Report - www.acikmobildenizvl2.tk/

Report Overview

Submitted URL
www.acikmobildenizvl2.tk/
IP
190.14.39.135
ASN
#52469 Offshore Racks S.A
Submitted
2023-01-21 20:20:33
Access
Website Title
Final URL
Tags
deniz_bank financial phishing
urlquery detections
Phishing - Deniz Bank

Detections

urlquery
36
Network Intrusion Detection
0
Threat Detection Systems
112

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	737 B	93.184.220.29
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	33 kB	142.250.74.170
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	78 kB	216.58.207.200
www.acikmobildenizvl2.tk	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	1.5 MB	190.14.39.135
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.131
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.38.227.80
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	679 B	571 B	216.239.34.36
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	68 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank
2023-01-21	medium	www.acikmobildenizvl2.tk/	Deniz Bank

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-21	medium	www.acikmobildenizvl2.tk/blackwine/jquery-3.4.1.min.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/ruxitagentjs_ICA27SVfqrux_10221210805073954.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/_assets/js/analytics.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/polyfills.e7c27bf15bf48a72de71.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/scripts.e8b3c78207fa4f6d6f74.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/runtime.c298608e9647c69cc550.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/vendor.67eb8a7592425af0ba81.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/main.c01c0c9a76089d1c0f34.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/_assets/img/login/login-footer-logo.svg	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/runtime.c298608e9647c69cc550.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/polyfills.e7c27bf15bf48a72de71.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/_assets/img/logo-light.svg	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/scripts.e8b3c78207fa4f6d6f74.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/vendor.67eb8a7592425af0ba81.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/main.c01c0c9a76089d1c0f34.js	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/assets/opensans-semibold-webfont.1045337df148fc781940.woff2	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/assets/opensans-bold-webfont.7b013a3110831768093f.woff2	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/assets/icomoon.a16e09ed69c51903026e.ttf?bezj20	Phishing
2023-01-21	medium	www.acikmobildenizvl2.tk/assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js	92 kB	2023-03-07	2024-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:02 Last Seen2024-05-10 18:51:29 Times Seen1811 Hash 219073097031d9c1a95a1291d66f3a10 2b7996b01d90b7f424f2a2e6063947461db4b2b2 232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef Loading...

	www.acikmobildenizvl2.tk/blackwine/jquery-3.4.1.min.js	0 B	2023-03-07	2024-05-11
Pretty URL www.acikmobildenizvl2.tk/blackwine/jquery-3.4.1.min.js IP 190.14.39.135 ASN #52469 Offshore Racks S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 03:16:53 Times Seen37534246 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.acikmobildenizvl2.tk/	153 B	2023-03-07	2024-04-06
Pretty URL www.acikmobildenizvl2.tk/ IP 190.14.39.135 ASN #52469 Offshore Racks S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:38:23 Last Seen2024-04-06 20:17:20 Times Seen196 Hash fd089cd9b356dc4e6d15a8aa0743e75e f35e8af3462a09df8a86564517579c7491ef60f0 d58dc127db01e4ced58ddcdd013c05878f5383487555f8a7075341f692f0df97 Loading...

	www.googletagmanager.com/gtag/js?id=G-JV07ZMRWNH	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-JV07ZMRWNH IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:01:04 Last Seen2023-03-13 05:01:04 Times Seen1 Hash e165fda8379282e2b0b1f77498649d89 db9ea2ac7e302c76207f05b2c62a09b2f4ae641f 03cd52cceb3052313933f21eb36d3a401992daf915305d8187b66bd4dea26a39 Loading...

	www.acikmobildenizvl2.tk/	2.7 kB	2023-03-07	2024-04-06
Pretty URL www.acikmobildenizvl2.tk/ IP 190.14.39.135 ASN #52469 Offshore Racks S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:31 Last Seen2024-04-06 20:17:20 Times Seen221 Hash 0a77e8e6e01c4cd2199d2d10b07617c0 63513f926f72e46425bc5dd3900656483b0a3800 585d22302c8518ac5e870e746b80c63e04a4fef04e12e93c59804eb53b801f70 Loading...

	www.acikmobildenizvl2.tk/	614 B	2023-03-08	2023-03-14
Pretty URL www.acikmobildenizvl2.tk/ IP 190.14.39.135 ASN #52469 Offshore Racks S.A Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:49:12 Last Seen2023-03-14 18:24:28 Times Seen1 Hash 3bafea9474bbf01bd59bd66c1b1c71a2 34ef783e3692c0a2e7187f973dac0a1795602a99 50e963918bf8e9f0d7349d9c497834c20f099ad100c9a9913c1fd0b8f8f607b5 Loading...

HTTP Transactions (63)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15797
Expires: Sun, 22 Jan 2023 00:43:38 GMT
Date: Sat, 21 Jan 2023 20:20:21 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
20d267853e48ef7d476459ed67da5d97
06d1bd08efd69c0e93486d3c423fa2640f372d29
24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5439
Expires: Sat, 21 Jan 2023 21:51:00 GMT
Date: Sat, 21 Jan 2023 20:20:21 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 19:34:44 GMT
content-type: application/json
age: 2737
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
38c102db4bcfb9c4fb19174986950fd3
51c2cc8a3aca4da5c9ab3438467c29203fc0b0c3
dad6b64bc9f4dd827471ccc2e5273fceee574685376083aaa80f9d2f918037f2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAD6B64BC9F4DD827471CCC2E5273FCEEE574685376083AAA80F9D2F918037F2"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5947
Expires: Sat, 21 Jan 2023 21:59:28 GMT
Date: Sat, 21 Jan 2023 20:20:21 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TaokymJRfl0EgdZRxMC7Iqa0xQ2PcFpIeNlOFo6wf3BiBRWyQIR7gCZw8UcL7Vs6BCOtFj4qRlo=
x-amz-request-id: 4FAMJYFM8XTEM2KD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 20:18:08 GMT
age: 133
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 20:20:21 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 20:17:29 GMT
age: 172
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2737
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:20:22 GMT
Last-Modified: Sat, 21 Jan 2023 19:34:45 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:20:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:20:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js

142.250.74.170

200 OK

32 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32769)
Size
32 kB (32222 bytes)
Hash
beb03c9ee6d13748648309584590d515
a491b316cdd4df32dabb7a3a1d85919681911dda
acec62a91cdd6d2b03731fcc7e988094b3c38c9269276f09f9a842e6433ee008

HTTP Headers

GET /ajax/libs/jquery/1.6.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32222
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 10:37:19 GMT
expires: Mon, 15 Jan 2024 10:37:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 553383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-JV07ZMRWNH

216.58.207.200

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-JV07ZMRWNH
IP
216.58.207.200:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19574)
Size
77 kB (77150 bytes)
Hash
3add493c7f6c0f31c7722052916a784e
7c8f575b2900019f217cd468f6a066a26def7f8b
f5efaf80427f61720fe12947908169b8297ef24fecff2af9d0eab77750825fab

HTTP Headers

GET /gtag/js?id=G-JV07ZMRWNH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 21 Jan 2023 20:20:22 GMT
expires: Sat, 21 Jan 2023 20:20:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77150
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:20:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 20:20:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.38.227.80

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.227.80:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y1s/CkB8JyDeCmtY4Nnojw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zzR9ORLzSpfH+kWRqE1d30N+NwA=

www.acikmobildenizvl2.tk/blackwine/jquery-3.4.1.min.js

190.14.39.135

200 OK

0 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/blackwine/jquery-3.4.1.min.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /blackwine/jquery-3.4.1.min.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:22 GMT
Server: Apache
Last-Modified: Tue, 22 Nov 2022 17:30:02 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.acikmobildenizvl2.tk/ruxitagentjs_ICA27SVfqrux_10221210805073954.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/ruxitagentjs_ICA27SVfqrux_10221210805073954.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /ruxitagentjs_ICA27SVfqrux_10221210805073954.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/

190.14.39.135

200 OK

267 kB

URL HTTP/1.1
www.acikmobildenizvl2.tk/
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (53571)
Size
267 kB (267326 bytes)
Hash
84da495be71230c4a9118ae27e86803e
8672a2da10dd6d14a2e557938a671847dddcc916
e9431da6c4a9cf4f58d76cfeedc8a8bf5ccda548fb82048e29bb2a6d60932d56

Detections

Analyzer	Verdict	Alert
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:21 GMT
Server: Apache
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.acikmobildenizvl2.tk/_assets/js/analytics.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/_assets/js/analytics.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /_assets/js/analytics.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/polyfills.e7c27bf15bf48a72de71.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/polyfills.e7c27bf15bf48a72de71.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /polyfills.e7c27bf15bf48a72de71.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/scripts.e8b3c78207fa4f6d6f74.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/scripts.e8b3c78207fa4f6d6f74.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /scripts.e8b3c78207fa4f6d6f74.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/runtime.c298608e9647c69cc550.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/runtime.c298608e9647c69cc550.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /runtime.c298608e9647c69cc550.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/vendor.67eb8a7592425af0ba81.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/vendor.67eb8a7592425af0ba81.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /vendor.67eb8a7592425af0ba81.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/main.c01c0c9a76089d1c0f34.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/main.c01c0c9a76089d1c0f34.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /main.c01c0c9a76089d1c0f34.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

region1.google-analytics.com/g/collect?v=2&tid=G-JV07ZMRWNH&gtm=2oe1i0&_p=910873370&cid=446389625.1674332422&ul=en-us&sr=1280x1024&_s=1&sid=1674332421&sct=1&seg=0&dl=https%3A%2F%2Fwww.acikmobildenizvl2.tk%2F&dt=DNZ%20%C4%B0nternet%20Bnk&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-JV07ZMRWNH&gtm=2oe1i0&_p=910873370&cid=446389625.1674332422&ul=en-us&sr=1280x1024&_s=1&sid=1674332421&sct=1&seg=0&dl=https%3A%2F%2Fwww.acikmobildenizvl2.tk%2F&dt=DNZ%20%C4%B0nternet%20Bnk&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-JV07ZMRWNH&gtm=2oe1i0&_p=910873370&cid=446389625.1674332422&ul=en-us&sr=1280x1024&_s=1&sid=1674332421&sct=1&seg=0&dl=https%3A%2F%2Fwww.acikmobildenizvl2.tk%2F&dt=DNZ%20%C4%B0nternet%20Bnk&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.acikmobildenizvl2.tk
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.acikmobildenizvl2.tk
date: Sat, 21 Jan 2023 20:20:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.acikmobildenizvl2.tk/styles.14f38c16c3244b5492af.css

190.14.39.135

200 OK

590 kB

URL HTTP/1.1
www.acikmobildenizvl2.tk/styles.14f38c16c3244b5492af.css
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
ASCII text, with very long lines (53193), with CRLF line terminators
Size
590 kB (590413 bytes)
Hash
e15084a5fa844a4667363a77dbba388a
c2fc998a4874ca1ed1f87bc32562270b3a4711d2
0ab27addfe127020ce7b9a6a5e3b57a133915e23edbe0852cff7b511507e56ea

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank

HTTP Headers

GET /styles.14f38c16c3244b5492af.css HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:22 GMT
Server: Apache
Last-Modified: Tue, 22 Nov 2022 17:30:02 GMT
Accept-Ranges: bytes
Content-Length: 590413
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/css

www.acikmobildenizvl2.tk/_assets/img/enbd.png

190.14.39.135

200 OK

3.8 kB

URL HTTP/1.1
www.acikmobildenizvl2.tk/_assets/img/enbd.png
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
PNG image data, 186 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3806 bytes)
Hash
58cf11a4b5f8ebdc29ec2e7b787c8d69
cd2686b1f04cfa4afb69b228fd7177d65e907d32
1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank

HTTP Headers

GET /_assets/img/enbd.png HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Last-Modified: Tue, 22 Nov 2022 17:30:02 GMT
Accept-Ranges: bytes
Content-Length: 3806
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/png

www.acikmobildenizvl2.tk/sifre.png

190.14.39.135

200 OK

2.5 kB

URL HTTP/1.1
www.acikmobildenizvl2.tk/sifre.png
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 36x34, components 3\012- data
Size
2.5 kB (2496 bytes)
Hash
116f84727996ddda2d71b3c85cf358ac
a90ef391e339ddafbe5ae9f1f3d7d8d5cbf4a4e8
7ef622314ab427c8beae5b61a48b8e16710531e05406b135c0c5b4e8f1b22e17

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank

HTTP Headers

GET /sifre.png HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Last-Modified: Tue, 22 Nov 2022 17:30:02 GMT
Accept-Ranges: bytes
Content-Length: 2496
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: image/png

www.acikmobildenizvl2.tk/_assets/img/login/login-footer-logo.svg

190.14.39.135

200 OK

2.2 kB

URL HTTP/1.1
www.acikmobildenizvl2.tk/_assets/img/login/login-footer-logo.svg
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1863), with CRLF line terminators
Size
2.2 kB (2239 bytes)
Hash
c0ddebba4f15d5e966e993727605c03d
df6ba82ac9022f0309037baa9dbf6fbcfaaca543
59c1a112d5d610c1399aa46d5b549c5aad1e4b283aaf785545e818d053f25378

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /_assets/img/login/login-footer-logo.svg HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Last-Modified: Tue, 22 Nov 2022 17:30:02 GMT
Accept-Ranges: bytes
Content-Length: 2239
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml

www.acikmobildenizvl2.tk/user.png

190.14.39.135

200 OK

2.3 kB

URL HTTP/1.1
www.acikmobildenizvl2.tk/user.png
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 27x34, components 3\012- data
Size
2.3 kB (2255 bytes)
Hash
cc0a5532279fefa0f24e6c6a91442acc
1a16230291c3c234087a39fa0314a71591f171fb
97090cea6a2bbb16d13fa490185bc7e25d41935e376d4edfee651c474f466309

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank

HTTP Headers

GET /user.png HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Last-Modified: Tue, 22 Nov 2022 17:30:02 GMT
Accept-Ranges: bytes
Content-Length: 2255
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15869
Expires: Sun, 22 Jan 2023 00:44:52 GMT
Date: Sat, 21 Jan 2023 20:20:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15869
Expires: Sun, 22 Jan 2023 00:44:52 GMT
Date: Sat, 21 Jan 2023 20:20:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15869
Expires: Sun, 22 Jan 2023 00:44:52 GMT
Date: Sat, 21 Jan 2023 20:20:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15869
Expires: Sun, 22 Jan 2023 00:44:52 GMT
Date: Sat, 21 Jan 2023 20:20:23 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F970e5016-1064-4d66-9524-d77906184f93.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F970e5016-1064-4d66-9524-d77906184f93.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12866 bytes)
Hash
2422bc3ba3140462f4507b7a4fe3a746
d2b1d477d56fa40ca4d5e5be4b31667d5e3977a3
90f04120820c28da092bdd235a141a8ae6347f73025dbcf235a1562abf4dd9d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F970e5016-1064-4d66-9524-d77906184f93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12866
x-amzn-requestid: fe1078a2-3e26-4906-b7b4-73c9fd315e0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6w4ZHPLoAMFw8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c761cf-7ae3119b62b0ccef08dcd2af;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:04:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PDqi-xzgWEYzXvowqCydSHlX2XVRikLvoJxgk1jU6zMTZLYFzGFsVg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:39:41 GMT
age: 52842
etag: "d2b1d477d56fa40ca4d5e5be4b31667d5e3977a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6068 bytes)
Hash
b48f53e84a3ec564b35cf6b0754d09bb
dc7ad580f90e8af4349f409fb0302a79c672ff99
37d8f9a37eed22705123275ac7a36ff34bcdea1b2faaa7108a7112afe5a8201f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6068
x-amzn-requestid: 8962c77a-e852-426f-b37a-024546e0a2ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD5VKG_zoAMFgZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb08ed-368af491496d024a0142b0e4;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: m9Elq65CekBIl_QIpAhrwIy_gNmHHhxO_lyhmgA_v7T0LUmCXNMOAQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:39:27 GMT
age: 81656
etag: "dc7ad580f90e8af4349f409fb0302a79c672ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6902 bytes)
Hash
ee23b50996d59e5b3d4d99af0d0bc05f
76fbdbd85092cb841ca269206de46cc1b6e0f215
20e83f1e7f48eaee8f946958d4bd94d0c876dd2fdab85f3c4dfe088d7726e0eb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28666e20-8b0b-428c-af81-822361800b23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6902
x-amzn-requestid: 51921a6d-e5d4-4d5b-89d8-e966ce56a9f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBlKKEBSIAMFVSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca1bda-4e652a0913dc6d744ed92121;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 04:43:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xTyrULEpWdbNOLTX93KUkEsaAcfClLOZjKXojtNtzNsPqMqPsLUaQg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 09:18:07 GMT
age: 39736
etag: "76fbdbd85092cb841ca269206de46cc1b6e0f215"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7111 bytes)
Hash
f5195ac5d83278bed049661c0d1aaa4a
74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e
30af8f591b2d4f7c8de7d52ea53bb170ca426ef0550001c7802a7f993a6344df

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1122c75-908d-4e51-8a61-b64f7ab77c76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7111
x-amzn-requestid: d9b5e6b0-3995-4c70-be84-0b1b457b7143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmRlHtkIAMFiGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b73d-37d253ee68fe1b7e483097dd;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 86-hgCgiYN-PYLZgXJO79kM9Vm6DIiRixaz-kQZFaY0m5481x8GWlw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 22:04:24 GMT
age: 80159
etag: "74b3e81e1dfc9f0a50aa936ba02b357c0df3aa9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11562 bytes)
Hash
b08ef55971faa2683ab9f2af8a11dcec
a46c748cccb714f05a068c2438181328b4fbd57a
1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: 67ff0d3d-ed43-4269-92f4-c3eb5445e9c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyBEhzIAMFnCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-27c6ebf6450d0e3275dad906;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8-aCSDcxTLree8fsGCxZEqY0272fNcqQEtHJ7aVAO6XjQRmjZXgqdw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:18:04 GMT
age: 54139
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1d34ea3-007b-405d-b0bb-99fdb4b08159.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5963 bytes)
Hash
447c7832b50421193a9b962e621d8379
eddd33bded6e9c705ed5f0aa2ed036faeefa388f
00946fa4ac2a2c6c23a22e1c5bf2d1d3871975c9730cf522fa7f937bb431e0ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1d34ea3-007b-405d-b0bb-99fdb4b08159.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5963
x-amzn-requestid: ef0681fa-95e9-4c43-94b2-4ebb1ff652b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6x_OG3goAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c76394-279293ff66d40dd65e0b8481;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:12:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cdy68Zstqi-I0pQxWuoT6oAyoU3h4vCACch4aYJynOFHWZ-exJNcRg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 00:03:42 GMT
age: 73001
etag: "eddd33bded6e9c705ed5f0aa2ed036faeefa388f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.acikmobildenizvl2.tk/runtime.c298608e9647c69cc550.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/runtime.c298608e9647c69cc550.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /runtime.c298608e9647c69cc550.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/polyfills.e7c27bf15bf48a72de71.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/polyfills.e7c27bf15bf48a72de71.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /polyfills.e7c27bf15bf48a72de71.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/_assets/img/logo-light.svg

190.14.39.135

200 OK

180 kB

URL HTTP/1.1
www.acikmobildenizvl2.tk/_assets/img/logo-light.svg
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1718), with CRLF line terminators
Size
180 kB (180545 bytes)
Hash
3140e053e7a3dde67e7b2c81b23771d2
5d0558f8da94ace88a622c70b8857bde38d7ba12
3da913d79fff46cfe4d58d56e141cfcb31865606284507f7a530db69394330fb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /_assets/img/logo-light.svg HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Last-Modified: Tue, 22 Nov 2022 17:30:02 GMT
Accept-Ranges: bytes
Content-Length: 180545
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

www.acikmobildenizvl2.tk/scripts.e8b3c78207fa4f6d6f74.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/scripts.e8b3c78207fa4f6d6f74.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /scripts.e8b3c78207fa4f6d6f74.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/vendor.67eb8a7592425af0ba81.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/vendor.67eb8a7592425af0ba81.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /vendor.67eb8a7592425af0ba81.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/main.c01c0c9a76089d1c0f34.js

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/main.c01c0c9a76089d1c0f34.js
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /main.c01c0c9a76089d1c0f34.js HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2 HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/assets/opensans-semibold-webfont.1045337df148fc781940.woff2

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/assets/opensans-semibold-webfont.1045337df148fc781940.woff2
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /assets/opensans-semibold-webfont.1045337df148fc781940.woff2 HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20 HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/assets/opensans-bold-webfont.7b013a3110831768093f.woff2

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/assets/opensans-bold-webfont.7b013a3110831768093f.woff2
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /assets/opensans-bold-webfont.7b013a3110831768093f.woff2 HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/_assets/img/loading.gif

190.14.39.135

200 OK

38 kB

URL HTTP/1.1
www.acikmobildenizvl2.tk/_assets/img/loading.gif
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
GIF image data, version 89a, 96 x 96\012- data
Size
38 kB (37840 bytes)
Hash
a5ac552d6a23421d7697f897729a2def
836cb1e7a61967b762898a3ce32e64ca7713119c
4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank

HTTP Headers

GET /_assets/img/loading.gif HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Last-Modified: Tue, 22 Nov 2022 17:30:02 GMT
Accept-Ranges: bytes
Content-Length: 37840
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/gif

www.acikmobildenizvl2.tk/assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/assets/icomoon.a16e09ed69c51903026e.ttf?bezj20

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/assets/icomoon.a16e09ed69c51903026e.ttf?bezj20
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /assets/icomoon.a16e09ed69c51903026e.ttf?bezj20 HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank
fortinet	Phishing

HTTP Headers

GET /assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/assets/icomoon.0014b4e7989bbfeaaef5.woff?bezj20

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/assets/icomoon.0014b4e7989bbfeaaef5.woff?bezj20
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank

HTTP Headers

GET /assets/icomoon.0014b4e7989bbfeaaef5.woff?bezj20 HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/_assets/img/appicon.png

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/_assets/img/appicon.png
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank

HTTP Headers

GET /_assets/img/appicon.png HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/favicon.ico

190.14.39.135

404 Not Found

315 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/favicon.ico
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Sat, 21 Jan 2023 20:20:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.acikmobildenizvl2.tk/_assets/img/login/bg/autumn.jpg

190.14.39.135

200 OK

388 kB

URL HTTP/1.1
www.acikmobildenizvl2.tk/_assets/img/login/bg/autumn.jpg
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1701, components 3\012- data
Size
388 kB (387821 bytes)
Hash
90062fd1b816f53d1f7ddddf1b2d15c4
a0407ae398c54b47de374b9813c8be17ec82bb40
f7278ca494d765eab007679ace9914b237327326d7cd2840660dc8140a8b5542

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank
openphish	Deniz Bank

HTTP Headers

GET /_assets/img/login/bg/autumn.jpg HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:23 GMT
Server: Apache
Last-Modified: Tue, 22 Nov 2022 17:30:02 GMT
Accept-Ranges: bytes
Content-Length: 387821
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

www.acikmobildenizvl2.tk/islem1.php?ip=91.90.42.154

190.14.39.135

200 OK

0 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/islem1.php?ip=91.90.42.154
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank

HTTP Headers

POST /islem1.php?ip=91.90.42.154 HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.acikmobildenizvl2.tk
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:24 GMT
Server: Apache
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.acikmobildenizvl2.tk/islem1.php?ip=91.90.42.154

190.14.39.135

200 OK

0 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/islem1.php?ip=91.90.42.154
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank

HTTP Headers

POST /islem1.php?ip=91.90.42.154 HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.acikmobildenizvl2.tk
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:26 GMT
Server: Apache
Keep-Alive: timeout=3, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.acikmobildenizvl2.tk/islem1.php?ip=91.90.42.154

190.14.39.135

200 OK

0 B

URL HTTP/1.1
www.acikmobildenizvl2.tk/islem1.php?ip=91.90.42.154
IP
190.14.39.135:0
ASN
#52469 Offshore Racks S.A

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deniz Bank

HTTP Headers

POST /islem1.php?ip=91.90.42.154 HTTP/1.1
Host: www.acikmobildenizvl2.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://www.acikmobildenizvl2.tk
Connection: keep-alive
Referer: https://www.acikmobildenizvl2.tk/
Cookie: _ga_JV07ZMRWNH=GS1.1.1674332421.1.0.1674332421.0.0.0; _ga=GA1.1.446389625.1674332422
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0

HTTP/1.1 200 OK
Date: Sat, 21 Jan 2023 20:20:28 GMT
Server: Apache
Keep-Alive: timeout=3, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9657 bytes)
Hash
4483cb695fef2fe82f38a65e18ea1fd7
ea95504fc5be0259c8c3a39f47f8fcb322bca88d
807a120b964ee7ec7c83c5d943d29cea5df2171291ad1b99de9ef4df7e7e9046

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7e829d-d4bc-4fa0-b5e5-e4527e48fd42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9657
x-amzn-requestid: 63c51fc8-3cd1-486b-960b-91d0d4b14dbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbnMFUvoAMFvYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a62d-3f30f1cb5bc13bf812d3cf71;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:07:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 34RyiiWTD7qtrgZHxL7KpjUkCETug9eJ0TvPh6b2qGiLWLcZnmT3wg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 04:42:20 GMT
age: 56290
etag: "ea95504fc5be0259c8c3a39f47f8fcb322bca88d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (63)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type