout=3, max=98 Connection: Keep-Alive --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 36x34, components 3\012- data Size: 2496 Md5: 116f84727996ddda2d71b3c85cf358ac Sha1: a90ef391e339ddafbe5ae9f1f3d7d8d5cbf4a4e8 Sha256: 7ef622314ab427c8beae5b61a48b8e16710531e05406b135c0c5b4e8f1b22e17 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank
GET /_assets/img/enbd.png HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/ Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/_assets/img/enbd.png FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: 1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975 190.14.39.165 HTTP/1.1 200 OK Content-Type: image/png Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Last-Modified: Mon, 07 Nov 2022 18:19:19 GMT Accept-Ranges: bytes Content-Length: 3806 Keep-Alive: timeout=3, max=98 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 186 x 72, 8-bit/color RGBA, non-interlaced\012- data Size: 3806 Md5: 58cf11a4b5f8ebdc29ec2e7b787c8d69 Sha1: cd2686b1f04cfa4afb69b228fd7177d65e907d32 Sha256: 1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank
GET /_assets/img/login/login-footer-logo.svg HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/ Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/_assets/img/login/login-footer-logo.svg FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: 59c1a112d5d610c1399aa46d5b549c5aad1e4b283aaf785545e818d053f25378 190.14.39.165 HTTP/1.1 200 OK Content-Type: image/svg+xml Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Last-Modified: Mon, 07 Nov 2022 18:19:19 GMT Accept-Ranges: bytes Content-Length: 2239 Keep-Alive: timeout=3, max=99 Connection: Keep-Alive --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1863), with CRLF line terminators Size: 2239 Md5: c0ddebba4f15d5e966e993727605c03d Sha1: df6ba82ac9022f0309037baa9dbf6fbcfaaca543 Sha256: 59c1a112d5d610c1399aa46d5b549c5aad1e4b283aaf785545e818d053f25378 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /user.png HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/	URL: denizbiankcom.tk/user.png FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: 97090cea6a2bbb16d13fa490185bc7e25d41935e376d4edfee651c474f466309 190.14.39.165 HTTP/1.1 200 OK Content-Type: image/png Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Last-Modified: Mon, 07 Nov 2022 18:19:19 GMT Accept-Ranges: bytes Content-Length: 2255 Keep-Alive: timeout=3, max=99 Connection: Keep-Alive --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 27x34, components 3\012- data Size: 2255 Md5: cc0a5532279fefa0f24e6c6a91442acc Sha1: 1a16230291c3c234087a39fa0314a71591f171fb Sha256: 97090cea6a2bbb16d13fa490185bc7e25d41935e376d4edfee651c474f466309 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank
GET /_assets/img/logo-light.svg HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/	URL: denizbiankcom.tk/_assets/img/logo-light.svg FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: 3da913d79fff46cfe4d58d56e141cfcb31865606284507f7a530db69394330fb 190.14.39.165 HTTP/1.1 200 OK Content-Type: image/svg+xml Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Last-Modified: Mon, 07 Nov 2022 18:19:19 GMT Accept-Ranges: bytes Content-Length: 180545 Keep-Alive: timeout=3, max=98 Connection: Keep-Alive --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1718), with CRLF line terminators Size: 180545 Md5: 3140e053e7a3dde67e7b2c81b23771d2 Sha1: 5d0558f8da94ace88a622c70b8857bde38d7ba12 Sha256: 3da913d79fff46cfe4d58d56e141cfcb31865606284507f7a530db69394330fb Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2 HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://denizbiankcom.tk/styles.14f38c16c3244b5492af.css Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/assets/opensans-regular-webfont.a66a53 (...) FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=97 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /assets/opensans-semibold-webfont.1045337df148fc781940.woff2 HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://denizbiankcom.tk/styles.14f38c16c3244b5492af.css Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/assets/opensans-semibold-webfont.10453 (...) FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=98 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /_assets/img/loading.gif HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/	URL: denizbiankcom.tk/_assets/img/loading.gif FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: 4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a 190.14.39.165 HTTP/1.1 200 OK Content-Type: image/gif Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Last-Modified: Mon, 07 Nov 2022 18:19:19 GMT Accept-Ranges: bytes Content-Length: 37840 Keep-Alive: timeout=3, max=99 Connection: Keep-Alive --- Additional Info --- Magic: GIF image data, version 89a, 96 x 96\012- data Size: 37840 Md5: a5ac552d6a23421d7697f897729a2def Sha1: 836cb1e7a61967b762898a3ce32e64ca7713119c Sha256: 4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank
GET /assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20 HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://denizbiankcom.tk/styles.14f38c16c3244b5492af.css Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/assets/icomoon.6ff42eccb86b1fcbfe3f.wo (...) FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=98 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /assets/opensans-bold-webfont.7b013a3110831768093f.woff2 HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://denizbiankcom.tk/styles.14f38c16c3244b5492af.css Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/assets/opensans-bold-webfont.7b013a311 (...) FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=97 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://denizbiankcom.tk/styles.14f38c16c3244b5492af.css Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/assets/opensans-semibold-webfont.ba28a (...) FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=96 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://denizbiankcom.tk/styles.14f38c16c3244b5492af.css Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/assets/opensans-regular-webfont.d38975 (...) FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=98 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
GET /assets/icomoon.a16e09ed69c51903026e.ttf?bezj20 HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/styles.14f38c16c3244b5492af.css Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/assets/icomoon.a16e09ed69c51903026e.tt (...) FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=97 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank
GET /assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://denizbiankcom.tk/styles.14f38c16c3244b5492af.css Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/assets/opensans-bold-webfont.c04f02eb3 (...) FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=97 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9320 Expires: Sat, 26 Nov 2022 01:43:03 GMT Date: Fri, 25 Nov 2022 23:07:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /assets/icomoon.0014b4e7989bbfeaaef5.woff?bezj20 HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://denizbiankcom.tk/styles.14f38c16c3244b5492af.css Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/assets/icomoon.0014b4e7989bbfeaaef5.wo (...) FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=95 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9320 Expires: Sat, 26 Nov 2022 01:43:03 GMT Date: Fri, 25 Nov 2022 23:07:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9320 Expires: Sat, 26 Nov 2022 01:43:03 GMT Date: Fri, 25 Nov 2022 23:07:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9320 Expires: Sat, 26 Nov 2022 01:43:03 GMT Date: Fri, 25 Nov 2022 23:07:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9320 Expires: Sat, 26 Nov 2022 01:43:03 GMT Date: Fri, 25 Nov 2022 23:07:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4309 x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: blE0hGNioAMF_Tg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0 x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 04:38:44 GMT age: 66539 etag: "126771b86638108050cf57c0d12faa27f80f0edb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4309 Md5: 841a4b110022a99ddea6f7bf66df0fa1 Sha1: 126771b86638108050cf57c0d12faa27f80f0edb Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ac95573-22e8-41b4-a5f2-d8adbaff2829.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 1578a994e7c4eef451f1c744116caa95e1aa995c4817a13832f1ac3487cea95d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 2944 x-amzn-requestid: 8f1b2573-39ab-442e-8c6e-97538a28aba0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLWXXEjJIAMFu1Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63813762-52f27ff536b0c3b84bdfba8e;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:45:06 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 9hy8v_azPZzuVRv1VN61DoNWbfA83JPs4JcZfRyLo3j6HCtWv_gkNw== via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 22:03:27 GMT age: 3856 etag: "139f48ea60880efc6d2977f4d3141809f22adfef" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 2944 Md5: 5c135ab961de12d926b94f9abae8adbe Sha1: 139f48ea60880efc6d2977f4d3141809f22adfef Sha256: 1578a994e7c4eef451f1c744116caa95e1aa995c4817a13832f1ac3487cea95d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b4955-acc7-45b4-957b-f6ff1bb5401e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0e3803359766a616c1b9fd6047c49cd428f3623b276d9823a4a2bbe9603e8db2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4598 x-amzn-requestid: bfb2c35e-e236-42f2-824f-2b86638d2ea4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLVNYFmaIAMF6Lg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63813588-3e808ff327d2e561162a27a3;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:12 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 8iuq7sBKEl-ef7kx8cHTXKTFB2ubiIBJl9b4YSg5Pl-VbT9Oyg_ovQ== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 22:06:58 GMT age: 3645 etag: "443bd70c61191b314d0eeb1a035d07aab6238c68" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4598 Md5: 3559fb6bc7a14549c7bf2509f666f6d1 Sha1: 443bd70c61191b314d0eeb1a035d07aab6238c68 Sha256: 0e3803359766a616c1b9fd6047c49cd428f3623b276d9823a4a2bbe9603e8db2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3a66b00498fa1322730705b1c4502614b5a520ac3f884f494d65e27a5bb62c3f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4366 x-amzn-requestid: ce25f5ab-0c92-431e-ae4e-618829594a74 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLVNZFjHoAMFXLg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63813588-6a3a8dff70e717011e3a0606;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:12 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: CkXSlYXZ0DFVjVSVin4Km3_9nETFtQ8Qf6f2V5kjuwoCejVH3Qk0Qg== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:47:48 GMT age: 4795 etag: "8665e5f3026f2c2b9505eb139c478f4d359851c3" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4366 Md5: abd79421a3c44a8df11ad2cc50083309 Sha1: 8665e5f3026f2c2b9505eb139c478f4d359851c3 Sha256: 3a66b00498fa1322730705b1c4502614b5a520ac3f884f494d65e27a5bb62c3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c125eba-03aa-443e-b99e-10c7890258e8.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7f754cb2105494045efe657c47313e77bb26361ca45a6f8cbce1fdb52a15ba01 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9787 x-amzn-requestid: 51d9848a-868c-4e51-b1a8-30596d0108b6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLUfxHjToAMFeGA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63813464-749244df2aa06b23445d675c;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:20 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: wkBPzz1thuM-Nm7rBY68psfSROU1fbCCO-TbpBBrYLQmH1ZxQEV1vg== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:47:48 GMT age: 4795 etag: "afed98649590f2524a9e530c53eebbc1ba36da6a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9787 Md5: 95101ded0fe92a85649a086992948008 Sha1: afed98649590f2524a9e530c53eebbc1ba36da6a Sha256: 7f754cb2105494045efe657c47313e77bb26361ca45a6f8cbce1fdb52a15ba01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab1c6bf9-39a7-42ca-a718-a572401add09.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 068a487b9ae3d7461ef16e04cee8802a7b76a2bce19bf66df48b2b1cdb0c772c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6382 x-amzn-requestid: e1e4c180-7f90-4d4b-a5f4-094e5f542a18 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLacUFC4oAMFayA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63813de8-09efee9d0604d16c61e3d452;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 22:12:56 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: SR2His1pCOwZHi7bBtnG8QeCtZQsCMeJxs-UCpd79SK_77eM5fWeog== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 22:17:47 GMT age: 2996 etag: "3e9004d90ed72f3034eae5cddd476eb50ac63ea6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6382 Md5: b72976b3f013ace345c85b0bdfea5f76 Sha1: 3e9004d90ed72f3034eae5cddd476eb50ac63ea6 Sha256: 068a487b9ae3d7461ef16e04cee8802a7b76a2bce19bf66df48b2b1cdb0c772c
GET /_assets/img/login/bg/autumn.jpg HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/ Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/_assets/img/login/bg/autumn.jpg FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: f7278ca494d765eab007679ace9914b237327326d7cd2840660dc8140a8b5542 190.14.39.165 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Fri, 25 Nov 2022 23:07:43 GMT Server: Apache Last-Modified: Mon, 07 Nov 2022 18:19:19 GMT Accept-Ranges: bytes Content-Length: 387821 Keep-Alive: timeout=3, max=97 Connection: Keep-Alive --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1701, components 3\012- data Size: 387821 Md5: 90062fd1b816f53d1f7ddddf1b2d15c4 Sha1: a0407ae398c54b47de374b9813c8be17ec82bb40 Sha256: f7278ca494d765eab007679ace9914b237327326d7cd2840660dc8140a8b5542 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank
GET /_assets/img/appicon.png HTTP/1.1 Host: denizbiankcom.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://denizbiankcom.tk/ Cookie: _ga_JV07ZMRWNH=GS1.1.1669417661.1.0.1669417661.0.0.0; _ga=GA1.1.1291823266.1669417662	URL: denizbiankcom.tk/_assets/img/appicon.png FQDN: denizbiankcom.tk IP: 190.14.39.165 HASH: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 190.14.39.165 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Fri, 25 Nov 2022 23:07:44 GMT Server: Apache Content-Length: 315 Keep-Alive: timeout=3, max=94 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 315 Md5: a34ac19f4afae63adc5d2f7bc970c07f Sha1: a82190fc530c265aa40a045c21770d967f4767b8 Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Alerts: urlquery: - Phishing - Deniz Bank Blocklists: - openphish: Deniz Bank

URL	denizbiankcom.tk/
IP	190.14.39.165 (Panama)
ASN	#52469 Offshore Racks S.A
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-25 23:07:52 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	43
urlquery alerts	28 Phishing - Deniz Bank Phishing - Deniz Bank
Tags	None

Overview

Domain Summary (11)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 190.14.39.165

Last 5 reports on ASN: Offshore Racks S.A

Last 3 reports on domain: denizbiankcom.tk

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (3)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (50)

Overview

Domain Summary (11)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 190.14.39.165

Last 5 reports on ASN: Offshore Racks S.A

Last 3 reports on domain: denizbiankcom.tk

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (3)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (50)

Network Intrusion Detection Systems