firefox.settings.services.mozilla.com/v1/
18.164.68.21200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.21:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 05:02:26 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f138cee49761f5f7e3b88ec7b66614ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: 2LQZOUEGGl_CToObKlV1fIJgyVch0jr5jfoFyl5U4CxzWzM0yFA02g==
Age: 2068
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9859
Expires: Sat, 01 Oct 2022 08:21:13 GMT
Date: Sat, 01 Oct 2022 05:36:54 GMT
Connection: keep-alive
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
185.46.40.71200 OK 9.3 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4822)
Hash c06212ab627a2a6da0ee8260f4b0a48e
8d6f369cfca4f7f42f1e1bd900d003cd489f843a
30484ede5eee9899e124cf7b34fbd36b66593a95dd7e6129e85042c8f743b653
Analyzer Verdict Alert openphish The Union Bank of the Philippines
phishtank Other
fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/login.php HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:53 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dcc4499d374a2853afa2d5836acbe65a
4ba69db4852144bf192d1803b69b39a6b881feb8
e4cab1657f3e7a3c2d219a7802955629f414ac772ea4576c30aa7a71533a10c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4CAB1657F3E7A3C2D219A7802955629F414AC772EA4576C30AA7A71533A10C7"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12361
Expires: Sat, 01 Oct 2022 09:02:55 GMT
Date: Sat, 01 Oct 2022 05:36:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IMiXafp4S77e7RQS7bO0Vxk0bErT5XokB9er5jGdiY8RCJ5H7QPZcQQ8jmf7oI4rip04SndxEMM=
x-amz-request-id: 2X7DS0B1RSWEDKTN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 01 Oct 2022 04:48:59 GMT
age: 2875
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 05:36:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
104.17.24.14200 OK 5.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
IP 104.17.24.14:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash aa712f2a9ab349290ddbc871138b13ba
2be3765114dbce70c84786dd7d2838c7edce486c
84dce905b67560d91a9993771337d6e5946c7f1e502b5bf06fb0ef6d34b97b57
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Oct 2022 05:36:54 GMT
content-type: text/css; charset=utf-8
content-length: 5884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-9226"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 172857
expires: Thu, 21 Sep 2023 05:36:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0eXRcvEOsDYQDSQsO7K3HgR8MLFHO4j6rrfIyMuVo1FJM6TZMrn2Gk%2BKIUxxfQ%2BscTiBOmaxjBye1Z4lpSkrYQQMiMgiCcba4f754e9IQs2egrxcfR%2B%2FP%2FVlESy49zI5D0JUNhg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7532d7e4df0d1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1384e669a9e259cccf32489be673e7c4
7f982ae66621ff7e5855f2b025e3ae034706ec33
eb462a28dbd7e93cd13a170acfcbf35babb3b7ef7e7d1ddeb30d377630ea30f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
142.250.74.138200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32089)
Hash bf899cc5ba60c522341e4d712a5246bf
2c92c54c9919c8b81b4e77a97bfd4d8f202e1a6a
4f8b9bf1630c24cf17444ec093052451c370c9371212db74b4bf8b4fd71a2817
GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33018
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 05:13:03 GMT
expires: Mon, 25 Sep 2023 05:13:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 519831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/script.js
185.46.40.71200 OK 393 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/script.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with CRLF line terminators
Hash 6a2e6dbb7e1b3f957d2cb45fb492668e
f2680b4bf9b43296032575e74c6f522073c088b2
953ff524a462191b00e7966089eb722ce2f7d32334c603ebe06298b2ae5ba958
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/script.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:53 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 393
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1384e669a9e259cccf32489be673e7c4
7f982ae66621ff7e5855f2b025e3ae034706ec33
eb462a28dbd7e93cd13a170acfcbf35babb3b7ef7e7d1ddeb30d377630ea30f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/sdk.js(1)
185.46.40.71200 OK 3.2 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/sdk.js(1)
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (2088)
Hash bed46e0f7a43ef971658bde3da164aea
d4a3512ba6112886f55def602aad237dc2709501
3f6cfb2a107314566e4293ba29234e305a8d9e35dd8670fb41cbacc78f3bf22f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/sdk.js(1) HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:53 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 3224
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/api.js
185.46.40.71200 OK 708 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/api.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (708), with no line terminators
Hash a14455948d94f9a9ed0255ddffdc1eef
cd95e227eb30c684473c1e26101bfbe1ce8f3137
e88fe96181aaff74f1fae525dab9641052853f643711f87e2307ed1cca4266b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/api.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:53 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 708
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/style.css
185.46.40.71404 Not Found 9.2 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/style.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 6175707392443b4576ec733f5369566c
b1963986fdca194d0f25cade85aa68abd67a1426
bb85404485705ce138627155abd65fddc495cb98844f6c2cf5e64d1839927a08
GET /wp-includes/certificates/online.unionbankph.com/login/style.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 404 Not Found
Date: Sat, 01 Oct 2022 05:36:53 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://samvision.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1.1bf376f9696bfb8874af.css
185.46.40.71200 OK 1.3 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1.1bf376f9696bfb8874af.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (741)
Hash 3eda1ec039a6602339cbb94e11f4ae95
82cb323be785d6520838d0af1835cc74b8d45a68
c5f7e61cae5551b8a64036de44778ee9bd0baa12b57d75ff02a593e29caca5bd
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1.1bf376f9696bfb8874af.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:54 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 1275
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.21200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.21:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 01 Oct 2022 05:32:53 GMT
Expires: Sat, 01 Oct 2022 06:21:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a455b0542ae02d17ddbe081579777502.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: LW3ngYKcyZo3cYQHTjLFKFVszht5OZUcTTmPILFjDbKR_xRRM8bCuw==
Age: 241
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.css
185.46.40.71200 OK 294 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
Hash c185e013973ef666acf656dcb0a7063e
c321c0beb96a3670ca5c71c425c377ca7dee54ca
514fcc4cbd416bb0385b2145ec15929d59f01b49daef7f6605df546a8ba340d6
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:54 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 294
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.css
185.46.40.71200 OK 3.8 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (3822)
Hash 4cc6c72e41ec5a21e41d34c3e7f07a7c
99c5cae3a778bab69c748517723d887d7f8b04f2
de051944e81c05e4b7e9b7b1490a2f97287fead1fb62252c8b0eb678a618093b
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:54 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 3824
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d1be374a29f94481ff2c021e35f4eaa0
e05e92d94b5e434e9935e560fd8dc33bdc393aea
37a5132d2183f5c3bfaac5c89df691fea72cac4423110df88bdeb231f430deee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4672
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:55 GMT
Last-Modified: Sat, 01 Oct 2022 04:19:03 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.js
185.46.40.71200 OK 795 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type Unicode text, UTF-8 text, with very long lines (32811), with LF, NEL line terminators
Size 795 kB (794834 bytes)
Hash bd4eb626f73a2bdebb49c9149bd345ef
a7e9a65dee29cc8a3d4eac600b86fa9c95ac0b3b
e101196b35417e0a66350d07b1e6ce10563b8093ea7177276d008f56b45c9725
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:53 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 794834
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/14.1bf376f9696bfb8874af.js
185.46.40.71200 OK 428 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/14.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type Unicode text, UTF-8 text, with very long lines (38258)
Size 428 kB (428261 bytes)
Hash aad95aa4e1f143d93ba02014e52d3c9c
7d84aa1b74e3d605578b92986c1521577451c773
8e0e247ed10d11af5ce8095638929b0c5e17dfece84aae65abd1cb79293a5e0b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/14.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:54 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 428261
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/base.1bf376f9696bfb8874af.js
185.46.40.71200 OK 922 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/base.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (57168)
Size 922 kB (922195 bytes)
Hash d828f654795364a64e0d89f1096d414d
8c67074d28ade021281ecc87878d2fc6ebf9c1e8
2112e3f1cbe0cfb315210f6e7626ca104de393e51d5f03881204433d9949d330
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/base.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:53 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 922195
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.js
185.46.40.71200 OK 398 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type Unicode text, UTF-8 text, with very long lines (65468)
Size 398 kB (397898 bytes)
Hash b3ff7069fb30087eb69bf18b3cfc5b35
4cf232bd57407c61bb5138d17da5aded1d96219b
bc4c57fdfb845c45382334a2ea04b63a21fea8f4a42ec56ce4e05bb948160cb1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:54 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 397898
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3890d0f6ba1a59218ec08e469bd7649c
26296c4cab5be8b3d8f3ebc8cf00ace3c270bef7
77f10f2b1f344f9bfa19316f16eea4f3ee7ca0f07a0129b50b2bc92f70a8fe48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5577
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:55 GMT
Last-Modified: Sat, 01 Oct 2022 04:03:58 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3890d0f6ba1a59218ec08e469bd7649c
26296c4cab5be8b3d8f3ebc8cf00ace3c270bef7
77f10f2b1f344f9bfa19316f16eea4f3ee7ca0f07a0129b50b2bc92f70a8fe48
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5577
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:55 GMT
Last-Modified: Sat, 01 Oct 2022 04:03:58 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/components.1bf376f9696bfb8874af.js
185.46.40.71200 OK 1.3 MB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/components.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type Unicode text, UTF-8 text, with very long lines (65508), with no line terminators
Size 1.3 MB (1346823 bytes)
Hash 490e2962a5e8dcb1ffa51d2ea4dab1c2
b3ae0abe5c59da07be938923e05e2da53ee2685a
24573626435ac4aef93f207169afee030de75f86bad78d86a48962ac3e988e25
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/components.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:54 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 1346823
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/0197659eaac436e5082dd8b8f0f5edc3.png
185.46.40.71200 OK 3.8 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/0197659eaac436e5082dd8b8f0f5edc3.png
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type PNG image data, 130 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 0197659eaac436e5082dd8b8f0f5edc3
a378d1dac92182598e3c72d5cebf3e8492d9bd25
46644f655d69d30a39e701d2927ce0969a921c99bb7dd73d8747455c4526b6d6
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/0197659eaac436e5082dd8b8f0f5edc3.png HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:55 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 3771
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1200px-Unionbank_2018_logo.svg.png
185.46.40.71200 OK 21 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1200px-Unionbank_2018_logo.svg.png
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type PNG image data, 1200 x 368, 8-bit/color RGBA, non-interlaced\012- data
Hash 70f65465e7c6d090d9277be5ce120b45
8ce111118f53f497079d066a4216f61b72347b87
2e916e6e4167cd80e0f126a9d67f8c4f40af081e5d28e56516fbe492700f5fc8
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1200px-Unionbank_2018_logo.svg.png HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:55 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 20846
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
samvision.com.tr/online-banking/58cfe04e893f01896e517ae625751e6a.png
185.46.40.71404 Not Found 9.2 kB URL HTTP/1.1 samvision.com.tr/online-banking/58cfe04e893f01896e517ae625751e6a.png
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 7be64017dfaa6497a2342653dd6e6a94
0fee1932cd4e15276733e9cd8c5a634b9484d726
e6e10a08a4d59063273bd888e1e7732c3dabd286e8a497560660d6871bc9ce90
GET /online-banking/58cfe04e893f01896e517ae625751e6a.png HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 404 Not Found
Date: Sat, 01 Oct 2022 05:36:55 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://samvision.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12093
Expires: Sat, 01 Oct 2022 08:58:29 GMT
Date: Sat, 01 Oct 2022 05:36:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12093
Expires: Sat, 01 Oct 2022 08:58:29 GMT
Date: Sat, 01 Oct 2022 05:36:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12093
Expires: Sat, 01 Oct 2022 08:58:29 GMT
Date: Sat, 01 Oct 2022 05:36:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RGS_T9Cwl5Vjs_bxngHRomiYppE5fLe0SnH19VEfc5-PCT5tb5ku1A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 04:40:52 GMT
age: 3364
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3fdfee-41fa-48e2-a92a-744050d16fbe.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3fdfee-41fa-48e2-a92a-744050d16fbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d55a4b7e79062b396f5fd06b44cd637
8b72969c2c5cff7c8200e8c8a4b3d504565a97fd
338682591e594c0cf51fd671a43ff1b0d265b2713dc8504f05b00f93ddf5c57e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3fdfee-41fa-48e2-a92a-744050d16fbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13384
x-amzn-requestid: c643d8db-041f-4e98-888d-63375dde9721
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZM65TEujIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63350b6e-232161f74a65138a122f7cf7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 03:05:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0qGoRJUOZ5pSfaO1f7DWFB-oRI7zkyIFFfAcbOWNhy3p2EKCD1VdwA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 03:52:25 GMT
age: 6271
etag: "8b72969c2c5cff7c8200e8c8a4b3d504565a97fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12093
Expires: Sat, 01 Oct 2022 08:58:29 GMT
Date: Sat, 01 Oct 2022 05:36:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d31a422078d02bda318c693c05a58dc
2df7db53629c7adda2c0a4dfe9c17791b73a75e1
a07fe4e135b52da6dfa9d8a55684f0a3bf5f5ce52c4064c8ab37836a939902a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8299
x-amzn-requestid: 91eed6b6-632f-472b-93d7-4192425fcdfd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF0SoAMFWgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-17bb04894cc786555d693ec3;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8JvNUZRyYeZjd4ZxOrGMCbJxVf46NRhiHXsFvCAZn2QeUkdCzKoYbw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:15:58 GMT
age: 26458
etag: "2df7db53629c7adda2c0a4dfe9c17791b73a75e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7a423b5-e320-4013-8cd9-2455b244e410.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7a423b5-e320-4013-8cd9-2455b244e410.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e22123802c6c1a89ff2b12b8ebb4478a
069a451b50182aed754301cbc2eb776abe469a52
4edccb57b366cf6460219d86ea13dd54cb0bcf3581604a5139859bf809df2b13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7a423b5-e320-4013-8cd9-2455b244e410.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3069
x-amzn-requestid: 957bbcc7-0ce0-42b6-bec6-588f9e1c6369
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCH6DoAMFaHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-5a514967208e92343e0f3778;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tnGcmRZcp0_ckYfYvD37C_1Vswk5FoLIhno4dWw39OJ3fqmhIMss2Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:15:59 GMT
age: 26457
etag: "069a451b50182aed754301cbc2eb776abe469a52"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0222b19-e28d-42f0-b085-23b2b665419f.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0222b19-e28d-42f0-b085-23b2b665419f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bf40d5ad9837589adb9464463083ed29
aad835c1f25a742cc8f3b8f695ddc2a8a83220b9
9883621d6a4802c1d12e6c8c4dd5a194a81ee84bbede42da853a9e23027aaa09
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0222b19-e28d-42f0-b085-23b2b665419f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5845
x-amzn-requestid: 5f7a3d43-3c65-4cde-9b7f-fcb6223200c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLEEchIAMFTjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-027b8cc4272f027521eea8c7;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gsT8eVPGsaXk-982_8xS2qNOhEG6lWsrXtJf3AD9VsgZVtyOQHjPvg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:00:47 GMT
age: 27369
etag: "aad835c1f25a742cc8f3b8f695ddc2a8a83220b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75296c6-86fa-46e7-b1f9-5afb645a7a08.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75296c6-86fa-46e7-b1f9-5afb645a7a08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d5dcd5bfb41659d9b347d19af17853b
feafba2465f9b352eef2a2dc57e7c52446ff2cc0
10904009b4b7b80c6931ea54981bc5ee51b5b71b5407da20e2d22962d9fab32e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff75296c6-86fa-46e7-b1f9-5afb645a7a08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11252
x-amzn-requestid: 53406cae-6d5f-4700-ac5a-c26bb7762252
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPtTgEsHoAMF53w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633628e3-5a23515e02caea594e05e6a9;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 23:23:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sZ9hZoWRNQHI7VbLr5ygsJeXKr0OsnbSSas1v0O_vXKSEUK6canMKA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 16:23:58 GMT
age: 47578
etag: "feafba2465f9b352eef2a2dc57e7c52446ff2cc0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://samvision.com.tr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 208968
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://samvision.com.tr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 208968
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 51e8be01fe1e4cf7fbec97f2268fe684
25edd63df37f972dbdd8d149b26c4be60179d32b
d364b01cf59a8eafc6ed2e79eab3c22b7daa341240a5dcbd272b8b48d530aeee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
185.46.40.71200 OK 20 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10169)
Hash 0b8cda296623afe44f3914cd9ac30c55
133480e45d76f1ab920ed8cfe2cfad5a1c34ea3a
5ca7bd61b32a17e08013d6c799fbeee980b6a57fbade97df2fd0d19525c83c85
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:55 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 20222
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource(1).html
185.46.40.71200 OK 152 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource(1).html
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource(1).html HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:55 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 152
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/styles__ltr.css
185.46.40.71200 OK 51 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/styles__ltr.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (50696), with no line terminators
Hash 7a11414e0680c65aa4db14e9ebb8f025
0b27811e2cf398e5b3fccff6ff7e1d8e66e6f7a6
08b3c452b051deb45ab872c4da7bdba7cf14b345318f5e28b22703ef4b04ba18
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/styles__ltr.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:55 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 50696
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2601db85aa6894ea41f37fc0c1f2594a
afc9de950cf648d720a78467582b26346b8d53bc
3211c5c61098100152ea682c86ec84f3a80229b8d709e5cbe0022caba7dc9e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a342dc87da447524185a412785fd28e6
bbc7bfb8d9921d075db34aff0177a0f64150e67d
ad4b2580384bcfa9b6bb666a927225cf5af5a844e0e0a092578105eb12b87ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3754
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:56 GMT
Last-Modified: Sat, 01 Oct 2022 04:34:23 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
samvision.com.tr/online-banking/58cfe04e893f01896e517ae625751e6a.png
185.46.40.71404 Not Found 9.2 kB URL HTTP/1.1 samvision.com.tr/online-banking/58cfe04e893f01896e517ae625751e6a.png
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 7be64017dfaa6497a2342653dd6e6a94
0fee1932cd4e15276733e9cd8c5a634b9484d726
e6e10a08a4d59063273bd888e1e7732c3dabd286e8a497560660d6871bc9ce90
GET /online-banking/58cfe04e893f01896e517ae625751e6a.png HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 404 Not Found
Date: Sat, 01 Oct 2022 05:36:55 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://samvision.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2601db85aa6894ea41f37fc0c1f2594a
afc9de950cf648d720a78467582b26346b8d53bc
3211c5c61098100152ea682c86ec84f3a80229b8d709e5cbe0022caba7dc9e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 01 Oct 2022 04:41:09 GMT
expires: Sat, 01 Oct 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 3347
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2601db85aa6894ea41f37fc0c1f2594a
afc9de950cf648d720a78467582b26346b8d53bc
3211c5c61098100152ea682c86ec84f3a80229b8d709e5cbe0022caba7dc9e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.js
185.46.40.71200 OK 333 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1800x1414, components 3\012- data
Size 333 kB (333216 bytes)
Hash c8abb6a211f03e56f37d6a9e953f951b
93acfcac2ae7b89fa282e8cdd7d2088e098c6418
ff2746f58870ea29115010a06010d45f9a584b9798a80c5114a30cc39ab777b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:54 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 1268902
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a342dc87da447524185a412785fd28e6
bbc7bfb8d9921d075db34aff0177a0f64150e67d
ad4b2580384bcfa9b6bb666a927225cf5af5a844e0e0a092578105eb12b87ff6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3755
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 05:36:57 GMT
Last-Modified: Sat, 01 Oct 2022 04:34:23 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a
157.240.221.16200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a
IP 157.240.221.16:0
File type ASCII text, with very long lines (18530)
Hash e7b7ec576008b7116dce5327074bcc40
9c2ea9d4e2d900a5ed57bf779063c6ea0f6f9514
308a92547dacc227edbec1f1a6195463b20f7d356576f5c448d1ba8ae7f4d9ec
GET /en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://samvision.com.tr
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 4741d9586f8760cf623f001d2063f133
etag: "6d0451b17deb45ad60c6cd8b45c8581b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 01 Oct 2023 05:36:56 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 57fsV2AItxFtzlMnB0vMQA==
x-fb-debug: JZbops5PNMd9TXgpcOWZdIT+UtGqz0qV1Gd0ymWn7NZdWFMAlXB2+7J0WcW6bUFLP2Zs9RfmSBMleT5M2aTXXQ==
content-length: 88393
priority: u=3,i
x-fb-trip-id: 1679558926
date: Sat, 01 Oct 2022 05:36:57 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
185.46.40.71404 Not Found 9.2 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 19f52f9f08c5524e205b2922a4e61326
b0103dba5fbbe0af8041853d7ab6ea59697d06f1
c9334a5026d931fe6335ef4d74a11dca78dcd48b4ae83d1abeb85e529aa1693f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
HTTP/1.1 404 Not Found
Date: Sat, 01 Oct 2022 05:36:55 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://samvision.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/favicon.ico
185.46.40.71404 Not Found 9.2 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/favicon.ico
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 19f52f9f08c5524e205b2922a4e61326
b0103dba5fbbe0af8041853d7ab6ea59697d06f1
c9334a5026d931fe6335ef4d74a11dca78dcd48b4ae83d1abeb85e529aa1693f
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/favicon.ico HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 404 Not Found
Date: Sat, 01 Oct 2022 05:36:56 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://samvision.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
185.46.40.71404 Not Found 9.2 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 19f52f9f08c5524e205b2922a4e61326
b0103dba5fbbe0af8041853d7ab6ea59697d06f1
c9334a5026d931fe6335ef4d74a11dca78dcd48b4ae83d1abeb85e529aa1693f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
Cookie: _ga=GA1.3.1435337451.1664602614; _gid=GA1.3.1267390191.1664602614
HTTP/1.1 404 Not Found
Date: Sat, 01 Oct 2022 05:36:56 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://samvision.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://samvision.com.tr
Connection: keep-alive
Referer: http://samvision.com.tr/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15344
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 20:06:20 GMT
Expires: Tue, 26 Sep 2023 20:06:20 GMT
Cache-Control: public, max-age=31536000
Age: 379837
Last-Modified: Mon, 16 Oct 2017 17:32:55 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://samvision.com.tr
Connection: keep-alive
Referer: http://samvision.com.tr/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15552
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 30 Sep 2022 16:42:22 GMT
Expires: Sat, 30 Sep 2023 16:42:22 GMT
Cache-Control: public, max-age=31536000
Age: 46475
Last-Modified: Mon, 16 Oct 2017 17:33:02 GMT
Content-Type: font/woff2
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource.html
185.46.40.71200 OK 152 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource.html
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource.html HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
Cookie: _ga=GA1.3.1435337451.1664602614; _gid=GA1.3.1267390191.1664602614
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:56 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 152
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03e4f558-3c34-42eb-aa43-9896f0e6ce87.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03e4f558-3c34-42eb-aa43-9896f0e6ce87.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 574cd0b975349cc445e798136863c8a0
74c20bb0c312988822deb9d46b20e4642357fbd7
62d6448a8da1ed783761e1e966c3f03f2d9b4351e04e13e71e330e4cce465fc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03e4f558-3c34-42eb-aa43-9896f0e6ce87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8269
x-amzn-requestid: 2ff31dda-d215-42fb-a439-de67799ebeb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y8dqPFvQIAMFxlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e7641-2c2e3443499003525414587b;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 03:15:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: btbI_vFcRysDsOGN3zHGO3PEnzCG8XZyV7E65PB1bwBab86rJM79ZQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:16:06 GMT
age: 26457
etag: "74c20bb0c312988822deb9d46b20e4642357fbd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:300
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:300
IP 142.250.74.10:0
GET /css?family=Roboto:400,700|Open+Sans:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Oct 2022 05:36:55 GMT
date: Sat, 01 Oct 2022 05:36:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.css
185.46.40.71200 OK 0 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 05:36:54 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 782583
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 01 Oct 2022 05:36:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 13913422
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7532d7eca9d3b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2