Overview

URLwww.acikdenizkredi.ga/
IP 190.14.39.151 (Panama)
ASN#52469 Offshore Racks S.A
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-08 20:21:14 UTC
StatusLoading report..
IDS alerts0
Blocklist alert44
urlquery alerts
53
Phishing - Deniz Bank
Tags None

Domain Summary (11)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
www.googletagmanager.com (1) 75 2012-10-04 01:07:32 UTC 2022-12-08 17:14:43 UTC 142.250.74.40
www.acikdenizkredi.ga (26) 0 2022-11-14 16:33:03 UTC 2022-12-08 15:38:31 UTC 190.14.39.151 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-08 17:12:32 UTC 35.241.9.150
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-08 17:21:04 UTC 34.160.144.191
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-12-08 17:15:52 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-08 17:20:00 UTC 52.43.228.5
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-12-08 17:12:10 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 23.36.77.32
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-08 17:14:01 UTC 34.117.237.239
ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-12-08 17:12:01 UTC 216.58.211.3
img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-12-08 15:50:00 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-08 2 www.acikdenizkredi.ga/ruxitagentjs_ICA27SVfqrux_10221210805073954.js Phishing
2022-12-08 2 www.acikdenizkredi.ga/_assets/js/analytics.js Phishing
2022-12-08 2 www.acikdenizkredi.ga/ Phishing
2022-12-08 2 www.acikdenizkredi.ga/main.c01c0c9a76089d1c0f34.js Phishing
2022-12-08 2 www.acikdenizkredi.ga/runtime.c298608e9647c69cc550.js Phishing
2022-12-08 2 www.acikdenizkredi.ga/polyfills.e7c27bf15bf48a72de71.js Phishing
2022-12-08 2 www.acikdenizkredi.ga/scripts.e8b3c78207fa4f6d6f74.js Phishing
2022-12-08 2 www.acikdenizkredi.ga/vendor.67eb8a7592425af0ba81.js Phishing
2022-12-08 2 www.acikdenizkredi.ga/_assets/img/login/login-footer-logo.svg Phishing
2022-12-08 2 www.acikdenizkredi.ga/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2 Phishing
2022-12-08 2 www.acikdenizkredi.ga/assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20 Phishing
2022-12-08 2 www.acikdenizkredi.ga/assets/opensans-semibold-webfont.1045337df148fc781940 (...) Phishing
2022-12-08 2 www.acikdenizkredi.ga/assets/opensans-bold-webfont.7b013a3110831768093f.woff2 Phishing
2022-12-08 2 www.acikdenizkredi.ga/assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff Phishing
2022-12-08 2 www.acikdenizkredi.ga/assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff Phishing
2022-12-08 2 www.acikdenizkredi.ga/assets/icomoon.a16e09ed69c51903026e.ttf?bezj20 Phishing
2022-12-08 2 www.acikdenizkredi.ga/assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff Phishing
2022-12-08 2 www.acikdenizkredi.ga/_assets/img/logo-light.svg Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed
2022-12-08 2 acikdenizkredi.ga Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 190.14.39.151
Date UQ / IDS / BL URL IP
2023-01-08 09:01:56 +0000 0 - 27 - 69 www.acikdenizkredi.ga/ 190.14.39.151
2023-01-08 08:51:57 +0000 27 - 1 - 43 acikdenizyeniyilkredi.cf/ 190.14.39.151
2023-01-08 08:26:34 +0000 27 - 28 - 43 acikdenizkredikarti.life/ 190.14.39.151
2023-01-08 08:25:52 +0000 27 - 27 - 43 www.acikdenizyeniyilkredi.gq/ 190.14.39.151
2023-01-08 07:57:27 +0000 27 - 27 - 43 www.acikdenizyeniyilkredi.gq/ 190.14.39.151


Last 5 reports on ASN: Offshore Racks S.A
Date UQ / IDS / BL URL IP
2023-02-05 12:57:21 +0000 27 - 28 - 43 denlzbankcom.tk/ 190.14.39.135
2023-02-05 06:24:34 +0000 17 - 0 - 24 apple-t2-online-support.com/signin.html?Invit (...) 190.14.39.133
2023-02-05 02:00:59 +0000 0 - 2 - 45 www.mobilformonaydenzzii.top/9e8cc3089f7ce8af (...) 190.14.39.217
2023-02-05 00:49:18 +0000 0 - 2 - 21 www.mobillformonaydenzii.top/TR/ 190.14.39.217
2023-02-04 15:28:45 +0000 27 - 28 - 18 denlzbankcom.tk/ 190.14.39.135


Last 5 reports on domain: acikdenizkredi.ga
Date UQ / IDS / BL URL IP
2023-01-08 09:01:56 +0000 0 - 27 - 69 www.acikdenizkredi.ga/ 190.14.39.151
2022-12-21 15:38:23 +0000 27 - 27 - 26 www.acikdenizkredi.ga/ 190.14.39.151
2022-12-08 20:21:14 +0000 53 - 0 - 44 www.acikdenizkredi.ga/ 190.14.39.151
2022-12-02 18:32:57 +0000 54 - 0 - 69 acikdenizkredi.ga/ 190.14.39.151
2022-11-15 14:03:15 +0000 28 - 0 - 43 acikdenizkredi.ga/ 190.14.39.151


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-05 12:57:21 +0000 27 - 28 - 43 denlzbankcom.tk/ 190.14.39.135
2023-02-04 15:28:45 +0000 27 - 28 - 18 denlzbankcom.tk/ 190.14.39.135
2023-02-04 00:31:54 +0000 27 - 29 - 43 www.denizonaylama.tk/ 190.14.39.135
2023-02-03 23:44:16 +0000 27 - 28 - 43 acikdenizmobilv2tk.tk/ 190.14.39.135
2023-02-03 23:44:02 +0000 27 - 27 - 69 denlzbankcom.ml/ 190.14.39.135

JavaScript

Executed Scripts (3)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (51)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3337
Expires: Thu, 08 Dec 2022 21:16:39 GMT
Date: Thu, 08 Dec 2022 20:21:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18285
Expires: Fri, 09 Dec 2022 01:25:47 GMT
Date: Thu, 08 Dec 2022 20:21:02 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 20:08:13 GMT
age: 769
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2789
Expires: Thu, 08 Dec 2022 21:07:31 GMT
Date: Thu, 08 Dec 2022 20:21:02 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ai4/LX7Fz2srzSUoLCPvAepmWZqHvsbk/bhco266GKlqsb0mXAYXUnYMwGm02Y4v7SclrNkWRPM=
x-amz-request-id: T1NN6FMNPBEQKGRH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 19:49:56 GMT
age: 1866
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 08 Dec 2022 20:21:03 GMT
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 20:07:58 GMT
age: 785
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2924
Cache-Control: max-age=135273
Date: Thu, 08 Dec 2022 20:21:03 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:55:36 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ermJ98+kvmLHhqrCF6H5KQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.43.228.5
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Afcvhnve8l2UqgkW67gPdXXCTA4=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 20:21:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-JV07ZMRWNH HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.40
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 20:21:04 GMT
expires: Thu, 08 Dec 2022 20:21:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20080)
Size:   76335
Md5:    b7ca9790b5b140a4949938d0a363328c
Sha1:   4d076f5a516ec69512dcff9e1cc0e5279cc2be44
Sha256: 5e859eaaf14c92f837d8f7ee45e2458b58cd16db8376445f84cb7b4e3288e948
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 20:21:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ruxitagentjs_ICA27SVfqrux_10221210805073954.js HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:04 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /_assets/js/analytics.js HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:04 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16554
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 20:21:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16554
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 20:21:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16554
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 20:21:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 14:20:11 GMT
age: 21654
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8351
Md5:    98d2cf29c710d25bd2f03ff216fdd369
Sha1:   b8eb2e11f9655f19334befc036f21489a6473827
Sha256: 614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 76627
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12534
Md5:    57be99ac898a37d73f2ba4a24f56248f
Sha1:   04e32eb45581201a6a1863200e4d139df48285e6
Sha256: a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16554
Expires: Fri, 09 Dec 2022 00:56:59 GMT
Date: Thu, 08 Dec 2022 20:21:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 75870
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7801
Md5:    8c94003641bb5a7595e7004f80f95d22
Sha1:   3446450df60d732f9021d5bfd5f5f7c6c870d9ec
Sha256: 4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 76100
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7268
Md5:    24d89b69ba37bf23c5d576aff4063caf
Sha1:   3d46a21b4da571d7e4962e335c18a28ca5f81ecf
Sha256: 09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 74866
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8659
Md5:    b87d6543345f73653ed4a49b37d7c959
Sha1:   c4f26846b8b72293368ff16915d49297cf12bbb9
Sha256: aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:21:22 GMT
age: 79183
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9596
Md5:    c408efaa98ac2ce63bb1618368d10c15
Sha1:   a51bbb49ebd862d04eaee465d0a35b22dcd21391
Sha256: 077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
                                        
                                            GET / HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         190.14.39.151
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 08 Dec 2022 20:21:04 GMT
Server: Apache
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (54347)
Size:   266562
Md5:    e34f93013390b988675daea8accf807d
Sha1:   fad481ea58954d5ef5ec21daf20d845db2704ae8
Sha256: 658006cacf24b1c85f48788362f7257eeb1daefb60f7638b78ad938314da6994

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /main.c01c0c9a76089d1c0f34.js HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /runtime.c298608e9647c69cc550.js HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST /g/collect?v=2&tid=G-JV07ZMRWNH&gtm=2oebu0&_p=2035018662&cid=1490938994.1670530864&ul=en-us&sr=1280x1024&_s=1&sid=1670530863&sct=1&seg=0&dl=http%3A%2F%2Fwww.acikdenizkredi.ga%2F&dt=DenizBank%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.acikdenizkredi.ga
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: http://www.acikdenizkredi.ga
date: Thu, 08 Dec 2022 20:21:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /polyfills.e7c27bf15bf48a72de71.js HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /scripts.e8b3c78207fa4f6d6f74.js HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /vendor.67eb8a7592425af0ba81.js HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /styles.14f38c16c3244b5492af.css HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/

search
                                         190.14.39.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 08 Dec 2022 20:21:04 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 16:27:24 GMT
Accept-Ranges: bytes
Content-Length: 590413
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (53193), with CRLF line terminators
Size:   590413
Md5:    e15084a5fa844a4667363a77dbba388a
Sha1:   c2fc998a4874ca1ed1f87bc32562270b3a4711d2
Sha256: 0ab27addfe127020ce7b9a6a5e3b57a133915e23edbe0852cff7b511507e56ea

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /_assets/img/login/login-footer-logo.svg HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 16:27:24 GMT
Accept-Ranges: bytes
Content-Length: 2239
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1863), with CRLF line terminators
Size:   2239
Md5:    c0ddebba4f15d5e966e993727605c03d
Sha1:   df6ba82ac9022f0309037baa9dbf6fbcfaaca543
Sha256: 59c1a112d5d610c1399aa46d5b549c5aad1e4b283aaf785545e818d053f25378

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /sifre.png HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/

search
                                         190.14.39.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 16:27:24 GMT
Accept-Ranges: bytes
Content-Length: 2496
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 36x34, components 3\012- data
Size:   2496
Md5:    116f84727996ddda2d71b3c85cf358ac
Sha1:   a90ef391e339ddafbe5ae9f1f3d7d8d5cbf4a4e8
Sha256: 7ef622314ab427c8beae5b61a48b8e16710531e05406b135c0c5b4e8f1b22e17

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /_assets/img/enbd.png HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 16:27:24 GMT
Accept-Ranges: bytes
Content-Length: 3806
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 186 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size:   3806
Md5:    58cf11a4b5f8ebdc29ec2e7b787c8d69
Sha1:   cd2686b1f04cfa4afb69b228fd7177d65e907d32
Sha256: 1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /user.png HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/

search
                                         190.14.39.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 16:27:24 GMT
Accept-Ranges: bytes
Content-Length: 2255
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 27x34, components 3\012- data
Size:   2255
Md5:    cc0a5532279fefa0f24e6c6a91442acc
Sha1:   1a16230291c3c234087a39fa0314a71591f171fb
Sha256: 97090cea6a2bbb16d13fa490185bc7e25d41935e376d4edfee651c474f466309

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2 HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /_assets/img/loading.gif HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/

search
                                         190.14.39.151
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 16:27:24 GMT
Accept-Ranges: bytes
Content-Length: 37840
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 96 x 96\012- data
Size:   37840
Md5:    a5ac552d6a23421d7697f897729a2def
Sha1:   836cb1e7a61967b762898a3ce32e64ca7713119c
Sha256: 4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20 HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /assets/opensans-semibold-webfont.1045337df148fc781940.woff2 HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /assets/opensans-bold-webfont.7b013a3110831768093f.woff2 HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /_assets/img/login/bg/autumn.jpg HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 08 Dec 2022 20:21:06 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 16:27:24 GMT
Accept-Ranges: bytes
Content-Length: 387821
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1701, components 3\012- data
Size:   387821
Md5:    90062fd1b816f53d1f7ddddf1b2d15c4
Sha1:   a0407ae398c54b47de374b9813c8be17ec82bb40
Sha256: f7278ca494d765eab007679ace9914b237327326d7cd2840660dc8140a8b5542

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:06 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:06 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /assets/icomoon.a16e09ed69c51903026e.ttf?bezj20 HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:06 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:06 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /_assets/img/logo-light.svg HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/

search
                                         190.14.39.151
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Thu, 08 Dec 2022 20:21:05 GMT
Server: Apache
Last-Modified: Mon, 14 Nov 2022 16:27:24 GMT
Accept-Ranges: bytes
Content-Length: 180545
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1718), with CRLF line terminators
Size:   180545
Md5:    3140e053e7a3dde67e7b2c81b23771d2
Sha1:   5d0558f8da94ace88a622c70b8857bde38d7ba12
Sha256: 3da913d79fff46cfe4d58d56e141cfcb31865606284507f7a530db69394330fb

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /assets/icomoon.0014b4e7989bbfeaaef5.woff?bezj20 HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:06 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /_assets/img/appicon.png HTTP/1.1 
Host: www.acikdenizkredi.ga
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.acikdenizkredi.ga/
Cookie: _ga_JV07ZMRWNH=GS1.1.1670530863.1.0.1670530863.0.0.0; _ga=GA1.1.1490938994.1670530864

search
                                         190.14.39.151
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Thu, 08 Dec 2022 20:21:06 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  urlquery:
    - Phishing - Deniz Bank
    - Phishing - Deniz Bank
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 10:05:37 GMT
age: 36934
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10164
Md5:    3d44d17585c9a536c8da0e75ed90d175
Sha1:   9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
Sha256: 6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7