r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2706
Expires: Mon, 27 Mar 2023 14:35:22 GMT
Date: Mon, 27 Mar 2023 13:50:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4506
Expires: Mon, 27 Mar 2023 15:05:22 GMT
Date: Mon, 27 Mar 2023 13:50:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9bb70197d53617b5e6889b890dd2ae26
f3e9b8a743de494529baf2d078a622539f965307
a094a13905b7f1cd89475f9c83f9245580d4c3c7228d51d5c16622aec3c6aa45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A094A13905B7F1CD89475F9C83F9245580D4C3C7228D51D5C16622AEC3C6AA45"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3994
Expires: Mon, 27 Mar 2023 14:56:50 GMT
Date: Mon, 27 Mar 2023 13:50:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 27 Mar 2023 13:27:57 GMT
content-type: application/json
age: 1339
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: g/uqLunNtjd1iCiBV5jmnnR51bBOopjGJF01XioBEooFACV5cPfb/OA60Glgfi24vcnd89ziQsI=
x-amz-request-id: C4KC74GVZT0M180E
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 27 Mar 2023 13:01:39 GMT
age: 2917
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 13:50:16 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 27 Mar 2023 13:14:35 GMT
age: 2141
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7898
Expires: Mon, 27 Mar 2023 16:01:55 GMT
Date: Mon, 27 Mar 2023 13:50:17 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1eebd93ef4ace8f93b306d6a46d47288
e968b59494a1ec170444176e4a45733e34289be0
ac364c1480c475154359adb0bd62380d9f51d59d0617c77977001a0eb184d77e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 13:50:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-JV07ZMRWNH
142.250.74.40200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-JV07ZMRWNH
IP 142.250.74.40:0
File type ASCII text, with very long lines (19390)
Hash 396dcf1eeb3e955d220be72aeb1e8504
0c6b164071c0b70968a3563c7094138e014b2986
c64a6b77629d33ad8eeabf6d877d2a1d6ecfd3244ac1a77e548ea9365f507112
GET /gtag/js?id=G-JV07ZMRWNH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 27 Mar 2023 13:50:17 GMT
expires: Mon, 27 Mar 2023 13:50:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1eebd93ef4ace8f93b306d6a46d47288
e968b59494a1ec170444176e4a45733e34289be0
ac364c1480c475154359adb0bd62380d9f51d59d0617c77977001a0eb184d77e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 13:50:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.149.31.172101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.31.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KB9ps/JiaMnaaxl3HXvKJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tknNDg2+my9iUJ9kqWCn081LdPg=
mobildefirsatv2-deniz.top/
190.14.39.154200 OK 134 kB URL HTTP/1.1 mobildefirsatv2-deniz.top/
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (54347)
Size 134 kB (134035 bytes)
Hash 9bbfa858f438e69d2632b553bf7e9658
575ea5d181e4abe8810e804e5501de06752a7d06
3d2c71d089fb824376ceac173e82384a4e51cf377ac121921f1ef1762745214a
GET / HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 13:50:16 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: br
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
mobildefirsatv2-deniz.top/ruxitagentjs_ICA27SVfqrux_10221210805073954.js
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/ruxitagentjs_ICA27SVfqrux_10221210805073954.js
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
GET /ruxitagentjs_ICA27SVfqrux_10221210805073954.js HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/_assets/js/analytics.js
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/_assets/js/analytics.js
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
GET /_assets/js/analytics.js HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/runtime.c298608e9647c69cc550.js
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/runtime.c298608e9647c69cc550.js
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /runtime.c298608e9647c69cc550.js HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/polyfills.e7c27bf15bf48a72de71.js
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/polyfills.e7c27bf15bf48a72de71.js
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
GET /polyfills.e7c27bf15bf48a72de71.js HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/scripts.e8b3c78207fa4f6d6f74.js
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/scripts.e8b3c78207fa4f6d6f74.js
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
GET /scripts.e8b3c78207fa4f6d6f74.js HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/vendor.67eb8a7592425af0ba81.js
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/vendor.67eb8a7592425af0ba81.js
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
GET /vendor.67eb8a7592425af0ba81.js HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/main.c01c0c9a76089d1c0f34.js
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/main.c01c0c9a76089d1c0f34.js
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
GET /main.c01c0c9a76089d1c0f34.js HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
region1.google-analytics.com/g/collect?v=2&tid=G-JV07ZMRWNH>m=45je33m0&_p=371483165&cid=761089455.1679925035&ul=en-us&sr=1280x1024&_s=1&sid=1679925035&sct=1&seg=0&dl=https%3A%2F%2Fmobildefirsatv2-deniz.top%2F&dt=DenizBank%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-JV07ZMRWNH>m=45je33m0&_p=371483165&cid=761089455.1679925035&ul=en-us&sr=1280x1024&_s=1&sid=1679925035&sct=1&seg=0&dl=https%3A%2F%2Fmobildefirsatv2-deniz.top%2F&dt=DenizBank%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-JV07ZMRWNH>m=45je33m0&_p=371483165&cid=761089455.1679925035&ul=en-us&sr=1280x1024&_s=1&sid=1679925035&sct=1&seg=0&dl=https%3A%2F%2Fmobildefirsatv2-deniz.top%2F&dt=DenizBank%20%C4%B0nternet%20Bankac%C4%B1l%C4%B1%C4%9F%C4%B1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mobildefirsatv2-deniz.top
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://mobildefirsatv2-deniz.top
date: Mon, 27 Mar 2023 13:50:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mobildefirsatv2-deniz.top/styles.14f38c16c3244b5492af.css
190.14.39.154200 OK 90 kB URL HTTP/1.1 mobildefirsatv2-deniz.top/styles.14f38c16c3244b5492af.css
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type ASCII text, with very long lines (53193), with CRLF line terminators
Hash f62a7a07d653460c284000ab311dfa6f
8127b5ecb9a4b6502f2e68c9e5edbf3e4146a2ba
96df8f6840491e1dd38a3221ba5fd58aa26ddd947a63f03dec930372c05ec984
Analyzer Verdict Alert openphish Deniz Bank
GET /styles.14f38c16c3244b5492af.css HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 13:50:17 GMT
Server: Apache
Last-Modified: Sun, 26 Mar 2023 19:48:21 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2876
Expires: Mon, 27 Mar 2023 14:38:14 GMT
Date: Mon, 27 Mar 2023 13:50:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2876
Expires: Mon, 27 Mar 2023 14:38:14 GMT
Date: Mon, 27 Mar 2023 13:50:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2876
Expires: Mon, 27 Mar 2023 14:38:14 GMT
Date: Mon, 27 Mar 2023 13:50:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cc79a830964d923d24a45f5ccc9939b
557cc4827414912c41319ad961c14cce71ed4a18
b3b1c73b34057cb6e41920f3d55213ad8c193076525767c051960ec26d17ca3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4775
x-amzn-requestid: 28d0e56d-ed03-4686-bd49-34f193f1c65a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK96KF9coAMFvMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa9da-122cd32a6f23e8442a52464c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:10:18 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: F03oSAwgUrcVqWUUt9uaapaCtWSDLrmDlz142D4DtYYctMpy5nA3qA==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 16:38:20 GMT
age: 76318
etag: "557cc4827414912c41319ad961c14cce71ed4a18"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e999a9d79efe60a30b2942c5f2940294
c3891c43b16521f66eb3a52d83694de2ddd39871
290ed1232883a4ec63ef42c30f40b819983c5544e35261d2d1e0d1e55d0c8b07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12017
x-amzn-requestid: 4f61a0c7-4b18-4289-b47c-eeeff93d873f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ca6yQGNtoAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64210b41-350e4e2425d9606e478872b5;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 03:19:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TCzHm5qTtnAUDSmayc-LLFmDfV7o6PaaYYfVtN_w7cC3o66HCa3DEg==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 03:34:08 GMT
age: 36970
etag: "c3891c43b16521f66eb3a52d83694de2ddd39871"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81c2ee0-b0d8-4d53-8a73-a453a7669c92.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81c2ee0-b0d8-4d53-8a73-a453a7669c92.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e5dfaeb44e65f30874efae17a8fd652
52c517a45e53a4ca5b5783d0364ac0e2606d6970
3752bdf3d574299ccb17ac42d20f940dd1daf48d127889a1d82a55bec82a0436
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd81c2ee0-b0d8-4d53-8a73-a453a7669c92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6623
x-amzn-requestid: 5b246408-bf9c-488d-aee6-7d387115863e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQn4EHJoAMFl3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfafe-686e97b34f7c33862db51515;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:08:47 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Dc5ZpKbzuxe6YqNOtsNpeKShE02r5kg-YX_3gPgeEIgRADZRBL6b4w==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 16:38:20 GMT
age: 76318
etag: "52c517a45e53a4ca5b5783d0364ac0e2606d6970"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22905e8a7c8b1741dd51842c114a6517
c5900fe2396e0ca371c4847af4e96149850c3577
1525f9f39c09370fcb1f58f079f2d741a4c6d13fba26e6dd5b79466153d7685e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10405
x-amzn-requestid: 0b8dad7a-2ec1-4eed-9a2c-06079ed46662
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRi69E9xoAMFiJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d4b79-2f606ac041c5db24583c8d51;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:25 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: qbbEi0tXZLKo6qjrbJMtTHdhWziYrLrgzY1hzt_LrQJoeDDBbJnZBA==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 07:49:08 GMT
age: 21670
etag: "c5900fe2396e0ca371c4847af4e96149850c3577"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 668a8a17a1bb77ea7db7fa23c9df9690
242108539ff8694a3c557d07b2b000e764a77f24
100952573dc9eeba889a77f4d148b646accb99f277035f0607b1c6918f93a358
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10591
x-amzn-requestid: a55b3a74-b9f1-424b-8d53-3f49db443698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CaIOwFW-oAMFgUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6420ba5e-6c3e550d1a899e80394262e6;Sampled=0
x-amzn-remapped-date: Sun, 26 Mar 2023 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: SwHfiMdDkV5eSPbXEVlcIs_k1icXGn7aaScjTgDLyG0Uo_o-K0jIqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:57:30 GMT
age: 57168
etag: "242108539ff8694a3c557d07b2b000e764a77f24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:53:16 GMT
age: 57422
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mobildefirsatv2-deniz.top/sifre.png
190.14.39.154200 OK 2.5 kB URL HTTP/1.1 mobildefirsatv2-deniz.top/sifre.png
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 36x34, components 3\012- data
Hash 116f84727996ddda2d71b3c85cf358ac
a90ef391e339ddafbe5ae9f1f3d7d8d5cbf4a4e8
7ef622314ab427c8beae5b61a48b8e16710531e05406b135c0c5b4e8f1b22e17
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /sifre.png HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Last-Modified: Sun, 26 Mar 2023 19:48:21 GMT
Accept-Ranges: bytes
Content-Length: 2496
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/png
mobildefirsatv2-deniz.top/_assets/img/loading.gif
190.14.39.154200 OK 38 kB URL HTTP/1.1 mobildefirsatv2-deniz.top/_assets/img/loading.gif
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type GIF image data, version 89a, 96 x 96\012- data
Hash a5ac552d6a23421d7697f897729a2def
836cb1e7a61967b762898a3ce32e64ca7713119c
4d54a976b6fa75c73ec219bf5ca96537d46c387c138842fe3d76be0d9e111e0a
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /_assets/img/loading.gif HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Last-Modified: Sun, 26 Mar 2023 19:48:21 GMT
Accept-Ranges: bytes
Content-Length: 37840
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/gif
mobildefirsatv2-deniz.top/user.png
190.14.39.154200 OK 2.3 kB URL HTTP/1.1 mobildefirsatv2-deniz.top/user.png
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 27x34, components 3\012- data
Hash cc0a5532279fefa0f24e6c6a91442acc
1a16230291c3c234087a39fa0314a71591f171fb
97090cea6a2bbb16d13fa490185bc7e25d41935e376d4edfee651c474f466309
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /user.png HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Last-Modified: Sun, 26 Mar 2023 19:48:21 GMT
Accept-Ranges: bytes
Content-Length: 2255
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/png
mobildefirsatv2-deniz.top/_assets/img/enbd.png
190.14.39.154200 OK 3.8 kB URL HTTP/1.1 mobildefirsatv2-deniz.top/_assets/img/enbd.png
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type PNG image data, 186 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 58cf11a4b5f8ebdc29ec2e7b787c8d69
cd2686b1f04cfa4afb69b228fd7177d65e907d32
1b74331ad061c583ad54561f95596a8481b95d863a431fc4daf3a9ee7d151975
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /_assets/img/enbd.png HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Last-Modified: Sun, 26 Mar 2023 19:48:21 GMT
Accept-Ranges: bytes
Content-Length: 3806
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/png
mobildefirsatv2-deniz.top/_assets/img/login/login-footer-logo.svg
190.14.39.154200 OK 1.1 kB URL HTTP/1.1 mobildefirsatv2-deniz.top/_assets/img/login/login-footer-logo.svg
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1863), with CRLF line terminators
Hash 3a8305dfef76f64dca1a4de7066ea009
9e5fce49f044a2739a2134674be7ab005ca46eb3
86a31add81be3d2c16bcd1b32d1d61b0cbabc3ae869eb285c7d87198f7418ec3
GET /_assets/img/login/login-footer-logo.svg HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Last-Modified: Sun, 26 Mar 2023 19:48:21 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 1130
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
mobildefirsatv2-deniz.top/_assets/img/logo-light.svg
190.14.39.154200 OK 7.1 kB URL HTTP/1.1 mobildefirsatv2-deniz.top/_assets/img/logo-light.svg
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1718), with CRLF line terminators
Hash dc9cc08e241b56185e23066c52345007
945d5bfd938b498bb1e5fc943dbca5f539ed2448
44c222a33ebc7bc9a8b65ac1091ac6ad8eeba4a077e24ce33430f5cb11c8bc38
GET /_assets/img/logo-light.svg HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Last-Modified: Sun, 26 Mar 2023 19:48:21 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 7055
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
mobildefirsatv2-deniz.top/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /assets/opensans-regular-webfont.a66a53e7f788b1ab7e41.woff2 HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/assets/opensans-semibold-webfont.1045337df148fc781940.woff2
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/assets/opensans-semibold-webfont.1045337df148fc781940.woff2
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /assets/opensans-semibold-webfont.1045337df148fc781940.woff2 HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /assets/icomoon.6ff42eccb86b1fcbfe3f.woff2?bezj20 HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/assets/opensans-bold-webfont.7b013a3110831768093f.woff2
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/assets/opensans-bold-webfont.7b013a3110831768093f.woff2
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
GET /assets/opensans-bold-webfont.7b013a3110831768093f.woff2 HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /assets/opensans-regular-webfont.d389759376bc2ac55ee9.woff HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /assets/opensans-semibold-webfont.ba28aba0329c0fc0e825.woff HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /assets/opensans-bold-webfont.c04f02eb3292e49d2d4e.woff HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/assets/icomoon.a16e09ed69c51903026e.ttf?bezj20
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/assets/icomoon.a16e09ed69c51903026e.ttf?bezj20
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
GET /assets/icomoon.a16e09ed69c51903026e.ttf?bezj20 HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/assets/icomoon.0014b4e7989bbfeaaef5.woff?bezj20
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/assets/icomoon.0014b4e7989bbfeaaef5.woff?bezj20
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
GET /assets/icomoon.0014b4e7989bbfeaaef5.woff?bezj20 HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/styles.14f38c16c3244b5492af.css
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/_assets/img/appicon.png
190.14.39.154404 Not Found 315 B URL HTTP/1.1 mobildefirsatv2-deniz.top/_assets/img/appicon.png
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /_assets/img/appicon.png HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=3, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mobildefirsatv2-deniz.top/_assets/img/login/bg/autumn.jpg
190.14.39.154200 OK 388 kB URL HTTP/1.1 mobildefirsatv2-deniz.top/_assets/img/login/bg/autumn.jpg
IP 190.14.39.154:0
ASN #52469 Offshore Racks S.A
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1701, components 3\012- data
Size 388 kB (387821 bytes)
Hash 90062fd1b816f53d1f7ddddf1b2d15c4
a0407ae398c54b47de374b9813c8be17ec82bb40
f7278ca494d765eab007679ace9914b237327326d7cd2840660dc8140a8b5542
Analyzer Verdict Alert urlquery phishing Phishing - Deniz Bank
openphish Deniz Bank
GET /_assets/img/login/bg/autumn.jpg HTTP/1.1
Host: mobildefirsatv2-deniz.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mobildefirsatv2-deniz.top/
Cookie: _ga_JV07ZMRWNH=GS1.1.1679925035.1.0.1679925035.0.0.0; _ga=GA1.1.761089455.1679925035
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 13:50:18 GMT
Server: Apache
Last-Modified: Sun, 26 Mar 2023 19:48:21 GMT
Accept-Ranges: bytes
Content-Length: 387821
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5805638-2902-4f40-8b73-ba33d9ca0491.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5805638-2902-4f40-8b73-ba33d9ca0491.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0096dd7b1fa0020a7af8933c7520a42e
cdaab50fa72af06cb6d5ab1b3fd2e86e39f0d995
5a32929dd8fc2ad509b0d95e39531951f51a639dae4e744e25e6404af019802e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5805638-2902-4f40-8b73-ba33d9ca0491.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7014
x-amzn-requestid: f959a37e-f462-4177-a994-649f35dcc580
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CU1_JGXXIAMFtTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e9d2d-592e798168fdfc33048e38f9;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 07:05:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: -6efO_es8A-YyC16MhToxwxiDPhECBXihZDhUSob87PV_jAfoapLEw==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 07:49:56 GMT
age: 21628
etag: "cdaab50fa72af06cb6d5ab1b3fd2e86e39f0d995"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2