Report - xn--edevletkapn-8zb.com/

Report Overview

Submitted URL
xn--edevletkapn-8zb.com/
IP
52.178.131.237
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-11-28 07:08:11
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ka-f.fontawesome.com	3598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	16 kB	172.64.202.28
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
xn--edevletkapn-8zb.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.1 kB	322 kB	52.178.131.237
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	32 kB	216.58.207.195
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.1.35
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.3 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
kit.fontawesome.com	1868	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	4.9 kB	104.18.23.52
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.9 kB	104.18.20.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	337 B	1.4 kB	34.102.187.140
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	33 kB	142.250.74.10
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	51 kB	142.250.74.10
static.turkiye.gov.tr	804631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	788 B	16 kB	94.55.118.37

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)
2022-11-27	medium	xn--edevletkapn-8zb.com/	E-Devlet (Turkey)

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	xn--edevletkapn-8zb.com/	Phishing
2022-11-28	medium	xn--edevletkapn-8zb.com/files/jquery-3.4.1.min.js	Phishing
2022-11-28	medium	xn--edevletkapn-8zb.com/files/header.js	Phishing
2022-11-28	medium	xn--edevletkapn-8zb.com/files/giris.js	Phishing
2022-11-28	medium	xn--edevletkapn-8zb.com/files/jcryption.js	Phishing
2022-11-28	medium	xn--edevletkapn-8zb.com/files/common.js	Phishing
2022-11-28	medium	xn--edevletkapn-8zb.com/files/form-progress.svg	Phishing
2022-11-28	medium	xn--edevletkapn-8zb.com/files/btnRight.svg	Phishing
2022-11-28	medium	xn--edevletkapn-8zb.com/datach.php?ip=91.90.42.154	Phishing
2022-11-28	medium	xn--edevletkapn-8zb.com/datach.php?ip=91.90.42.154	Phishing
2022-11-28	medium	xn--edevletkapn-8zb.com/datach.php?ip=91.90.42.154	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	xn--edevletkapn-8zb.com/files/jquery-3.4.1.min.js	88 kB	2023-03-07	2024-04-27
Pretty URL xn--edevletkapn-8zb.com/files/jquery-3.4.1.min.js IP 52.178.131.237 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-27 01:15:23 Times Seen95673 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	xn--edevletkapn-8zb.com/files/giris.js	31 kB	2023-03-07	2024-04-07
Pretty URL xn--edevletkapn-8zb.com/files/giris.js IP 52.178.131.237 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:09 Last Seen2024-04-07 06:33:16 Times Seen109 Hash e5b10243a092c13103f40d0a5f19b516 20db3b87ff692269682de29c5fd40f4ca214b0d3 e22f2b7eb9103702312bb2c6e5bea4c3958319268bd4ddfd3fa1236f41223614 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 01:23:46 Times Seen37107390 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	kit.fontawesome.com/5c7848169a.js	11 kB	2023-03-07	2023-03-29
Pretty URL kit.fontawesome.com/5c7848169a.js IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:09 Last Seen2023-03-29 23:11:33 Times Seen11 Hash 48abfa8dd4e730a37e933912ee5538c1 7b30ad17328679a009e0ce4d75994c7f726a2fec 5229f5c67315667454f72b14633713ed315ef924ff77fa421f11cff23b99128f Loading...

	xn--edevletkapn-8zb.com/	170 B	2023-03-07	2023-08-20
Pretty URL xn--edevletkapn-8zb.com/ IP 52.178.131.237 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:09 Last Seen2023-08-20 13:05:02 Times Seen24 Hash 4d5a4b53e791f7ae4955d020914b16b9 faf8391d5313a07c69883298b0c3cc41c7ca8b2c 0ea34f489b63ce4732bbbc3230f7ce8e8e82c8d9792205f960ed61d6fcac9a65 Loading...

	xn--edevletkapn-8zb.com/files/header.js	9.9 kB	2023-03-07	2024-04-07
Pretty URL xn--edevletkapn-8zb.com/files/header.js IP 52.178.131.237 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:09 Last Seen2024-04-07 06:33:16 Times Seen95 Hash fbc41b7ed2f3465b0a5b1537f9698a34 7654752713d95fb7b2a59ba6876ef592cabbb1c0 b368506469f3d6988946739e1986634f35c9b2c90aad793a5271ac72d132690f Loading...

	xn--edevletkapn-8zb.com/files/jcryption.js	74 kB	2023-03-07	2024-04-07
Pretty URL xn--edevletkapn-8zb.com/files/jcryption.js IP 52.178.131.237 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:09 Last Seen2024-04-07 06:33:16 Times Seen105 Hash 8997094fff36d06072f499554a26655e 41551321eeaad01573e24adbc1a22bff4fcc3a6a a35a423bb7df717794d8b791af03962cf38106dafbcbff01b5a98bf63e76e4ae Loading...

	xn--edevletkapn-8zb.com/	1.3 kB	2023-03-07	2023-08-20
Pretty URL xn--edevletkapn-8zb.com/ IP 52.178.131.237 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:09 Last Seen2023-08-20 13:05:02 Times Seen5 Hash f4bcd64db3256152576daca8d71ba423 9da0ef8bd33849624cec19cc8fcbad452f4eaced 7fe264929a7de2d2a43e0012d7d2d459e7866d47c79a2ee8ce20a7a3ed22fd00 Loading...

HTTP Transactions (53)

URL IP Response Size

xn--edevletkapn-8zb.com/

52.178.131.237

200 OK

2.8 kB

URL HTTP/1.1
xn--edevletkapn-8zb.com/
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.8 kB (2779 bytes)
Hash
ee541730eff524b73c9612da75529e90
b547ac9ddc6baf0e63adb18ffb29bc5d9aad9018
ef9fcff828017ef17b095890d3521d56643fe720139b5b9d4a05f2b0505da7b1

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2779
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PleskLin

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3955
Expires: Mon, 28 Nov 2022 08:13:55 GMT
Date: Mon, 28 Nov 2022 07:08:00 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5666
Cache-Control: max-age=104259
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:08:00 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:05:39 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 06:17:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3015
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4901
Expires: Mon, 28 Nov 2022 08:29:42 GMT
Date: Mon, 28 Nov 2022 07:08:01 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: nHHrOoAdX0lrENtxAaaC5MpM2n9xb7chIJk6gOqFLmXVjbgf3YOSWaAJqqikP2nYWOqNhMrC07Poy/FL4V3vXQ==
x-amz-request-id: D4M0954AKWRBDAJ6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 06:41:57 GMT
age: 1564
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 07:08:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
35943f9e7b154185ec2aa7052872d310
4fd76a688a3d62ff39f2bd1a2508a7ab5b146e7c
276b9f8ee48e3f9382ba7701bfb1d29d9f9372a4bc9562900e2df4d10cd871c9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1827
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:08:01 GMT
Etag: "638352db-1d7"
Last-Modified: Mon, 28 Nov 2022 06:37:34 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

xn--edevletkapn-8zb.com/files/jquery-3.4.1.min.js

52.178.131.237

200 OK

31 kB

URL HTTP/1.1
xn--edevletkapn-8zb.com/files/jquery-3.4.1.min.js
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65451)
Size
31 kB (30908 bytes)
Hash
70ae57c52553459fc7e2740d86e28d43
905b3ee7cd29abbfbd21bd4e48a0de2890e8e5c3
5663ddb0bccc63ab7f656836cc2224cca38d7466a38b64ae5b1e758615821778

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)
fortinet	Phishing

HTTP Headers

GET /files/jquery-3.4.1.min.js HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: application/javascript
Last-Modified: Sun, 15 Mar 2020 14:14:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e6e3848-15851"
X-Powered-By: PleskLin
Content-Encoding: gzip

xn--edevletkapn-8zb.com/files/header.js

52.178.131.237

200 OK

4.2 kB

URL HTTP/1.1
xn--edevletkapn-8zb.com/files/header.js
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, ASCII text, with very long lines (9932), with no line terminators
Size
4.2 kB (4220 bytes)
Hash
00ff3cb723337f6c455d429d8d4b3323
a85dc4f76436b35516442e7621f8e6eacc112fcf
14b475afd212ddbb6ff111f2e34d40eabf497dca9d808d6e8b9d89ea6926ec61

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)
fortinet	Phishing

HTTP Headers

GET /files/header.js HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Jan 2020 19:49:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e28a750-26cc"
X-Powered-By: PleskLin
Content-Encoding: gzip

xn--edevletkapn-8zb.com/files/giris.css

52.178.131.237

200 OK

6.9 kB

URL HTTP/1.1
xn--edevletkapn-8zb.com/files/giris.css
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (41310), with no line terminators
Size
6.9 kB (6872 bytes)
Hash
ce8a008584b37b0ad45ea3a2a2a5106d
e3745ec786ed011a9f821e8c4a9225a1224a9754
ec87ae6f8e693c8008b4b0d8f5cf0cc789056e445cb798656545744634aa289a

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)

HTTP Headers

GET /files/giris.css HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: text/css
Last-Modified: Wed, 22 Jan 2020 21:22:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e28bd22-a15e"
X-Powered-By: PleskLin
Content-Encoding: gzip

xn--edevletkapn-8zb.com/files/giris.js

52.178.131.237

200 OK

8.5 kB

URL HTTP/1.1
xn--edevletkapn-8zb.com/files/giris.js
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, Unicode text, UTF-8 text, with very long lines (30875), with no line terminators
Size
8.5 kB (8500 bytes)
Hash
cad7a151394e386abcdca965bb8b4a70
e7c1f472c6a6e43b080da61187d39c78052e9889
258ade2d1a75910cf3ba10ecea479da47a3efaf4b8a5fa0314bbece9fdafb62b

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)
fortinet	Phishing

HTTP Headers

GET /files/giris.js HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Jan 2020 21:19:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e28bc44-78ac"
X-Powered-By: PleskLin
Content-Encoding: gzip

xn--edevletkapn-8zb.com/files/base.css

52.178.131.237

200 OK

19 kB

URL HTTP/1.1
xn--edevletkapn-8zb.com/files/base.css
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
19 kB (19052 bytes)
Hash
17571551b10a57a439ed0880a1151fdc
dcb54bd8f38c053b8fba8010f1db9eba010a6e18
b01a0fc84b4e7ad6a267a2f21599173d0d901a534d64bf4efee36872392edee9

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)

HTTP Headers

GET /files/base.css HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: text/css
Last-Modified: Wed, 22 Jan 2020 13:34:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e284f4c-1caed"
X-Powered-By: PleskLin
Content-Encoding: gzip

xn--edevletkapn-8zb.com/files/jcryption.js

52.178.131.237

200 OK

19 kB

URL HTTP/1.1
xn--edevletkapn-8zb.com/files/jcryption.js
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text
Size
19 kB (19338 bytes)
Hash
46ad86f63cf36b18996ad3ef7999edd2
e9596d10da8318814ddfdddf7f2134607023d286
761b3661e0535c3c7424122c0436174efee8a318ff7e9a20023547b33a98e388

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)
fortinet	Phishing

HTTP Headers

GET /files/jcryption.js HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Jan 2020 12:58:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e2846e8-12046"
X-Powered-By: PleskLin
Content-Encoding: gzip

ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js

142.250.74.10

200 OK

32 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32769)
Size
32 kB (32222 bytes)
Hash
beb03c9ee6d13748648309584590d515
a491b316cdd4df32dabb7a3a1d85919681911dda
acec62a91cdd6d2b03731fcc7e988094b3c38c9269276f09f9a842e6433ee008

HTTP Headers

GET /ajax/libs/jquery/1.6.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32222
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:18:21 GMT
expires: Fri, 24 Nov 2023 05:18:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 352180
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

xn--edevletkapn-8zb.com/files/common.js

52.178.131.237

200 OK

197 kB

URL HTTP/1.1
xn--edevletkapn-8zb.com/files/common.js
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65475)
Size
197 kB (196669 bytes)
Hash
c83460ef29820262f5d785fa29607c99
93eaeb33900a071ea09b44f6f5fc7c6c366c4bfd
4427cda56736c4bdd1ee27045783a18ad94e9ca897715891735af2667f0bfee1

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)
fortinet	Phishing

HTTP Headers

GET /files/common.js HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Jan 2020 12:58:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e2846e8-a562a"
X-Powered-By: PleskLin
Content-Encoding: gzip

xn--edevletkapn-8zb.com/files/form-progress.svg

52.178.131.237

200 OK

631 B

URL HTTP/1.1
xn--edevletkapn-8zb.com/files/form-progress.svg
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1068), with no line terminators
Size
631 B (631 bytes)
Hash
32dbcc2798ed2d10b20992858e839903
3f820282c298b7a13ade1d42b4626f2e402ba78d
a5902ddf66d530c3e52dbf7953737ec38f9ab9604b195becd3b00fab73da65df

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)
fortinet	Phishing

HTTP Headers

GET /files/form-progress.svg HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 22 Jan 2020 12:58:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e2846e8-42c"
X-Powered-By: PleskLin
Content-Encoding: gzip

xn--edevletkapn-8zb.com/files/1.png

52.178.131.237

200 OK

1.9 kB

URL HTTP/1.1
xn--edevletkapn-8zb.com/files/1.png
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 165 x 40, 8-bit colormap, non-interlaced\012- data
Size
1.9 kB (1855 bytes)
Hash
7847c396db234c92dc4b1bb4b759c011
cd8357fc05042cb787267f01fe0c38ba6526e0e4
b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)

HTTP Headers

GET /files/1.png HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: image/png
Content-Length: 1855
Last-Modified: Wed, 22 Jan 2020 12:58:16 GMT
Connection: keep-alive
ETag: "5e2846e8-73f"
X-Powered-By: PleskLin
Accept-Ranges: bytes

fonts.googleapis.com/css?family=Open+Sans&display=swap

142.250.74.10

200 OK

50 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
50 kB (49830 bytes)
Hash
0106386e7cec0ea31f7e20d291a72b60
a7ded15e4bd493e19661f05a0c5ccc57693e1f01
22047a8be88e54e63a4fc0326164f2f3e71bed47ce02ff3b28770122eb6cc272

HTTP Headers

GET /css?family=Open+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 07:08:01 GMT
date: Mon, 28 Nov 2022 07:08:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

xn--edevletkapn-8zb.com/files/btnRight.svg

52.178.131.237

200 OK

304 B

URL HTTP/1.1
xn--edevletkapn-8zb.com/files/btnRight.svg
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (448), with no line terminators
Size
304 B (304 bytes)
Hash
fecddf04a119cec8d1511f6d512c1521
cd3a6a85e6190ef739cd7782ac6a09a52341b1ee
a370f2646d757955c8a1c3aa3cd1e4191e7fdcd2e5e89875222cce0b08b62ab7

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)
fortinet	Phishing

HTTP Headers

GET /files/btnRight.svg HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/files/giris.css

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Wed, 22 Jan 2020 19:58:48 GMT
ETag: W/"1c0-59cbff3e34e00"
X-Powered-By: PleskLin
Content-Encoding: gzip

kit.fontawesome.com/5c7848169a.js

104.18.23.52

200 OK

4.3 kB

URL HTTP/2
kit.fontawesome.com/5c7848169a.js
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10594)
Size
4.3 kB (4269 bytes)
Hash
b427db5a583b8f9ac0c66f8db0c4adc2
da52f57f89d49ad26338c02cc3ab81a6769d2742
642e7f5702d9d049f23c5f0fcb829f1770f393cbfe5a0663619df230ccd8f11b

HTTP Headers

GET /5c7848169a.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xn--edevletkapn-8zb.com
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:08:01 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyuElf-KF5ROrAdeNxah
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7711451b5ddfb50c-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://xn--edevletkapn-8zb.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:53:39 GMT
expires: Tue, 21 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 562462
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12972, version 1.0\012- data
Size
13 kB (12972 bytes)
Hash
f155ae6c5a655f05edb86445bd7e8d76
23115e9e59853e36044ae725d809759b7e8fa5f2
140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://xn--edevletkapn-8zb.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:15 GMT
expires: Fri, 24 Nov 2023 21:46:15 GMT
cache-control: public, max-age=31536000
age: 292906
last-modified: Mon, 15 Aug 2022 18:15:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=5c7848169a

172.64.202.28

200 OK

13 kB

URL HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=5c7848169a
IP
172.64.202.28:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (60130)
Size
13 kB (13222 bytes)
Hash
5b55a0f80aeedb4a37c77decaed4f5f9
fc9263e3c1a0c8143bfec9ab270863839cdfa19e
ce6d8bac53381a325c1ec12fced041d5718ad2e86e4afe6849813c546190d6b1

HTTP Headers

GET /releases/v5.15.4/css/free.min.css?token=5c7848169a HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xn--edevletkapn-8zb.com/
Origin: http://xn--edevletkapn-8zb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:08:01 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 271d531da7ba45d7dadd2b5c9f93148c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: UKt9EzSBoANDNSN5ZPLLvRpKvx306WPRBghZ_HUSELxnUB8wMy501w==
age: 22652
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrkDRvnzUQygjfj3C5xL3Y2iDKpsm8yOKpAVhVK5kuIhXhkgfnkdNqqR4KneqBkXrd9RiGvW52rf1OQABSB5bMrvFWb%2FfdcGibl2LO92QPHC9c7KeaL2Y9fhhNOTZ6azNopc2fa7OA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7711451d4e45e664-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:08:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

xn--edevletkapn-8zb.com/datach.php?ip=91.90.42.154

52.178.131.237

200 OK

0 B

URL HTTP/1.1
xn--edevletkapn-8zb.com/datach.php?ip=91.90.42.154
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)
fortinet	Phishing

HTTP Headers

POST /datach.php?ip=91.90.42.154 HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Origin: http://xn--edevletkapn-8zb.com
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/
Cookie: top-menu-state=closed
Content-Length: 0

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PleskLin

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4971
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 07:08:01 GMT
Last-Modified: Mon, 28 Nov 2022 05:45:10 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

xn--edevletkapn-8zb.com/files/favicon.png

52.178.131.237

200 OK

27 kB

URL HTTP/1.1
xn--edevletkapn-8zb.com/files/favicon.png
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (27074 bytes)
Hash
758401c06ba03339626bacc22e94b802
c2c545832889602ff5af1bdaa7051e10801ad907
eeddc36d9c542c9d3ab1be57f637ceee9887c868e9b3d6e337b9d2101bb568fe

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)

HTTP Headers

GET /files/favicon.png HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/
Cookie: top-menu-state=closed

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:01 GMT
Content-Type: image/png
Content-Length: 27074
Last-Modified: Sat, 25 Jan 2020 13:09:50 GMT
Connection: keep-alive
ETag: "5e2c3e1e-69c2"
X-Powered-By: PleskLin
Accept-Ranges: bytes

static.turkiye.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35

94.55.118.37

302 Moved Temporarily

0 B

URL HTTP/1.0
static.turkiye.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35
IP
94.55.118.37:0
ASN
#47524 Turksat Uydu Haberlesme ve Kablo TV Isletme A.S.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /themes/izmir/images/bb-ubak-tsat-black.png?v=1.35 HTTP/1.1
Host: static.turkiye.gov.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/

HTTP/1.0 302 Moved Temporarily
Location: https://static.turkiye.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

push.services.mozilla.com/

35.163.1.35

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.1.35:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ytsTeACMNJ6+gX1ziR4pZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: edDzZxW8YX/IdJZECw11NczxvdY=

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
8e2f2361c524d88f219a2bf7e613a1c3
3ae9ecb502b5c5cdcd03ff5ba13eea84004d7958
215692fc57e25c8d4a29d8b9ccf17b798b84103ac445032c1f75114ec94b7d72

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 07:08:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 02 Dec 2022 05:38:54 GMT
ETag: "3ae9ecb502b5c5cdcd03ff5ba13eea84004d7958"
Last-Modified: Mon, 28 Nov 2022 05:38:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77114520ec6d0b69-OSL

static.turkiye.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35

94.55.118.37

200 OK

15 kB

URL HTTP/1.1
static.turkiye.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35
IP
94.55.118.37:0
ASN
#47524 Turksat Uydu Haberlesme ve Kablo TV Isletme A.S.

File type
PNG image data, 800 x 110, 8-bit colormap, non-interlaced\012- data
Size
15 kB (15120 bytes)
Hash
c60ab750ec8321b9a186658d4157b22c
0edb72858fa9de74d818a2397ef62eb44e495c4c
a4745f259315892f1d3a76a0d8f524729e50ac83d4a8a53deda91970a1bf3dbb

HTTP Headers

GET /themes/izmir/images/bb-ubak-tsat-black.png?v=1.35 HTTP/1.1
Host: static.turkiye.gov.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xn--edevletkapn-8zb.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Last-Modified: Thu, 26 Mar 2020 11:15:11 GMT
ETag: "5e7c8ebf-3b10"
Cache-Control: max-age=315360000, public
Vary: Accept-Encoding, User-Agent
Accept-Ranges: bytes
Connection: Keep-Alive
Date: Mon, 28 Nov 2022 07:05:53 GMT
Expires: Thu, 25 Nov 2032 05:27:17 GMT
Age: 5917
Content-Length: 15120

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 07:08:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 07:08:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 07:08:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 07:08:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 07:08:03 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f14adca-9ca8-4ff4-8a3e-4620f8c1e8f8.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f14adca-9ca8-4ff4-8a3e-4620f8c1e8f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8568 bytes)
Hash
13f4c2b3410532b6c756990f1759da46
16096289cd354fada56dbb3f2d75d406ae8ab62f
9894d998a884f2b5637bd12b0cd3df556835ea7a3134eb0f516fc03e3d31c26c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f14adca-9ca8-4ff4-8a3e-4620f8c1e8f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8568
x-amzn-requestid: da2726a2-20ad-4201-b4e9-3de9be88a485
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7-BHcUIAMFieA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9f3-370921803a9de7e627682c94;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MPWvdL-woEL21aHiMtzg--1Z1p2w9y0XTGxb445LyuMVlWTp4nsMQw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:16:30 GMT
age: 31893
etag: "16096289cd354fada56dbb3f2d75d406ae8ab62f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6263 bytes)
Hash
b24e349e9d22fb30fbc80497b512cead
c033d1ecdb9e7640f3df044e39053bed8292fcbc
2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X6t2ucU4VTXi5XIRLVpmTMxEW3MtinOQs3mIHIhgeW6aK6kN53dWEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:18 GMT
age: 33405
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7556 bytes)
Hash
7e5051d8c06f69e1842a9295ce256a36
1a542a53ba0b1cd0fb23257ebed8166555f16dfb
a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 70UuQl2XCoplrZYENrKleE2mcvB-xP9zZGs8Tuh21NidSiHvA97sXw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 33414
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10119 bytes)
Hash
15bd53848c7082464273007e010c54e0
9a3ca698ca1aeae695923277ed2244465e01a1ea
36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _jTN1lFL0_PS-9DYgE6O2V6s6AYnlGJs0xCEHn761Mxq_asytlaRoQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:40 GMT
age: 33383
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 32777
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4708 bytes)
Hash
4060284252d32701c42e2df4a83970a0
a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da
53eca0f8435d6e2e62962ef80d4597afad2773a582746d523f7f5d30c3e07b8e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4708
x-amzn-requestid: 6efd15cd-c944-42e7-8142-01360fbe4a25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JFbXIAMFc_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3c7d91eb7a2f3a9669f89d88;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6FSZ3Zw-s95LlrU3skAr5_g6m36c9SQ9_6vA3HFbMKYTTFzJRBJ76w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:26:43 GMT
age: 31280
etag: "a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

xn--edevletkapn-8zb.com/datach.php?ip=91.90.42.154

52.178.131.237

200 OK

0 B

URL HTTP/1.1
xn--edevletkapn-8zb.com/datach.php?ip=91.90.42.154
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)
fortinet	Phishing

HTTP Headers

POST /datach.php?ip=91.90.42.154 HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Origin: http://xn--edevletkapn-8zb.com
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/
Cookie: top-menu-state=closed
Content-Length: 0

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PleskLin

xn--edevletkapn-8zb.com/datach.php?ip=91.90.42.154

52.178.131.237

200 OK

0 B

URL HTTP/1.1
xn--edevletkapn-8zb.com/datach.php?ip=91.90.42.154
IP
52.178.131.237:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	E-Devlet (Turkey)
fortinet	Phishing

HTTP Headers

POST /datach.php?ip=91.90.42.154 HTTP/1.1
Host: xn--edevletkapn-8zb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Origin: http://xn--edevletkapn-8zb.com
Connection: keep-alive
Referer: http://xn--edevletkapn-8zb.com/
Cookie: top-menu-state=closed
Content-Length: 0

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 07:08:07 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PleskLin

ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=5c7848169a

172.64.202.28

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=5c7848169a
IP
172.64.202.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/free-v4-shims.min.css?token=5c7848169a HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xn--edevletkapn-8zb.com/
Origin: http://xn--edevletkapn-8zb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:08:01 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76cca2ef798b9dc955bb151bf3bff218.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: bhBhza9YcnF66lF7FuqtTKSUBYgaJC_Y-hXG3R6JRK-U_EPYrnJfWg==
age: 22652
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mp9ihux%2Bqj1h0U3esAs7EFpWD5TO5TrJ%2BdCFmILBlpUlB%2B3DN5BNpMFYDl6vvZ445EPVxa4%2FwM%2Fjry24joo4qdXaddN2Qw8g0vq%2Fi7jSywfusgJ%2BayjeBX1xJ3jAfpd%2BTy%2BmBa6WBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7711451d4e4de664-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=5c7848169a

172.64.202.28

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=5c7848169a
IP
172.64.202.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=5c7848169a HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xn--edevletkapn-8zb.com/
Origin: http://xn--edevletkapn-8zb.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 07:08:01 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f4a10a427389f99f2e380b2534640430.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: tats-eu2Y-pIMlyNT7hWy61LlcMPSgxJ-bScmAptM-DRy6bpR4L2FQ==
age: 22652
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNsCYCNeuz0gX786ncoXL6buULjRUJA3L465kLrG7DR25mumOYxaVq4b6AtJDqJtOHkcpY9skH8sfiI3ogPd06mVKdoij25YtGU1suIRAW9Z%2FwbhsBKQCUws2ben%2FTUuw7NViKG7Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7711451d4e4ae664-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (53)

URL HTTP/1.1