ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
52.178.131.237200 OK 6.9 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1552)
Hash a835575ba93cdfb8d8b35a4c6db88fd8
a7b11db7fc65e90a85beee0b967c69f35fd0a8fd
01f7b5e3a3609220b51d3d4a2d3f714661d4df5f3651b995f5cde7c507a42b9b
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/ HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 6907
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3249
Expires: Wed, 23 Nov 2022 11:37:26 GMT
Date: Wed, 23 Nov 2022 10:43:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6028
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:43:17 GMT
Last-Modified: Wed, 23 Nov 2022 09:02:49 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 10:17:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1570
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8979
Expires: Wed, 23 Nov 2022 13:12:56 GMT
Date: Wed, 23 Nov 2022 10:43:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GI7LvlQHi+c9ykMq1zGVLwzdfxlQKk/k25rxku05hP74xDLU5pH8cUXPec+Grj7hU8Luj1f4FfQ=
x-amz-request-id: TPCP2YTGXA2M9JS4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 10:42:57 GMT
age: 21
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 10:43:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
52.178.131.237200 OK 10 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (328), with CRLF line terminators
Hash e77c862e4bee547084e43040787fe7ef
2d7e2f135fc515acd9bc4ef371e82f1b873c5ff6
c562533f75dd6e541e139f53a38d9f91aadc3bd1dd4048993dfd430d6094cfcb
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Nov 2022 20:12:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2a6-d0f1"
X-Powered-By: PleskLin
Content-Encoding: gzip
code.jquery.com/jquery-3.6.1.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65447)
Hash 2c8fb5f779970f005faea6e0f60c7e85
c9b676abdb36ea6ccf133eb7641236a7f53dd815
d14d28eea362f345cb56e1ae1244737768d80bc60dea930f308bde89dfa0c0f1
GET /jquery-3.6.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 10:43:18 GMT
content-encoding: gzip
content-length: 30957
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-15e40"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669200198.dop215.sk1.t,1669200198.cds219.sk1.hn,1669200198.cds206.sk1.c
X-Firefox-Spdy: h2
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForCommon.js.indir
52.178.131.237200 OK 8.6 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForCommon.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (4275), with CRLF line terminators
Hash 60365a91614409c14754ebe542139aaf
4c16dc096f35e8d0ffa551dd85f20a995e95211b
3255270770f43530597a4b6b94dc4a0add5e8405489f7ddb2df0af8a1b8cc84c
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForCommon.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2a8-7f5c"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css
52.178.131.237200 OK 19 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1393), with CRLF line terminators
Hash ea80a4dd8b362b375f2fdd136d0774ee
22388646eb29d930733aac79be452535f63d1df3
59c8859c81c543ad847681415bebded35518532303ee768e5eeb7a070552a90d
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Nov 2022 20:12:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2a6-19dfb"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/jquery1110.js.indir
52.178.131.237200 OK 37 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/jquery1110.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (32341)
Hash a39e11414eb039674193db640e6f7d3b
3f59491e53faf5c9f2a78d7f03f2514797db8cb2
9940926108709eb391d5514e79ba9cd8ddc1094019ce438dd8664dcfbfb5da72
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/jquery1110.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2a6-198d0"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/swfobject.js.indir
52.178.131.237200 OK 4.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/swfobject.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (10071), with CRLF line terminators
Hash 27ab78351a3c7cd7b2cc431db63ab3e9
f54ad2c752169fd4b9a3320daceba93f0cb873a9
7045d5ff71e22d2432c5f4fe6e531804f4c60fa0471f7026c00bd03aa7b5e047
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/swfobject.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2aa-27ef"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ui.dialog.min.js.indir
52.178.131.237200 OK 3.4 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ui.dialog.min.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (10336), with CRLF line terminators
Hash 9f7c84bdcc8e42169857d39af5b33c19
654db9bfe759d0f174c63bd4f7013d7be9abc187
da645da209068bfbdcbb1e2eb016f880a8bc349130710f71ba9b5ce155c43fb2
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ui.dialog.min.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2a8-2992"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForMasterPages.js.indir
52.178.131.237200 OK 15 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForMasterPages.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (2480), with CRLF line terminators
Hash 971699863f7598220f10c075903299c4
28b6a90b08138bc4b5b319e2fb4a84ec81901898
55b24440e618d665b9140e118c15bb9b87b241a3c7e45aec339f646eb5654278
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForMasterPages.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2a8-1063f"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/security.js.indir
52.178.131.237200 OK 5.1 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/security.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (16380), with CRLF line terminators
Hash 20edd920f7d00783bae21c210e0b9963
10582ff13f12009681d9494a3099d25275c68124
d19887f60c2bc317e346c6c6b65bb9735c6ec44df4a7e93acb993a3432b8117b
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/security.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2ac-42a1"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForAllControls.js.indir
52.178.131.237200 OK 26 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForAllControls.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (47755), with CRLF line terminators
Hash efd800165e5bde9e5c3905767208b660
0793bcd3f189f96aff220d2d8b92a8a7e4afd91f
b40137859bc22614321016170e23756b9b2f60ffc6f246336031006c98eefb48
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForAllControls.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2a8-1ecae"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/CustomComboboxItems.js.indir
52.178.131.237200 OK 974 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/CustomComboboxItems.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 7fb1ca92642c8a5260c2762902b8cc40
76945e531f670e89cbceb2cb4e6eede46ad54ff5
00435b0bd3f2b82effa24a8459076b6d31b1f4b152f5fa1803c2bf5a1e402340
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/CustomComboboxItems.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2ac-bed"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/IntFraudData.js.indir
52.178.131.237200 OK 607 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/IntFraudData.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash c7de6d8a2e36ae5326c0f9b5bb24f017
026039ad5c049ddfe7517e6e38230defd5896af1
264dad6db2a182bb310fd0e80c8846c5afe00477cf04ecd94dd8781391b1a43f
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/IntFraudData.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2ac-6bf"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/flash_detect.js.indir
52.178.131.237200 OK 1.2 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/flash_detect.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash c5a76f57bb7fcd503b811c094ee90273
fac323c8f5dddea4d17daeadaa867f991a515d78
2531210d114140012b11e3633c7dadc2466bd1c62fd01f0233c984ad97ca426c
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/flash_detect.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2ac-134b"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/WebResource.axd
52.178.131.237200 OK 27 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/WebResource.axd
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash b3d7a123be5203a1a3f0f10233ed373f
f4c61f321d8f79a805b356c6ec94090c0d96215c
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/WebResource.axd HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/octet-stream
Content-Length: 26951
Last-Modified: Tue, 15 Nov 2022 20:12:28 GMT
Connection: keep-alive
ETag: "6373f2ac-6947"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/sanalklavye.css
52.178.131.237200 OK 1.3 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/sanalklavye.css
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 02baa73b402096a3c24a8ba524eb77cf
2baca1fa2ae2dc30f949b90aee4d6156479fd3d5
5eec2eaf5b3ad79327566f4515060b457871817402aa0cf9f0f34c622f4f8113
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/sanalklavye.css HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/css
Last-Modified: Tue, 15 Nov 2022 20:12:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2b2-10c3"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/jquery.alternate.js.indir
52.178.131.237200 OK 7.8 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/jquery.alternate.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (323), with CRLF line terminators
Hash 4d845f42736d5a93196143985cf820e5
7e473cabdcc65ea8aa067309309f89e259913c52
51dd2028ae74fcb4f2f1c0b35010a0f2a28c072133fc0937fe91aea2f24feb62
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/jquery.alternate.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2b2-ab49"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/comodo-logo.png
52.178.131.237200 OK 4.6 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/comodo-logo.png
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 66 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash c09046e8534d305904a26a00d3aa1f6c
db9e347b7cefb488b02712527a12e064132c9981
644f3b7baa87b268975cfb42a292f642d7b2bc64f1d60a0625b4f587923cd632
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/comodo-logo.png HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/png
Content-Length: 4614
Last-Modified: Tue, 15 Nov 2022 20:12:32 GMT
Connection: keep-alive
ETag: "6373f2b0-1206"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/keyboard.js.indir
52.178.131.237200 OK 7.4 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/keyboard.js.indir
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1357), with CRLF line terminators
Hash f23d6879a3ce94f5a900a242bf1465e5
f5290398a3537c614be6b0ee65e50101a3e8716d
040d7ad9fd7a480f7eed3d4a5e8d67e7f14f12194ac24040543c7fa965e0535c
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/keyboard.js.indir HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: application/javascript
Last-Modified: Tue, 15 Nov 2022 20:12:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2b2-e2fe"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/logoZKB.png
52.178.131.237200 OK 3.6 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/logoZKB.png
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 312 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash a8e1e9d353931758c41cd2eabe40d2be
d07947bf983ecfd368d1cae5edca44f9053a07c7
f986f6dc59152c76110bc56682711356715e6143f3d2b736764e81b6f2163ddb
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/logoZKB.png HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/png
Content-Length: 3554
Last-Modified: Tue, 15 Nov 2022 20:12:30 GMT
Connection: keep-alive
ETag: "6373f2ae-de2"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/Atm_Limit_1.jpg
52.178.131.237200 OK 58 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/Atm_Limit_1.jpg
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 530x341, components 3\012- data
Hash d6ef4145a8fdc00c1c98ad2a688843d6
70b62e8b87347bc9af0ff671f256ddc577759c30
f5bdcc121a80005d7c33f8e29b10f09bc4c7ddfe66ec84dcdd35c70960c2869c
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/Atm_Limit_1.jpg HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/jpeg
Content-Length: 58228
Last-Modified: Tue, 15 Nov 2022 20:12:32 GMT
Connection: keep-alive
ETag: "6373f2b0-e374"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/loader_red.svg
52.178.131.237200 OK 422 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/loader_red.svg
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1236), with no line terminators
Hash aeb57459d467e8ca4cfbba51a2e40e5a
c7280b79d606a24ce6c206d55c2eca2027235130
cccffc4fb4b3bab234f4b1ca9ccafb577e1e71afe4607294839cd62d8793f37a
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/loader_red.svg HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/svg+xml
Last-Modified: Tue, 15 Nov 2022 20:12:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6373f2ae-4d4"
X-Powered-By: PleskLin
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/PleaseWait.gif
52.178.131.237200 OK 6.2 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/PleaseWait.gif
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 25 x 25\012- data
Hash 3fa52271807514c5fa93543b4cc89765
ffefe679bb24a8e59c1791581275cf1c8575f6e2
b39e30e682c210ff0ddc091d143707e3588c0198d4eb2a3e2eb04ddcdd637344
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/PleaseWait.gif HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/gif
Content-Length: 6166
Last-Modified: Tue, 15 Nov 2022 20:12:30 GMT
Connection: keep-alive
ETag: "6373f2ae-1816"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/transparent.png
52.178.131.237200 OK 120 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/transparent.png
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash 0bd236f89117deef4b58186fba6720a6
95aa67caeaec13071195c310b790de889e1712bb
fae714eda1babae195690d82d44f65846444621d5cdee4411b2b419f81af8371
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/transparent.png HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/png
Content-Length: 120
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Tue, 15 Nov 2022 20:12:30 GMT
ETag: "78-5ed87f9bf8780"
Accept-Ranges: bytes
X-Powered-By: PleskLin
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ZK_Kar_Payi_530x341px_TR.jpg
52.178.131.237200 OK 174 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ZK_Kar_Payi_530x341px_TR.jpg
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=341, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=530], baseline, precision 8, 530x341, components 3\012- data
Size 174 kB (173952 bytes)
Hash 17499956919f4ff41d3d4302f8cf81f1
150a0bfb37cdf8c0c52bd9758c1da56efa74aeed
36f5e68aba27b2feb2a0a722dbe321453218627a34b2763ae409236f492cc106
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ZK_Kar_Payi_530x341px_TR.jpg HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/jpeg
Content-Length: 173952
Last-Modified: Tue, 15 Nov 2022 20:12:32 GMT
Connection: keep-alive
ETag: "6373f2b0-2a780"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/avatar.png
52.178.131.237200 OK 179 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/avatar.png
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 8987509484447ce4bd95a1bbae229309
7ab9584322d6bb7251341af243b8a42d57c2886c
4085358e396839a52152b0a687dce864d2ab16fc5d05e378179d138f223d104a
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/avatar.png HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/png
Content-Length: 179
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Tue, 15 Nov 2022 20:12:30 GMT
ETag: "b3-5ed87f9bf8780"
Accept-Ranges: bytes
X-Powered-By: PleskLin
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/loginButton.png
52.178.131.237200 OK 4.8 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/loginButton.png
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 267 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash 35e7b95a91c8403f0e19ed389ed4f81a
fe33ce9c4aa53012a05e4e4ca0fca3012b66d8bd
a4f3dd313e99f6325f31f87ee513bafb75ae1617f9939b10f1e95eded616be25
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/loginButton.png HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/png
Content-Length: 4766
Last-Modified: Tue, 15 Nov 2022 20:12:30 GMT
Connection: keep-alive
ETag: "6373f2ae-129e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_img/BG_Body_Responsive.jpg
52.178.131.237404 Not Found 599 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_img/BG_Body_Responsive.jpg
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2e7582f459d7c63aa7ca05a53adc7188
660927715e16b2c726da7defc4c72162dc58ca03
96fc2888c64997fc8158f7a811f3b5b82d99d3995dd93fecc78250cb21efaf57
GET /8f696b95cbd967c8aa7a9844e178277d/_img/BG_Body_Responsive.jpg HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: W/"402-5edbecdba54a4"
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ZK_Kolay_Adres_Tan%C4%B1mla_Lansman_530x341px_VR2.jpg
52.178.131.237200 OK 139 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ZK_Kolay_Adres_Tan%C4%B1mla_Lansman_530x341px_VR2.jpg
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 530x341, components 3\012- data
Size 139 kB (139195 bytes)
Hash 831694af5805f6261765ecabb4da0e35
5c7ba9a956b8378168fee505c49eec15243a3499
fdf0a881ef2dec65d65e383168216c0ce182869d8048e8fbd40de95ab05da1e6
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ZK_Kolay_Adres_Tan%C4%B1mla_Lansman_530x341px_VR2.jpg HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/jpeg
Content-Length: 139195
Last-Modified: Tue, 15 Nov 2022 20:12:32 GMT
Connection: keep-alive
ETag: "6373f2b0-21fbb"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/Mobil_relansman_2021_Mobil_530x341px_TR_VR5_ESUBE_1.jpg
52.178.131.237200 OK 148 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/Mobil_relansman_2021_Mobil_530x341px_TR_VR5_ESUBE_1.jpg
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 530x341, components 3\012- data
Size 148 kB (147582 bytes)
Hash 80bba7cad9787c96885909090bcc0aa4
11817277c534f53950404562aff506b1a93a3b16
42e00e3257dbcafb2baf26abc2ec02aadc8eaaf71bb4b0491464755be253927f
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/Mobil_relansman_2021_Mobil_530x341px_TR_VR5_ESUBE_1.jpg HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/jpeg
Content-Length: 147582
Last-Modified: Tue, 15 Nov 2022 20:12:32 GMT
Connection: keep-alive
ETag: "6373f2b0-2407e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/_fonts/gotham/gothamedium.woff2
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/_fonts/gotham/gothamedium.woff2
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /_fonts/gotham/gothamedium.woff2 HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_img/icos/footericons.png
52.178.131.237404 Not Found 599 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_img/icos/footericons.png
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2e7582f459d7c63aa7ca05a53adc7188
660927715e16b2c726da7defc4c72162dc58ca03
96fc2888c64997fc8158f7a811f3b5b82d99d3995dd93fecc78250cb21efaf57
GET /8f696b95cbd967c8aa7a9844e178277d/_img/icos/footericons.png HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: W/"402-5edbecdba54a4"
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/_fonts/gotham/gothabook.woff2
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/_fonts/gotham/gothabook.woff2
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /_fonts/gotham/gothabook.woff2 HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/_fonts/gotham/gothabold.woff2
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/_fonts/gotham/gothabold.woff2
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /_fonts/gotham/gothabold.woff2 HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ZK_Bankkart_Sanal%20kart_banner_530x341px.jpg
52.178.131.237200 OK 192 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ZK_Bankkart_Sanal%20kart_banner_530x341px.jpg
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 530x341, components 3\012- data
Size 192 kB (191660 bytes)
Hash c2b767841df60e6bc49f9bbce6db29cc
34a63c4fd419e9070d67a6b47cf159ce727df20a
28c702fbd95ee5ea258374fa98bb39a3644025d9a3805cf2fc030b32331d9b0d
GET /8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/ZK_Bankkart_Sanal%20kart_banner_530x341px.jpg HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: image/jpeg
Content-Length: 191660
Last-Modified: Tue, 15 Nov 2022 20:12:32 GMT
Connection: keep-alive
ETag: "6373f2b0-2ecac"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/_fonts/gotham/gothamedium.woff
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/_fonts/gotham/gothamedium.woff
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /_fonts/gotham/gothamedium.woff HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/_fonts/gotham/gothabold.woff
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/_fonts/gotham/gothabold.woff
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /_fonts/gotham/gothabold.woff HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/_fonts/gotham/gothabook.woff
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/_fonts/gotham/gothabook.woff
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /_fonts/gotham/gothabook.woff HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/_fonts/gotham/gothamedium.ttf
52.178.131.237404 Not Found 599 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/_fonts/gotham/gothamedium.ttf
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2e7582f459d7c63aa7ca05a53adc7188
660927715e16b2c726da7defc4c72162dc58ca03
96fc2888c64997fc8158f7a811f3b5b82d99d3995dd93fecc78250cb21efaf57
Analyzer Verdict Alert fortinet Phishing
GET /_fonts/gotham/gothamedium.ttf HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: W/"402-5edbecdba54a4"
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/_fonts/gotham/gothabook.ttf
52.178.131.237404 Not Found 599 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/_fonts/gotham/gothabook.ttf
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2e7582f459d7c63aa7ca05a53adc7188
660927715e16b2c726da7defc4c72162dc58ca03
96fc2888c64997fc8158f7a811f3b5b82d99d3995dd93fecc78250cb21efaf57
Analyzer Verdict Alert fortinet Phishing
GET /_fonts/gotham/gothabook.ttf HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: W/"402-5edbecdba54a4"
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/_fonts/gotham/gothabold.ttf
52.178.131.237404 Not Found 599 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/_fonts/gotham/gothabold.ttf
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2e7582f459d7c63aa7ca05a53adc7188
660927715e16b2c726da7defc4c72162dc58ca03
96fc2888c64997fc8158f7a811f3b5b82d99d3995dd93fecc78250cb21efaf57
Analyzer Verdict Alert fortinet Phishing
GET /_fonts/gotham/gothabold.ttf HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/MergedForFirstTheme.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: W/"402-5edbecdba54a4"
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 10:11:11 GMT
cache-control: public,max-age=3600
age: 1927
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothamedium.woff2
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothamedium.woff2
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothamedium.woff2 HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabold.woff2
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabold.woff2
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabold.woff2 HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabook.woff2
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabook.woff2
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabook.woff2 HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5911
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:43:18 GMT
Last-Modified: Wed, 23 Nov 2022 09:04:47 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothamedium.woff
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothamedium.woff
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothamedium.woff HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabold.woff
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabold.woff
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabold.woff HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabook.woff
52.178.131.237404 Not Found 1.0 kB URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabook.woff
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f5860807b7d102a7cdb4d94a2f64a6af
30bc2ced8d656ef5746f6c3919d75ba6ef071235
d42dc575eaa7e0acfd2c5af869387c377110ad007cafcec082b9daad12e93427
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabook.woff HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Content-Length: 1026
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: "402-5edbecdba54a4"
Accept-Ranges: bytes
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothamedium.ttf
52.178.131.237404 Not Found 599 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothamedium.ttf
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2e7582f459d7c63aa7ca05a53adc7188
660927715e16b2c726da7defc4c72162dc58ca03
96fc2888c64997fc8158f7a811f3b5b82d99d3995dd93fecc78250cb21efaf57
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothamedium.ttf HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: W/"402-5edbecdba54a4"
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabook.ttf
52.178.131.237404 Not Found 599 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabook.ttf
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2e7582f459d7c63aa7ca05a53adc7188
660927715e16b2c726da7defc4c72162dc58ca03
96fc2888c64997fc8158f7a811f3b5b82d99d3995dd93fecc78250cb21efaf57
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabook.ttf HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: W/"402-5edbecdba54a4"
Content-Encoding: gzip
ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabold.ttf
52.178.131.237404 Not Found 599 B URL HTTP/1.1 ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabold.ttf
IP 52.178.131.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2e7582f459d7c63aa7ca05a53adc7188
660927715e16b2c726da7defc4c72162dc58ca03
96fc2888c64997fc8158f7a811f3b5b82d99d3995dd93fecc78250cb21efaf57
Analyzer Verdict Alert fortinet Phishing
GET /8f696b95cbd967c8aa7a9844e178277d/_fonts/gotham/gothabold.ttf HTTP/1.1
Host: ziraatkatilimkampanya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/8f696b95cbd967c8aa7a9844e178277d/Ziraat%20Katilim_files/home_alternative.css
Cookie: PHPSESSID=9t7qlmrslnm8clnddsqd0g0j95
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 23 Nov 2022 10:43:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 13:37:14 GMT
ETag: W/"402-5edbecdba54a4"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9665dfd0081873d4d08f9c4c7fcf56eb
1211f4b238fec1408a8bf8589a7ee963046051a8
dca4da4d6b0f59edc5b285322d0bd15718f47539df91d2765d9d7854a03d092a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4591
Cache-Control: max-age=94594
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:43:18 GMT
Etag: "637cb5d9-1d7"
Expires: Thu, 24 Nov 2022 12:59:52 GMT
Last-Modified: Tue, 22 Nov 2022 11:43:21 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d28a54904a6605dea54c67a68c9f33a7
d86083c88c931c3e4fe72a1f657b434b2417d15a
4c20f6b1d3365f44325f8b69052e31e6e595afd5f5043a61ebc4966fa5793f23
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2084
Cache-Control: max-age=95648
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:43:18 GMT
Etag: "637cc3c2-1d7"
Expires: Thu, 24 Nov 2022 13:17:26 GMT
Last-Modified: Tue, 22 Nov 2022 12:42:42 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 471
esube.ziraatkatilim.com.tr/_img/favicon.ico
185.118.192.23200 OK 1.2 kB URL HTTP/1.1 esube.ziraatkatilim.com.tr/_img/favicon.ico
IP 185.118.192.23:0
ASN #203925 Ziraat Katilim Bankasi AS
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 09bb015b89bf44d8126d43e9be434744
10c34179264bdf74dade237922b07f82b18e3dab
917b51a29431a148043850026d34c418705cbdf39a428cf6e01ad713f07d339a
GET /_img/favicon.ico HTTP/1.1
Host: esube.ziraatkatilim.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ziraatkatilimkampanya.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: image/x-icon
Last-Modified: Mon, 20 Jul 2015 11:45:33 GMT
Accept-Ranges: bytes
ETag: "778b4396e1c2d01:0"
Server: ZKB
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: unsafe-url
Content-Security-Policy: frame-ancestors 'self' https://intervision.ziraatkatilim.local;
Date: Wed, 23 Nov 2022 10:43:17 GMT
Content-Length: 1150
Set-Cookie: Secure
NSC_ESNS=02e6baf7-f4e4-137d-9678-00e0ed27cdac_2236284704_3742476740_00000000000047961265; Path=/; Expires=Wed, 23-Nov-2022 10:43:32 GMT
push.services.mozilla.com/
52.43.228.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.228.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: B3sgY8sO3KTg7Ji3mkimoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dyVCH2i6dkHX3OL08kz4iQRoF0M=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7624
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 10:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7624
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 10:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7624
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 10:43:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7624
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 10:43:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cdc70ea570bedb3a19294a2e3cfcb1b
c3abc52da2458971b00416c5513894a8b60389f0
71f4c91b66b84d7bff6416d8efd1b95ca3aa3543a25489553d1acb6cd9b77308
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 7bb62ac1-5774-4e82-8438-9eded7ea71a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-JKMGFMIAMFovg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bef0d-06bd21480b42efd67f62c690;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:35:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FjB6qa579_iDdG_QfQwnlYUEnwv0vZHG0JetZw_gtSVuet7BROTwDw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:50:31 GMT
age: 46369
etag: "c3abc52da2458971b00416c5513894a8b60389f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RZqqB_Aaam7hYpdAB2fbx-i3iQth9M-OgA25IgCB5Uz0swqVi3-bVg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:48:19 GMT
age: 46501
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 06:36:36 GMT
age: 14804
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 414rX74hOWUS2W1d9SVHs7McxZ4QDE249cjU-1EyIe0nMkZrQz2rrQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 45992
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 8dea187e-ee61-4691-aff7-59202f978565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b2P4MF0UIAMFWBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6378c69a-011430f86689624a29d71215;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 12:05:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c2w_q7fYc60JSQ4GcAlmUFyp7csfflgG8GvCXJuy_wWlvf9mIG0u9g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:38:55 GMT
age: 43465
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 448adf31ef3a09f7d8a45e1c038fe1d8
88e9613f90c14dca0b2c0b60103d0c8e4d859cc8
cedf0f3bd94dfde56b90f130fc960fe73d0131594b9b4ff0e8dbbe27d76b0926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8000
x-amzn-requestid: 9761ee4c-6da2-4b57-8fab-4d94ec810717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bn1pXGrCIAMFe3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63730308-7628d58a621de956205e1f9c;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 03:10:00 GMT
x-amz-cf-pop: SFO5-C3, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XlHerM1xe1mm1PGiw1jao15GRW9b1qemXZ3aLODebRK-nZnRMyMfbA==
via: 1.1 100e7eca600d702a8613a94cb0899fe8.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:53 GMT
age: 45987
etag: "88e9613f90c14dca0b2c0b60103d0c8e4d859cc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2