Overview

URL www.edevlet2022iade.com/
IP92.205.9.165
ASNHost Europe GmbH
Location France
Report completed2022-09-25 20:44:58 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
2022-09-25 2 www.edevlet2022iade.com/ E-Devlet (Turkey)
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-25 2 www.edevlet2022iade.com/ Phishing
2022-09-25 2 www.edevlet2022iade.com/files/jquery-3.4.1.min.js Phishing
2022-09-25 2 www.edevlet2022iade.com/files/header.js Phishing
2022-09-25 2 www.edevlet2022iade.com/files/giris.js Phishing
2022-09-25 2 www.edevlet2022iade.com/files/jcryption.js Phishing
2022-09-25 2 www.edevlet2022iade.com/files/form-progress.svg Phishing
2022-09-25 2 www.edevlet2022iade.com/files/common.js Phishing
2022-09-25 2 www.edevlet2022iade.com/files/btnRight.svg Phishing
2022-09-25 2 www.edevlet2022iade.com/datach.php?ip=91.90.42.154 Phishing
2022-09-25 2 www.edevlet2022iade.com/datach.php?ip=91.90.42.154 Phishing
2022-09-25 2 www.edevlet2022iade.com/datach.php?ip=91.90.42.154 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-25 04:51:16 UTC 34.117.237.239
mnemonic passive DNS www.edevlet2022iade.com (16) 0 2022-09-24 21:49:44 UTC 2022-09-25 15:34:42 UTC 92.205.9.165 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-25 11:34:24 UTC 143.204.55.115
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-25 05:42:52 UTC 143.204.55.110
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-09-25 12:15:08 UTC 93.184.220.29
mnemonic passive DNS ajax.googleapis.com (1) 12905 2014-10-18 20:16:48 UTC 2022-09-25 17:08:10 UTC 216.58.207.234
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-25 17:41:56 UTC 142.250.74.10
mnemonic passive DNS static.turkiye.gov.tr (2) 804631 2014-01-16 08:07:38 UTC 2022-09-18 20:49:31 UTC 94.55.118.37
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-25 05:23:09 UTC 104.18.21.226
mnemonic passive DNS kit.fontawesome.com (1) 1868 2019-03-29 02:12:52 UTC 2022-09-25 08:07:45 UTC 104.18.22.52
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-25 04:54:16 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-25 04:49:39 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-25 04:26:31 UTC 34.120.237.76
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-25 05:07:25 UTC 35.82.48.240
mnemonic passive DNS ka-f.fontawesome.com (3) 3598 2019-12-17 06:36:13 UTC 2022-09-25 11:13:40 UTC 172.64.203.28


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 92.205.9.165

Date UQ / IDS / BL URL IP
2022-09-25 20:44:58 +0000
0 - 0 - 27 www.edevlet2022iade.com/ 92.205.9.165

Last 5 reports on ASN: Host Europe GmbH

Date UQ / IDS / BL URL IP
2022-12-05 20:24:01 +0000
0 - 0 - 1 hoskyachts.com/ 92.205.5.33
2022-12-05 18:36:02 +0000
12 - 0 - 2 pagmi.net/css/ae/domain/clients/cc.php?verifi (...) 92.205.3.122
2022-12-05 16:29:07 +0000
0 - 0 - 2 btcnations.eu/login.php 92.204.221.14
2022-12-05 09:36:35 +0000
12 - 0 - 2 pagmi.net/css/ae/domain/clients/cc.php?verifi (...) 92.205.3.122
2022-12-05 03:31:52 +0000
0 - 0 - 2 www.opus.art/transact.nzta.govt.nz 92.205.14.36

Last 1 reports on domain: edevlet2022iade.com

Date UQ / IDS / BL URL IP
2022-09-25 20:44:58 +0000
0 - 0 - 27 www.edevlet2022iade.com/ 92.205.9.165

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-02 12:35:01 +0000
0 - 0 - 13 xn--edevletiadekapnda-pvc.com/ 185.246.220.33
2022-11-29 03:42:33 +0000
0 - 0 - 29 eaidat-ode.tk/ 18.159.37.197
2022-11-29 00:55:56 +0000
0 - 0 - 11 eaidat-ode.tk/ 18.159.37.197
2022-11-28 21:36:53 +0000
0 - 0 - 12 eaidat-ode.tk/ 18.159.37.197
2022-11-28 07:08:11 +0000
0 - 0 - 26 xn--edevletkapn-8zb.com/ 52.178.131.237


JavaScript

Executed Scripts (8)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (46)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 25 Sep 2022 20:44:46 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2787
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   2787
Md5:    16a741cf1da7fb5cbe7f75c7c08aa7c0
Sha1:   64083f410855af7a7cc64943ef98411ae2ad7f80
Sha256: 18bbe9d13b83cfd47a01a99b524227cbccb16ee0b99ac346ae90a41d4237e460

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
    - fortinet: Phishing
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 20:15:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xt5E6h2bmr7YkiUGLchsXCjL4XsANDwbYi-ps8eAOjjIJhTjAzU8Lw==
Age: 1781


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V3J0m1t2HDLeBV9jRoDgKxGddVx96nZ4nbR-YyZw13HQeq5zHWnZvw==
age: 58173
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3796
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 20:44:47 GMT
Last-Modified: Sun, 25 Sep 2022 19:41:31 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /files/jquery-3.4.1.min.js HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Last-Modified: Sun, 15 Mar 2020 18:14:34 GMT
ETag: "1ecde3-15851-5a0e8acb5b680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30677
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30677
Md5:    c65598a79e692c79f732ea0b099f9da7
Sha1:   5459de784144478c4a5088437bf5da4690dbae5f
Sha256: 653cc57da3a15e7ba824119d448c287f3c1a9a0afb400970ed3658d48765984a

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
    - fortinet: Phishing
                                        
                                            GET /files/header.js HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 22 Jan 2020 23:49:36 GMT
ETag: "1ecddf-26cc-59cc32d4b0400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4216
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (9932), with no line terminators
Size:   4216
Md5:    db21f17f469e3035ac13b04386ac0bb3
Sha1:   2e0845f8dc24f2867f98a0d2f10024956a000dc5
Sha256: 5830bfa309af8647755e07e633faeedfb82e1d17e9512b2c62c4fd6903f58624

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
    - fortinet: Phishing
                                        
                                            GET /files/giris.css HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 23 Jan 2020 01:22:42 GMT
ETag: "1ecddd-a15e-59cc47a3e9c80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6738
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  ASCII text, with very long lines (41310), with no line terminators
Size:   6738
Md5:    b5dc1cc4e270fdc0b84fed4fc7df3a04
Sha1:   67780ea585d86cfc743b2cacf25bf473ab169b42
Sha256: 614ba3921547bf86d01bef5267d1d1427c45809f2ee71ada1b5e42d75100f25b

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
                                        
                                            GET /files/giris.js HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 23 Jan 2020 01:19:00 GMT
ETag: "1ecdde-78ac-59cc46d032900-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8476
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (30875), with no line terminators
Size:   8476
Md5:    2fbe73944a30c478f1fc6a80ab1dac99
Sha1:   4ca1fb9b62c7f9aaae5b473ec398abdfe89b8ca5
Sha256: 339a8178aa44b390ec84023fac81d764b6101f853386d831960d3636c67485ba

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/base.css HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 22 Jan 2020 17:34:04 GMT
ETag: "1ecdcd-1caed-59cbdee47fb00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18650
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size:   18650
Md5:    ab3ddd11bebff7ffb8535aab1b10eee6
Sha1:   78874f24ee51d952417ac16a92f063819a67048c
Sha256: 1d07fd1984ed6d9aee6b1041977523440dcda5b42a297191d43e8088f9a99538

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
                                        
                                            GET /files/jcryption.js HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 16:58:18 GMT
ETag: "1ecde2-12046-59cbd6e5e9e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19198
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   19198
Md5:    d453c629621e06780457d2c920496e95
Sha1:   7ab320017282c45a262bd878dfd717a1c07567ee
Sha256: bdadee39c9b22ff9c508799a8ba278d43d9935af15df9df7a10e99a0e7f68a57

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/jquery/1.6.4/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.234
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32222
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 15:18:58 GMT
expires: Tue, 19 Sep 2023 15:18:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 537949
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32769)
Size:   32222
Md5:    beb03c9ee6d13748648309584590d515
Sha1:   a491b316cdd4df32dabb7a3a1d85919681911dda
Sha256: acec62a91cdd6d2b03731fcc7e988094b3c38c9269276f09f9a842e6433ee008
                                        
                                            GET /files/1.png HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 16:58:16 GMT
ETag: "1ecd36-73f-59cbd6e401a00"
Accept-Ranges: bytes
Content-Length: 1855
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 165 x 40, 8-bit colormap, non-interlaced\012- data
Size:   1855
Md5:    7847c396db234c92dc4b1bb4b759c011
Sha1:   cd8357fc05042cb787267f01fe0c38ba6526e0e4
Sha256: b2f75fb62c0bf3c51f8eebc14891cf56976638fda4b0d23f90e2ee6dbd8f3b18

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
                                        
                                            GET /files/form-progress.svg HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 16:58:16 GMT
ETag: "1ecddc-42c-59cbd6e401a00"
Accept-Ranges: bytes
Content-Length: 1068
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1068), with no line terminators
Size:   1068
Md5:    d57db381e336134adc11990f2f6863f5
Sha1:   67cfcefdf4c388118a149ad1749274419d1aa553
Sha256: ff7498da718b1f50faeefae71e24ceadf4575da0692b84c9a1ad359daa1f2ff2

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/common.js HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 22 Jan 2020 16:58:16 GMT
ETag: "1ecdd0-a562a-59cbd6e401a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (65475)
Size:   195153
Md5:    814cc03ad8fda5615e6809ad9dfcc872
Sha1:   8dd26210ee0e19c3c00dcae8252df61ab9ea496f
Sha256: a41766ae7e3d5f001d55e070741220b7ee16df4118549b87781dfb1e33926d1c

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
    - fortinet: Phishing
                                        
                                            GET /files/btnRight.svg HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/files/giris.css

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Last-Modified: Wed, 22 Jan 2020 23:58:50 GMT
ETag: "1ecdcf-1c0-59cc34e506280"
Accept-Ranges: bytes
Content-Length: 448
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (448), with no line terminators
Size:   448
Md5:    88ad4932ed76ce15aa1ebfddd1c20af0
Sha1:   cc5358add4c962e8903f515362474bd92c2daf21
Sha256: 14e8e481e7afcaae3200f172bd49bf7146ea2a23d3fdf0ba71d5fdbbd0c8c5a4

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
    - fortinet: Phishing
                                        
                                            GET /files/header.png HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Last-Modified: Sat, 25 Jan 2020 17:02:38 GMT
ETag: "1ecde0-c03f-59cf9d7640780"
Accept-Ranges: bytes
Content-Length: 49215
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1280 x 185, 8-bit/color RGBA, non-interlaced\012- data
Size:   49215
Md5:    9e2a1c0bcabe7c920122c08bb94c40b6
Sha1:   74660a76edfda051874af1141b8c8e6356d94032
Sha256: 25e78364cf34f3b0596135ac8e14bcb4b15b275aa8ed39e11d6453288798b76a

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
                                        
                                            GET /css?family=Open+Sans&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 20:44:47 GMT
date: Sun, 25 Sep 2022 20:44:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1008
Md5:    2d50c1f051a4cbdfe18ecc0b9f65caf2
Sha1:   9b316c3e9bd318b21ebd558f397886359895403f
Sha256: 927ee5f9ab8a09965d5ebef441091d745557f2f178f0a2b30f83b88e20a0ac48
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.edevlet2022iade.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 18:53:39 GMT
expires: Tue, 19 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 525068
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size:   16740
Md5:    e43b535855a4ae53bd5b07a6eeb3bf67
Sha1:   6507312d9491156036316484bf8dc41e8b52ddd9
Sha256: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
                                        
                                            GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.edevlet2022iade.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 19:07:14 GMT
expires: Tue, 19 Sep 2023 19:07:14 GMT
cache-control: public, max-age=31536000
age: 524253
last-modified: Mon, 15 Aug 2022 18:15:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12972, version 1.0\012- data
Size:   12972
Md5:    f155ae6c5a655f05edb86445bd7e8d76
Sha1:   23115e9e59853e36044ae725d809759b7e8fa5f2
Sha256: 140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 20:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 20:18:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RPbA_zI2qQtHpZjEeiWHehUeZYKQW4KygsBIiYk0XODeqGusE27KhA==
Age: 2430


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /datach.php?ip=91.90.42.154 HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Origin: http://www.edevlet2022iade.com
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/
Cookie: top-menu-state=closed
Content-Length: 0

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
    - fortinet: Phishing
                                        
                                            GET /files/favicon.png HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/
Cookie: top-menu-state=closed

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 25 Sep 2022 20:44:47 GMT
Server: Apache
Last-Modified: Sat, 25 Jan 2020 17:09:50 GMT
ETag: "1ecddb-69c2-59cf9f123d380"
Accept-Ranges: bytes
Content-Length: 27074
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Size:   27074
Md5:    758401c06ba03339626bacc22e94b802
Sha1:   c2c545832889602ff5af1bdaa7051e10801ad907
Sha256: eeddc36d9c542c9d3ab1be57f637ceee9887c868e9b3d6e337b9d2101bb568fe

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6403
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 20:44:47 GMT
Last-Modified: Sun, 25 Sep 2022 18:58:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /themes/izmir/images/bb-ubak-tsat-black.png?v=1.35 HTTP/1.1 
Host: static.turkiye.gov.tr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/

                                         
                                         94.55.118.37
HTTP/1.0 302 Moved Temporarily
                                        
Location: https://static.turkiye.gov.tr/themes/izmir/images/bb-ubak-tsat-black.png?v=1.35
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 20:44:48 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 29 Sep 2022 19:34:04 GMT
ETag: "a79429b290a1b998835d67b659909009e80eca45"
Last-Modified: Sun, 25 Sep 2022 19:34:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750699907b700af6-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    1a1e5118e29fc2d137e36b2289b2b0ce
Sha1:   a79429b290a1b998835d67b659909009e80eca45
Sha256: 320de594883d1159f9c863d24327c0b6d02f1f3bfa363f2577f060ecd787a12a
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZMoT2wc1Anxgiw0MDqjUZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.82.48.240
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HJbc9LHTSM4OVQJu4KVWvCV/93s=

                                        
                                            GET /themes/izmir/images/bb-ubak-tsat-black.png?v=1.35 HTTP/1.1 
Host: static.turkiye.gov.tr
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.edevlet2022iade.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         94.55.118.37
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 25 Sep 2022 20:44:48 GMT
Content-Length: 15120
Last-Modified: Thu, 26 Mar 2020 11:15:11 GMT
Connection: keep-alive
ETag: "5e7c8ebf-3b10"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Vary: Accept-Encoding, User-Agent
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 800 x 110, 8-bit colormap, non-interlaced\012- data
Size:   15120
Md5:    c60ab750ec8321b9a186658d4157b22c
Sha1:   0edb72858fa9de74d818a2397ef62eb44e495c4c
Sha256: a4745f259315892f1d3a76a0d8f524729e50ac83d4a8a53deda91970a1bf3dbb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 25 Sep 2022 20:44:48 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sm6N8Un8XKHtGGZwxLd1aYygBns1l8siRvcc2w_9V2imJopvt8Ockw==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 07:09:15 GMT
age: 48935
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8715
Md5:    a89e7161745036637a66e8ab5b7efdf9
Sha1:   79c83cc27996b2339bd63764dbb2ae9744db6d70
Sha256: 13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:51:18 GMT
age: 82412
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10032
Md5:    aa150280eb113504d61a25935c0f0127
Sha1:   ed04f74fbb4c77b21e2babc51a82857f5e23d169
Sha256: 07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 83251
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size:   12826
Md5:    b3a72e81317074689a71dac7059e4b6a
Sha1:   b6d56333d7f1ea7ddc8838d84de498ff913c5464
Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5305
x-amzn-requestid: df7ba218-d20c-4389-8895-affd870ad15f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JqKGtHoAMFcJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d230d-1854a5420f7091316aa4f211;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v37Rjs_OtmFd6UKau0Flv_J6GAWTe0UdA8hXaDmmn6SmLXQbEHeBVQ==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 03:45:44 GMT
age: 61146
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5305
Md5:    9773faaac4deac40b96cd0802e974f36
Sha1:   db601663fa6ee5564eddaf8d3d84c7b04bf3871c
Sha256: 40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LryqVGSkKbiNOwcqXMULY9FXbOuZBBenjgGPDME3NZLZOdp5divXmw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:29 GMT
age: 81741
etag: "358e74de395352a9529ff1c17856daf8900888c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6199
Md5:    714af732a9aa1db2b13ffb62810fd532
Sha1:   358e74de395352a9529ff1c17856daf8900888c5
Sha256: 1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
age: 83264
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8914
Md5:    dfdacc8edea3c24dad020d7e9c11b3f4
Sha1:   2b6e37596e88b62f288dc8e8c937fd904fae28d5
Sha256: 338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
                                        
                                            POST /datach.php?ip=91.90.42.154 HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Origin: http://www.edevlet2022iade.com
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/
Cookie: top-menu-state=closed
Content-Length: 0

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 25 Sep 2022 20:44:50 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
    - fortinet: Phishing
                                        
                                            POST /datach.php?ip=91.90.42.154 HTTP/1.1 
Host: www.edevlet2022iade.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Origin: http://www.edevlet2022iade.com
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/
Cookie: top-menu-state=closed
Content-Length: 0

                                         
                                         92.205.9.165
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 25 Sep 2022 20:44:53 GMT
Server: Apache
X-Powered-By: PHP/7.4.30
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Connection: Keep-Alive


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - openphish: E-Devlet (Turkey)
    - fortinet: Phishing
                                        
                                            GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=5c7848169a HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.edevlet2022iade.com/
Origin: http://www.edevlet2022iade.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.203.28
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 25 Sep 2022 20:44:47 GMT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 81dd58fce895623c177df225d0a65d52.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: MQXKXHxppsTGHt1UulN6KGjFDiFRgfP8m3hcgh-tz9SaxH58TTllhw==
age: 29714
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFuqrgugngm3wFSKrYSNSoZGeE1x3YN8AK95r336ZxUcXzh96755V%2BOmSDSWj77RsLvxJojUvTLdhZK1eSIg6R%2Blj8b10neUevd6TeLdi9SE8lDywbMzLppyrHUU8yyk2q9NJiAoLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7506998cddce7501-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.15.4/css/free.min.css?token=5c7848169a HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.edevlet2022iade.com/
Origin: http://www.edevlet2022iade.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.203.28
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 25 Sep 2022 20:44:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d31a115f0836c74b24184a43b912a574.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: L9ylfnxsx_ohOgeOxjcUcpcOSEagvxKacY5lz1BFFaIELnm1FMPxPA==
age: 29714
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RD0LZ4VwTn8hajr%2FhApIM4C11ytfsbio3v%2BW%2Fc29B2Qryri%2BHc%2BWV%2B71oyYy9gKnP56MR3F4jZmwFQq%2FzMstx8z0ZZ1G%2BiWgSwkM4RODpT6FK0Fd5Ll0vwZmuaSAOX5BOZZhjIe9tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7506998cddc67501-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /5c7848169a.js HTTP/1.1 
Host: kit.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.edevlet2022iade.com
Connection: keep-alive
Referer: http://www.edevlet2022iade.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.22.52
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Sun, 25 Sep 2022 20:44:47 GMT
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxgZI0CXmIpLGTTbwtjh
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7506998b6cfa1c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.15.4/css/free-v4-shims.min.css?token=5c7848169a HTTP/1.1 
Host: ka-f.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.edevlet2022iade.com/
Origin: http://www.edevlet2022iade.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.203.28
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 25 Sep 2022 20:44:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f40585e1285ddfba696e566c1dd902de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 6Gg8uPkOFmPTKfCMMISdCqXRaYXuFZt6qjPkwMNXG2Wl-glvsSDiEw==
age: 29714
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjo%2BjGDWUDuaMF0TkoSfUcWfWYdbM1bImjvFcgQMMXP6b2a2GtnhD9m2Al9%2Bpje1Fie7FqyFY3VxW%2Bqkyw43MeaNRsapqsANRg4Jbu9WZAUkc1O1oqSD3GCCMgP66hm4px6xYXqQKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7506998cddd07501-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---