urlquery - report: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/

Overview

URL	https://mturkiye-gov-tr-guvenli-aidat-iade.ml/
IP	20.208.40.95
ASN	MICROSOFT-CORP-MSN-AS-BLOCK
Location	Switzerland
Report completed	2022-07-07 01:12:55 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

Added / Verified	Severity	Host	Comment
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)
2022-07-06	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	E-Devlet (Turkey)

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-07	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/	Phishing
2022-07-07	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/files/form-progress.svg	Phishing
2022-07-07	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/files/btnRight.svg	Phishing
2022-07-07	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/files/btnLeft.svg	Phishing
2022-07-07	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/files/jcryption.js	Phishing
2022-07-07	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/files/jquery-3.4.1.min.js	Phishing
2022-07-07	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/datach.php?ip=91.90.42.154	Phishing
2022-07-07	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/datach.php?ip=91.90.42.154	Phishing
2022-07-07	2	mturkiye-gov-tr-guvenli-aidat-iade.ml/datach.php?ip=91.90.42.154	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (14)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	kit.fontawesome.com (1)	1868	2019-03-29 02:12:52 UTC	2022-07-06 04:56:05 UTC	104.18.23.52
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-06 04:47:23 UTC	54.148.90.190
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-06 17:02:11 UTC	34.120.237.76
[Mnemonic Passive DNS]	mturkiye-gov-tr-guvenli-aidat-iade.ml (12)	0	No data	No data	20.208.40.95	Unknown ranking
[Mnemonic Passive DNS]	fonts.googleapis.com (1)	8877	2017-01-30 04:59:43 UTC	2019-10-16 05:12:41 UTC	216.58.211.10
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-07-06 19:05:02 UTC	93.184.220.29
[Mnemonic Passive DNS]	r3.o.lencr.org (7)	344	2020-12-02 08:52:13 UTC	2022-07-06 04:41:34 UTC	23.36.77.32
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-06 04:55:23 UTC	54.230.111.14
[Mnemonic Passive DNS]	ajax.googleapis.com (1)	12905	2017-01-30 05:00:30 UTC	2019-10-16 05:01:16 UTC	142.250.74.42
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.7
[Mnemonic Passive DNS]	ocsp.pki.goog (5)	175	2017-06-14 07:23:31 UTC	2022-07-06 04:42:12 UTC	142.250.74.3
[Mnemonic Passive DNS]	fonts.gstatic.com (1)	0	2017-01-30 04:59:51 UTC	2022-07-06 04:41:59 UTC	142.250.74.163	Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS]	ocsp.globalsign.com (1)	2075	2012-05-25 06:20:55 UTC	2022-07-06 04:55:58 UTC	151.101.86.133

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 20.208.40.95

Date	UQ / IDS / BL	URL	IP
2022-08-18 13:11:34 +0000	0 - 0 - 2	mturkiye-gov-tr-guvenli-iade-sistemi.ml/	20.208.40.95
2022-07-19 15:07:06 +0000	0 - 0 - 15	mturkiyegov-online-geri-iade-sistemi.ml/	20.208.40.95
2022-07-17 22:20:57 +0000	0 - 0 - 14	https://mturkiyegov-online-geri-iade-portali.ml/	20.208.40.95
2022-07-17 22:20:40 +0000	0 - 0 - 11	https://mturkiyegov-online-geri-iade-portali.cf/	20.208.40.95
2022-07-17 22:20:17 +0000	0 - 0 - 20	https://mturkiyegov-geri-iade-sistemim.gq/	20.208.40.95
2022-07-17 22:19:17 +0000	0 - 0 - 9	https://mturkiyegov-online-geri-iade-sistemi.ml/	20.208.40.95
2022-07-17 22:17:39 +0000	0 - 0 - 19	https://mturkiyegov-online-iade-sistemim.gq/	20.208.40.95
2022-07-17 19:34:17 +0000	0 - 0 - 14	https://mturkiyegov-online-geri-iade-portali.ml/	20.208.40.95
2022-07-17 19:33:59 +0000	0 - 0 - 12	https://mturkiyegov-online-geri-iade-portali.cf/	20.208.40.95
2022-07-17 19:33:37 +0000	0 - 0 - 13	https://mturkiyegov-geri-iade-sistemim.gq/	20.208.40.95

Last 10 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK

Date	UQ / IDS / BL	URL	IP
2022-08-20 05:04:46 +0000	0 - 0 - 9	coinase-log.azurewebsites.net/	20.118.48.8
2022-08-20 05:04:45 +0000	0 - 0 - 9	coinase-log.azurewebsites.net/	20.118.48.8
2022-08-20 04:39:34 +0000	0 - 0 - 9	auth-web2fa.dvrlists.com/	20.114.231.246
2022-08-20 04:25:57 +0000	0 - 0 - 4	livetrack.in/EmployeeMasterImages/qace.jpg	52.172.211.121
2022-08-20 03:35:53 +0000	0 - 0 - 9	auth-web2fa.dvrlists.com/	20.114.231.246
2022-08-20 02:05:09 +0000	0 - 0 - 2	pncssecure.tk/login.php	20.24.19.179
2022-08-20 01:33:41 +0000	0 - 0 - 9	www.x3p6j.net/	20.187.83.107
2022-08-20 00:47:58 +0000	0 - 0 - 2	https://healthydiet4all.com/word/custom_templ (...)	52.166.136.210
2022-08-20 00:42:40 +0000	0 - 0 - 2	cn1.ab101.cc/	52.246.141.111
2022-08-19 23:01:09 +0000	0 - 0 - 4	livetrack.in/EmployeeMasterImages/qace.jpg	52.172.211.121

Last 3 reports on domain: mturkiye-gov-tr-guvenli-aidat-iade.ml

Date	UQ / IDS / BL	URL	IP
2022-07-06 21:05:27 +0000	0 - 0 - 23	https://mturkiye-gov-tr-guvenli-aidat-iade.ml/	20.208.40.95
2022-07-06 18:06:33 +0000	0 - 0 - 17	https://mturkiye-gov-tr-guvenli-aidat-iade.ml/	20.208.40.95
2022-07-06 15:12:34 +0000	0 - 0 - 18	https://mturkiye-gov-tr-guvenli-aidat-iade.ml/	20.208.40.95

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (41)

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Thu, 07 Jul 2022 00:56:25 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: qDiCZX3XCjPAsaBYmun4sLjwVTfefE0vBLl_tbq8LHifTGqjx-m7Vg== Age: 977 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666" Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9168 Expires: Thu, 07 Jul 2022 03:45:30 GMT Date: Thu, 07 Jul 2022 01:12:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1bd93fff937cfdc8744b841243b93fd5 Sha1: 240c31be9cdaeb5d1e4f9e3558c812ba007e6d22 Sha256: 78a5dcfaf2d93d9c87cfb6dbc56100e9f22965d4500554ba65f71cb7d84dd666
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "222D7E1E8D24FE2C107A0ECE55BBC11329F875D2AE913FBD733EBEEEBDEE103C" Last-Modified: Tue, 05 Jul 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6703 Expires: Thu, 07 Jul 2022 03:04:25 GMT Date: Thu, 07 Jul 2022 01:12:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5f48f83dbc745cded58ec12bbc1be1bc Sha1: 2c103659ca1042f323993a8cce8d9ae370187a79 Sha256: 222d7e1e8d24fe2c107a0ece55bbc11329f875d2ae913fbd733ebeeebdee103c
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.14 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Wed, 06 Jul 2022 03:26:46 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: NPJLRH_P__kvvAae5JycxNzAV94ftD0IxqpGLo4ZpTb9qyrn_s_rfw== age: 78357 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET / HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text Size: 2779 Md5: ee541730eff524b73c9612da75529e90$ 20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:42 GMT content-type: text/html; charset=UTF-8 content-length: 2779 vary: Accept-Encoding content-encoding: gzip x-powered-by: PHP/8.0.20, PleskLin X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text Size: 2779 Md5: ee541730eff524b73c9612da75529e90 Sha1: b547ac9ddc6baf0e63adb18ffb29bc5d9aad9018 Sha256: ef9fcff828017ef17b095890d3521d56643fe720139b5b9d4a05f2b0505da7b1 Alerts: Blocklists: - openphish: E-Devlet (Turkey) - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:42 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:12:42 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 737decf964c10ece804f79a16c27f8db Sha1: 37ca8f0451d8ecbe91d673d0c2de8f6c119adc82 Sha256: 4ff45d0b28462bd0f6c135fcf8d8887952a4b0bc1badc11bb1b17ddac796891f
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:12:42 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 6f376d1c4b10affe09f9775324590270 Sha1: cb440fe021fe90b2a57b60c60092dc82837655d8 Sha256: 0cb1e0708015efbcdcb66672de2b9bd9d7923508b071166275f66f69b0de5394
GET /ajax/libs/jquery/1.6.4/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32769) Size: 32222 Md5: beb03c9ee6d13748648309584590d515$ 142.250.74.42 HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 32222 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 04 Jul 2022 15:18:32 GMT expires: Tue, 04 Jul 2023 15:18:32 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 208450 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32769) Size: 32222 Md5: beb03c9ee6d13748648309584590d515 Sha1: a491b316cdd4df32dabb7a3a1d85919681911dda Sha256: acec62a91cdd6d2b03731fcc7e988094b3c38c9269276f09f9a842e6433ee008
GET /css?family=Open+Sans&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	216.58.211.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 07 Jul 2022 01:12:43 GMT date: Thu, 07 Jul 2022 01:12:43 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1083 Md5: 60b322360f97657cba0c0a11bbf9c0ec Sha1: cc63b674189228c6e23c75c5a559c21d5df394ad Sha256: fca593da5b56e34ccafe222915872f7da6e57f0186bf8bdf7962529bf4d3bd0a
GET /files/form-progress.svg HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1068), with no line terminators Size: 1068 Md5: d57db381e336134adc11990f2f6863f5$ 20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:42 GMT content-type: image/svg+xml content-length: 1068 last-modified: Wed, 22 Jan 2020 13:58:16 GMT etag: "5e2854f8-42c" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1068), with no line terminators Size: 1068 Md5: d57db381e336134adc11990f2f6863f5 Sha1: 67cfcefdf4c388118a149ad1749274419d1aa553 Sha256: ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2 Alerts: Blocklists: - openphish: E-Devlet (Turkey) - fortinet: Phishing
GET /files/1.png HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: PNG image data, 165 x 40, 8-bit colormap, non-interlaced\012- data Size: 1855 Md5: 7847c396db234c92dc4b1bb4b759c011$ 20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:42 GMT content-type: image/png content-length: 1855 last-modified: Wed, 22 Jan 2020 13:58:16 GMT etag: "5e2854f8-73f" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 165 x 40, 8-bit colormap, non-interlaced\012- data Size: 1855 Md5: 7847c396db234c92dc4b1bb4b759c011 Sha1: cd8357fc05042cb787267f01fe0c38ba6526e0e4 Sha256: b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18 Alerts: Blocklists: - openphish: E-Devlet (Turkey)
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:12:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 6f376d1c4b10affe09f9775324590270 Sha1: cb440fe021fe90b2a57b60c60092dc82837655d8 Sha256: 0cb1e0708015efbcdcb66672de2b9bd9d7923508b071166275f66f69b0de5394
GET /files/btnRight.svg HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/files/giris.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (448), with no line terminators Size: 448 Md5: 88ad4932ed76ce15aa1ebfddd1c20af0$ 20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:43 GMT content-type: image/svg+xml content-length: 448 x-accel-version: 0.01 last-modified: Wed, 22 Jan 2020 20:58:48 GMT etag: "1c0-59cc0ca76f200" accept-ranges: bytes x-powered-by: PleskLin X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (448), with no line terminators Size: 448 Md5: 88ad4932ed76ce15aa1ebfddd1c20af0 Sha1: cc5358add4c962e8903f515362474bd92c2daf21 Sha256: 14e8e481e7afcaae3200f172bd49bf7146ea2a23d3fdf0ba71d5fdbbd0c8c5a4 Alerts: Blocklists: - openphish: E-Devlet (Turkey) - fortinet: Phishing
GET /files/header.png HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: PNG image data, 1280 x 185, 8-bit/color RGBA, non-interlaced\012- data Size: 49215 Md5: 9e2a1c0bcabe7c920122c08bb94c40b6$ 20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:43 GMT content-type: image/png content-length: 49215 last-modified: Sat, 25 Jan 2020 14:02:38 GMT etag: "5e2c4a7e-c03f" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1280 x 185, 8-bit/color RGBA, non-interlaced\012- data Size: 49215 Md5: 9e2a1c0bcabe7c920122c08bb94c40b6 Sha1: 74660a76edfda051874af1141b8c8e6356d94032 Sha256: 25e78364cf34f3b0596135ac8e14bcb4b15b275aa8ed39e11d6453288798b76a Alerts: Blocklists: - openphish: E-Devlet (Turkey)
GET /files/btnLeft.svg HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/files/giris.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (393), with no line terminators Size: 393 Md5: 5a1bb1e91af3b4c72eb2a509af3fe4ce$ 20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:43 GMT content-type: image/svg+xml content-length: 393 x-accel-version: 0.01 last-modified: Wed, 22 Jan 2020 22:22:38 GMT etag: "189-59cc1f646a780" accept-ranges: bytes x-powered-by: PleskLin X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (393), with no line terminators Size: 393 Md5: 5a1bb1e91af3b4c72eb2a509af3fe4ce Sha1: 8b6218cd141ce0b85da3f2b7e09693267711eb10 Sha256: 945f7d25e8f885da3c77668f74ecacefa894dc535ac048f57a56e2b2fc2560df Alerts: Blocklists: - openphish: E-Devlet (Turkey) - fortinet: Phishing
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:12:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 347e2358aa2df71261aeb7a8b1b1f6fe Sha1: fa29c219039d0b2086f21bacbdcedc4469ed1be2 Sha256: 9d29368fcc9aaac6d1858baf2cd321eef3ffb3169dd614e5cfcbd17369998a97
GET /files/jcryption.js HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:42 GMT content-type: application/javascript last-modified: Wed, 22 Jan 2020 13:58:16 GMT etag: W/"5e2854f8-12046" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 19510 Md5: 349d186734836ff248609f6cd7e00d3a Sha1: f3992b0353a5c4d716ab20652e1039454db5dba9 Sha256: 2b46f93822956ce675d56476152abbd9f26cb8295f0c8774336fffc9cc94d27e Alerts: Blocklists: - openphish: E-Devlet (Turkey) - fortinet: Phishing
GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://mturkiye-gov-tr-guvenli-aidat-iade.ml Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data Size: 12956 Md5: 1909967d5e51895484f5c673a6f63e7c$ 142.250.74.163 HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 12956 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 06 Jul 2022 19:58:57 GMT expires: Thu, 06 Jul 2023 19:58:57 GMT cache-control: public, max-age=31536000 age: 18826 last-modified: Wed, 11 May 2022 19:25:09 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data Size: 12956 Md5: 1909967d5e51895484f5c673a6f63e7c Sha1: 96c29ffda44f77bb3e73312aa6569f93689168a4 Sha256: e3d26484862a274c11531b15e625eb52b36842c97f7376fef654372d69565978
GET /files/jquery-3.4.1.min.js HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:42 GMT content-type: application/javascript last-modified: Sun, 15 Mar 2020 15:14:32 GMT etag: W/"5e6e4658-15851" x-powered-by: PleskLin content-encoding: br X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 46617 Md5: 4c5ba265127f37c61331a5546b947e9a Sha1: 177d8f99be3b35fd69823f909f0e4b3cb72ad4c9 Sha256: a6d4efc94d63a4bcdec51aa03a949ee522f8ce78dd08bc472d03fc1c2a7c837c Alerts: Blocklists: - openphish: E-Devlet (Turkey) - fortinet: Phishing
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:12:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 347e2358aa2df71261aeb7a8b1b1f6fe Sha1: fa29c219039d0b2086f21bacbdcedc4469ed1be2 Sha256: 9d29368fcc9aaac6d1858baf2cd321eef3ffb3169dd614e5cfcbd17369998a97
POST /datach.php?ip=91.90.42.154 HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Origin: https://mturkiye-gov-tr-guvenli-aidat-iade.ml Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Cookie: top-menu-state=closed Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Content-Length: 0 TE: trailers	20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:43 GMT content-type: text/html; charset=UTF-8 content-length: 0 x-powered-by: PHP/8.0.20, PleskLin X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - openphish: E-Devlet (Turkey) - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Thu, 07 Jul 2022 00:34:56 GMT Cache-Control: max-age=3600 Expires: Thu, 07 Jul 2022 01:11:40 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: wHwoCt2lzdhy3EqyxOmrtLUVZxRcDAvkZkD4Sfb6Ivn2C7-VGg2_aQ== Age: 2267 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST /gsrsaovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	151.101.86.133 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Expires: Sun, 10 Jul 2022 22:20:07 GMT ETag: "d9191d042ca2858ecd288c909d082e3b928746f0" Last-Modified: Wed, 06 Jul 2022 22:20:07 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 Via: 1.1 varnish, 1.1 varnish Content-Length: 1432 Accept-Ranges: bytes Date: Thu, 07 Jul 2022 01:12:43 GMT Age: 829 Connection: keep-alive X-Served-By: cache-qpg1222-QPG, cache-bma1630-BMA X-Cache: HIT, HIT X-Cache-Hits: 1, 1 X-Timer: S1657156364.697218,VS0,VE1 --- Additional Info --- Magic: data Size: 1432 Md5: e193e15fc8e704b3243d0018daf7f8a1 Sha1: d9191d042ca2858ecd288c909d082e3b928746f0 Sha256: e160870237939938c0ab9021ff61acedaa54c7a97651e2b9375fcd66c0d5b344
GET /files/favicon.png HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Cookie: top-menu-state=closed Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data Size: 27074 Md5: 758401c06ba03339626bacc22e94b802$ 20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:43 GMT content-type: image/png content-length: 27074 last-modified: Sat, 25 Jan 2020 14:09:50 GMT etag: "5e2c4c2e-69c2" x-powered-by: PleskLin accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data Size: 27074 Md5: 758401c06ba03339626bacc22e94b802 Sha1: c2c545832889602ff5af1bdaa7051e10801ad907 Sha256: eeddc36d9c542c9d3ab1be57f637ceee9887c868e9b3d6e337b9d2101bb568fe Alerts: Blocklists: - openphish: E-Devlet (Turkey)
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4137 Cache-Control: 'max-age=158059' Date: Thu, 07 Jul 2022 01:12:43 GMT Last-Modified: Thu, 07 Jul 2022 00:03:46 GMT Server: ECS (ska/F70E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 54a5ebdb4e3b060878632555583e462f Sha1: df627b311d6276eabf36fe1390a8219714839aed Sha256: 5c77d20265a9a328455b745ec5191e036ec35814586c1e6bcd1c8b2de01b3ff2
GET /5c7848169a.js HTTP/1.1 Host: kit.fontawesome.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://mturkiye-gov-tr-guvenli-aidat-iade.ml Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	104.18.23.52 HTTP/2 200 OK date: Thu, 07 Jul 2022 01:12:42 GMT content-type: text/javascript access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token access-control-allow-methods: GET, OPTIONS access-control-allow-origin: * access-control-max-age: 3000 cache-control: max-age=60, public, must-revalidate strict-transport-security: max-age=31536000; preload vary: origin, accept-encoding, access-control-request-headers, access-control-request-method x-request-id: Fv8M4o6aGER_5ow1diwh cf-cache-status: REVALIDATED expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server: cloudflare cf-ray: 726cb6a44a65b506-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 19131 Md5: 65b6e8a5c1da496973138997d6e96190 Sha1: d498a67cd0e1e159abfa8fceaf4041264df637fc Sha256: 52b37ba83020e4989addc47371c7f920e470fed6ddb29207d27ba596efc420de
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: s92LtFl8y6I8oDh2GkxLXw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	54.148.90.190 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 4XG5s/AZc9qHfYWNOeavQjMgr8g= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4905 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:12:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4905 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:12:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4905 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:12:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4905 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:12:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4905 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:12:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0584e039-a479-41c4-ad51-d842dbd32f7c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5198 Md5: cd4e7dda9491e473d4b36a87915a82df$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5198 x-amzn-requestid: f56b5dea-3209-4e32-985e-fbcb45c70e71 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: U0xnWFKCIAMFe2w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c4fc95-159a1632285a681d7478353a;Sampled=0 x-amzn-remapped-date: Wed, 06 Jul 2022 03:08:05 GMT x-amz-cf-pop: SFO20-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: jh8Cn-5251TNBafhSRsz0jUA8md-ZKQpjj_N1YYcUaVnJAYIdFAQ2A== via: 1.1 21e2c668bb54ebb4456425e394c3356a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 03:19:59 GMT age: 78766 etag: "76b2ac44ab4590c5345063d314975f483a61cb1f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5198 Md5: cd4e7dda9491e473d4b36a87915a82df Sha1: 76b2ac44ab4590c5345063d314975f483a61cb1f Sha256: f1e7681478f46029c90d707def4755f3d91a9f0b1d3509008bfca84d84a9634a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf054370-6b80-40cd-a42e-91d4d8e3c37e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7271 Md5: 1d4f4e3ad0f3ca501b797538d0f3aaac$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7271 x-amzn-requestid: 3fa97801-72ce-40f1-9609-10406e6d70ff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UoS0BFjuoAMFw8w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bffe7f-103b3e9a2928a3ed39c62b1b;Sampled=0 x-amzn-remapped-date: Sat, 02 Jul 2022 08:14:55 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: TrgAb-pYFci7r56srzmwDp_mnZ6ApHI6KRaOyrHTYgJHmLcx6iNr1g== via: 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 21:50:30 GMT age: 12135 etag: "949707b56fd4aa6464f5f4a5d52b18ab72d307ff" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7271 Md5: 1d4f4e3ad0f3ca501b797538d0f3aaac Sha1: 949707b56fd4aa6464f5f4a5d52b18ab72d307ff Sha256: 66cf72056531f6151e2e72d48f07f1ba063753316160fe165cb00e125efbca90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1f48beb-da86-42f3-b5da-39fa82b568cb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7249 Md5: 5c958b0c904620aff5f5f8a74f80d9f9$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7249 x-amzn-requestid: 74cbc653-182e-4ef0-9fe5-901ddaa4edaf x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UoBIEGKqIAMFp8Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bfe233-383f73a750696511624ff453;Sampled=0 x-amzn-remapped-date: Sat, 02 Jul 2022 06:14:11 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: BVo4WA3x-2hGSrOBQTIcT5yjiYcdzQby4NDOrnrWpREFtHG5x52Jzg== via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 09:18:45 GMT age: 57240 etag: "2f79d1e28bb827f7fa60b6675dba8022c28a1a3d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7249 Md5: 5c958b0c904620aff5f5f8a74f80d9f9 Sha1: 2f79d1e28bb827f7fa60b6675dba8022c28a1a3d Sha256: 8bba608d028bbb678f021eaca3364856f930069f44b647346e649eca4c383955
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6737 Md5: 44f59062cacc44be268845c493de29de$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6737 x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UeP9ZG93oAMFX6A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw== via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 03:53:29 GMT age: 76756 etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6737 Md5: 44f59062cacc44be268845c493de29de Sha1: 5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2fc71a-842c-433d-8506-e191aa0edcd6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4243 Md5: 4dadb5bd9157f2899ea250117bf6655e$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4243 x-amzn-requestid: 7529aa91-0ea7-442d-a0b7-c3c74f0d5d5b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UthU8HNdoAMFpUw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c215b9-527e994b56eb0630557d6dd5;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 22:18:33 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: DQPLClNEQSPyiJJEq83p-1_lCk1cLIqpXQuPUQA2EzYd4kc0D9ILaw== via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 04:44:24 GMT age: 73701 etag: "5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4243 Md5: 4dadb5bd9157f2899ea250117bf6655e Sha1: 5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3 Sha256: 236f94db1ce5926743b6f0692509ab20c17fca595b5c062133a9d24fc80d6f0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94470e3-8873-4e4e-909a-df8539096335.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12294 Md5: 8b57e1aba0bce88ae13af9ccf60089bd$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 12294 x-amzn-requestid: e6b35bb1-bc6b-4b98-aa16-cff64cf3e4b9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ua_AwHdPIAMFSzQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62baab9e-4659e88772f9e8551e06800a;Sampled=0 x-amzn-remapped-date: Tue, 28 Jun 2022 07:19:58 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: EWsndyPnvdV629tcpvI0HUzSA6Ocbb0acwQ6v5i0VWoEeGIKaF7fcw== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 21:59:49 GMT age: 11576 etag: "7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12294 Md5: 8b57e1aba0bce88ae13af9ccf60089bd Sha1: 7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7 Sha256: 84a48013d8c91a7ae77719feb3d5996409197bdafe93a9e6deb02dbeffe0cb4b
POST /datach.php?ip=91.90.42.154 HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Origin: https://mturkiye-gov-tr-guvenli-aidat-iade.ml Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Cookie: top-menu-state=closed Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Content-Length: 0 TE: trailers	20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:46 GMT content-type: text/html; charset=UTF-8 content-length: 0 x-powered-by: PHP/8.0.20, PleskLin X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - openphish: E-Devlet (Turkey) - fortinet: Phishing
POST /datach.php?ip=91.90.42.154 HTTP/1.1 Host: mturkiye-gov-tr-guvenli-aidat-iade.ml User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Origin: https://mturkiye-gov-tr-guvenli-aidat-iade.ml Connection: keep-alive Referer: https://mturkiye-gov-tr-guvenli-aidat-iade.ml/ Cookie: top-menu-state=closed Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Content-Length: 0 TE: trailers	20.208.40.95 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:12:49 GMT content-type: text/html; charset=UTF-8 content-length: 0 x-powered-by: PHP/8.0.20, PleskLin X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - openphish: E-Devlet (Turkey) - fortinet: Phishing