eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/login.php?web/cox/SignOn
178.62.248.95200 OK 4.6 kB URL HTTP/1.1 eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/login.php?web/cox/SignOn
IP 178.62.248.95:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 3e7a10baa91e34d60a022f31ac008f38
39018b6d892c6f068cac69f3bdf38d52d7125c62
59d250196bf456fc92f87ccc43bac540f1dbb2cfb8ccee846463a967f6209b08
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/maint/CoxLab2022/web/login.php?web/cox/SignOn HTTP/1.1
Host: eski.nitrobilisim.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4556
Date: Tue, 04 Oct 2022 12:34:49 GMT
Server: LiteSpeed
Connection: Keep-Alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5912
Expires: Tue, 04 Oct 2022 14:13:22 GMT
Date: Tue, 04 Oct 2022 12:34:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 11:40:45 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cSrgQrhIiY7j-4VnS3L8p1x-aVBVwlCAHFqWaQUwfkcNnjQGijD1FA==
Age: 3244
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CRBE5DSFCtwemk4F58B_MxvXMlwFfRCxbxAb00ZfH-YaZnjjg41S-Q==
age: 25583
X-Firefox-Spdy: h2
eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/flex-presentation.css
178.62.248.95200 OK 24 kB URL HTTP/1.1 eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/flex-presentation.css
IP 178.62.248.95:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (322), with CRLF line terminators
Hash a0a11554b1841c47555d961443b2bd27
81b68a3cc4b5e95941c1c8439eeb6ede00f1fc63
29e72991d844a6deeed952f18ebbf1a5a4286cc5a19bd149f27ad691a51f0677
GET /wp-admin/maint/CoxLab2022/web/assets/css/flex-presentation.css HTTP/1.1
Host: eski.nitrobilisim.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/login.php?web/cox/SignOn
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 12:34:50 GMT
Etag: "2b22b-616dfac2-bf3ea;gz"
Last-Modified: Mon, 18 Oct 2021 22:52:50 GMT
Content-Type: text/css
Content-Length: 24016
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Tue, 04 Oct 2022 12:34:50 GMT
Server: LiteSpeed
Connection: Keep-Alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 12:34:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
gateway.foresee.com/code/5.10.4-oo/oo_icon_white.gif
143.204.55.45200 OK 2.2 kB URL HTTP/2 gateway.foresee.com/code/5.10.4-oo/oo_icon_white.gif
IP 143.204.55.45:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash f12d8abbdb0cb10ebe21199595d28c4b
25528e838f30020b37c5ab0db483c4c3446759a8
c3f012ffdb0be6fe0417057e7debc8c5129eed0476fd765cd93f234bb2cf77a3
GET /code/5.10.4-oo/oo_icon_white.gif HTTP/1.1
Host: gateway.foresee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 2247
date: Wed, 14 Sep 2022 20:22:16 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=2419200
status: 200
etag: "f12d8abbdb0cb10ebe21199595d28c4b"
last-modified: Thu, 24 Jun 2021 17:07:14 GMT
expires: Wed, 12 Oct 2022 20:22:16 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zai16XXnn-qNL43QjN_94s9q6mBZUJtoYkI1HhUfYxu91EV9ffR-Uw==
age: 1699954
X-Firefox-Spdy: h2
eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/overrides.min.css
178.62.248.95200 OK 7.7 kB URL HTTP/1.1 eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/overrides.min.css
IP 178.62.248.95:0
ASN #14061 DIGITALOCEAN-ASN
File type assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 41c8c4e1739bb82a20e2eb921fdf7c6e
394cad6a5e4a463c16cea2ddf251aaf0f4bc2a67
9fee22104f0ba6798d6d38b612a2cf4e822910816cdf1ff0314b17538fad36cd
GET /wp-admin/maint/CoxLab2022/web/assets/css/overrides.min.css HTTP/1.1
Host: eski.nitrobilisim.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/login.php?web/cox/SignOn
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 12:34:50 GMT
Etag: "c45e-613e645a-bf3f2;gz"
Last-Modified: Sun, 12 Sep 2021 20:34:34 GMT
Content-Type: text/css
Content-Length: 7734
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Tue, 04 Oct 2022 12:34:50 GMT
Server: LiteSpeed
Connection: Keep-Alive
eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/flex2text-styles.min.css
178.62.248.95200 OK 820 B URL HTTP/1.1 eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/flex2text-styles.min.css
IP 178.62.248.95:0
ASN #14061 DIGITALOCEAN-ASN
File type assembler source, ASCII text, with CRLF line terminators
Hash 1fe1dd8c4d32ed7d9f1f153b418dd947
0df9fda86f98fc1704d15adb384d2d0a394289a0
007a61d861b2baa20c024f67de5b481a555faed16ddb547af688c784e8e1179e
GET /wp-admin/maint/CoxLab2022/web/assets/css/flex2text-styles.min.css HTTP/1.1
Host: eski.nitrobilisim.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/login.php?web/cox/SignOn
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 12:34:50 GMT
Etag: "1407-613e645a-bf3e9;gz"
Last-Modified: Sun, 12 Sep 2021 20:34:34 GMT
Content-Type: text/css
Content-Length: 820
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Tue, 04 Oct 2022 12:34:50 GMT
Server: LiteSpeed
Connection: Keep-Alive
eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/cox-residential-aemapp.css
178.62.248.95200 OK 57 kB URL HTTP/1.1 eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/cox-residential-aemapp.css
IP 178.62.248.95:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (679), with CRLF line terminators
Hash 5bfa7fdc500e9e37a3910bc16cee242d
aafaddfe9f71e5d5ca9b1b34f5a3489334f66366
e8d17d5fe8acdc05e465e9bac17a130dd2ad6a8dc1fc4e9ee22733a3b9f53dc2
GET /wp-admin/maint/CoxLab2022/web/assets/css/cox-residential-aemapp.css HTTP/1.1
Host: eski.nitrobilisim.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/login.php?web/cox/SignOn
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 12:34:50 GMT
Etag: "6a177-613e645a-bf3e8;gz"
Last-Modified: Sun, 12 Sep 2021 20:34:34 GMT
Content-Type: text/css
Content-Length: 56960
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Tue, 04 Oct 2022 12:34:50 GMT
Server: LiteSpeed
Connection: Keep-Alive
eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/img/cox_logo.png
178.62.248.95200 OK 1.9 kB URL HTTP/1.1 eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/img/cox_logo.png
IP 178.62.248.95:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 90 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 34e6e67e7ec05e59852143d135c8d0ec
402e6fd60e32d6fab0b227471af3d00ad700ee05
d60826499153bf6fcb4e8a8809d3b10d737cf4990ee4a0c8d796af7d5c0a9175
GET /wp-admin/maint/CoxLab2022/web/assets/img/cox_logo.png HTTP/1.1
Host: eski.nitrobilisim.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/login.php?web/cox/SignOn
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 12:34:50 GMT
Etag: "749-616db50e-bf46d;;;"
Last-Modified: Mon, 18 Oct 2021 17:55:26 GMT
Content-Type: image/png
Content-Length: 1865
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 12:34:50 GMT
Server: LiteSpeed
Connection: Keep-Alive
eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/img/checkbox-default.svg
178.62.248.95200 OK 210 B URL HTTP/1.1 eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/img/checkbox-default.svg
IP 178.62.248.95:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 048cec31230ab5dd0e775ed78fafe191
d1b4d25b49f14053b556d0a883fb8d0980eebce8
aba201da7d6f6c3c15aacb6fedf0cacffe1652ed05fd9530db0dda32e736dfec
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/maint/CoxLab2022/web/assets/img/checkbox-default.svg HTTP/1.1
Host: eski.nitrobilisim.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/cox-residential-aemapp.css
HTTP/1.1 200 OK
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 12:34:50 GMT
Etag: "10e-613e645a-bf46b;gz"
Last-Modified: Sun, 12 Sep 2021 20:34:34 GMT
Content-Type: image/svg+xml
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 12:34:50 GMT
Server: LiteSpeed
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Regular-webfont.woff
178.62.248.95404 Not Found 1.2 kB URL HTTP/1.1 eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Regular-webfont.woff
IP 178.62.248.95:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 30a9aa3e2018df9e4d5a7dea65c283f6
6abb0707a87dd0140ae3488c3f2a378726e2ca53
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Regular-webfont.woff HTTP/1.1
Host: eski.nitrobilisim.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/flex-presentation.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Cache-Control: private, no-cache, max-age=0
Pragma: no-cache
Content-Length: 1236
Date: Tue, 04 Oct 2022 12:34:50 GMT
Server: LiteSpeed
Connection: Keep-Alive
eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Semibold-webfont.woff
178.62.248.95404 Not Found 1.2 kB URL HTTP/1.1 eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Semibold-webfont.woff
IP 178.62.248.95:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 30a9aa3e2018df9e4d5a7dea65c283f6
6abb0707a87dd0140ae3488c3f2a378726e2ca53
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Semibold-webfont.woff HTTP/1.1
Host: eski.nitrobilisim.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/flex-presentation.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Cache-Control: private, no-cache, max-age=0
Pragma: no-cache
Content-Length: 1236
Date: Tue, 04 Oct 2022 12:34:50 GMT
Server: LiteSpeed
Connection: Keep-Alive
global.oktacdn.com/okta-signin-widget/3.8.2/font/okticon.woff
143.204.55.25200 OK 21 kB URL HTTP/2 global.oktacdn.com/okta-signin-widget/3.8.2/font/okticon.woff
IP 143.204.55.25:0
File type Web Open Font Format, CFF, length 20600, version 1.0\012- data
Hash db28723126138387cdf40680e6e0fa5d
4d706297987d613a4e3f4f23d08c62d16830845d
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
GET /okta-signin-widget/3.8.2/font/okticon.woff HTTP/1.1
Host: global.oktacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://eski.nitrobilisim.com.tr
Connection: keep-alive
Referer: https://global.oktacdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 20600
x-amz-replication-status: COMPLETED
last-modified: Fri, 20 Mar 2020 02:19:41 GMT
x-amz-version-id: dDQhkYt0RHrEVEp9cvTtLweQzsWLGlTl
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=315360000
access-control-allow-origin: *
x-content-type-options: nosniff
date: Mon, 03 Oct 2022 13:04:54 GMT
cache-control: public,max-age=31536000,s-maxage=1814400
etag: "db28723126138387cdf40680e6e0fa5d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XHcsppAn7wksJWAWqFcXZnWBEh-iB3mstd8TNg-X5mUHdOMeSMxqjA==
age: 84597
X-Firefox-Spdy: h2
eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Regular-webfont.ttf
178.62.248.95404 Not Found 705 B URL HTTP/1.1 eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Regular-webfont.ttf
IP 178.62.248.95:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash bfbf1451d2d0ca64731dda41aadbfee9
8ced5f4e49d615a0855492ea12a174f8f63ac9aa
d7a6693a3add3dc913f5472fabcc097a55a4269210d8af2c37e1ad53a1565a55
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Regular-webfont.ttf HTTP/1.1
Host: eski.nitrobilisim.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/flex-presentation.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Cache-Control: private, no-cache, max-age=0
Pragma: no-cache
Date: Tue, 04 Oct 2022 12:34:50 GMT
Server: LiteSpeed
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Semibold-webfont.ttf
178.62.248.95404 Not Found 705 B URL HTTP/1.1 eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Semibold-webfont.ttf
IP 178.62.248.95:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash bfbf1451d2d0ca64731dda41aadbfee9
8ced5f4e49d615a0855492ea12a174f8f63ac9aa
d7a6693a3add3dc913f5472fabcc097a55a4269210d8af2c37e1ad53a1565a55
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/maint/CoxLab2022/web/assets/css/fonts/OpenSans-Semibold-webfont.ttf HTTP/1.1
Host: eski.nitrobilisim.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/wp-admin/maint/CoxLab2022/web/assets/css/flex-presentation.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Cache-Control: private, no-cache, max-age=0
Pragma: no-cache
Date: Tue, 04 Oct 2022 12:34:50 GMT
Server: LiteSpeed
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked
Connection: Keep-Alive
webcdn2.cox.com/ui/presentation/tsw/faviconrebrand.ico
45.60.47.167301 Moved Permanently 0 B URL HTTP/2 webcdn2.cox.com/ui/presentation/tsw/faviconrebrand.ico
IP 45.60.47.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ui/presentation/tsw/faviconrebrand.ico HTTP/1.1
Host: webcdn2.cox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://webcdn.cox.com/ui/presentation/tsw/faviconrebrand.ico
content-length: 0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 12:29:33 GMT
Expires: Tue, 04 Oct 2022 13:17:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vC9o6T56dQ46JsedQ8SmvVwV3d54H9gfJNgZS3e0aiA_oQ4YSPZ18g==
Age: 317
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5147
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 12:34:50 GMT
Last-Modified: Tue, 04 Oct 2022 11:09:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZQpnERNeIAyvKL37Uyq11Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V8Rjcn/8922HH7pdtUV6HApJ944=
webcdn.cox.com/ui/presentation/tsw/faviconrebrand.ico
45.60.47.167200 OK 8.2 kB URL HTTP/2 webcdn.cox.com/ui/presentation/tsw/faviconrebrand.ico
IP 45.60.47.167:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash bbcde904fd89e837ab220362c730b2e2
3bf9ed1c0587831364516d6fba44662bd495384c
8839dcdd9a3be5227c8deec47ee88fa9ad81cb64355125a7850bf7704f9bb9be
GET /ui/presentation/tsw/faviconrebrand.ico HTTP/1.1
Host: webcdn.cox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://eski.nitrobilisim.com.tr/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 8218
server: Apache
last-modified: Tue, 27 Sep 2022 20:26:44 GMT
accept-ranges: bytes
content-encoding: gzip
x-xss-protection: 1
x-content-type: nosniff
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com agent.bold360.com *.cox-ondemand.com *.yext-cdn.com *.yextpages.net *.evgnet.com *.evergage.com
x-ua-compatible: IE=edge
strict-transport-security: max-age=86400; includeSubDomains
date: Tue, 04 Oct 2022 12:34:51 GMT
x-cache: RefreshHit from cloudfront
via: 1.1 0dbf67e262a6295e9e8f6570f9aae7e0.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: AxdAj3WPdIlqEMhhB8tupE-FF5kyrvzS0OO7_A3bhZG4ku4aUpGE5Q==
set-cookie: visid_incap_2781768=tk2ee1vpT0Sj5LozehUNdWooPGMAAAAAQUIPAAAAAACsD5qT2vFVnRzbrIf1vplb; expires=Tue, 03 Oct 2023 22:31:11 GMT; HttpOnly; path=/; Domain=.cox.com; Secure; SameSite=None
nlbi_2781768=MGJKD4p2dlZ+zpaiu5PrqQAAAADcqxjY+nzrYH8Li1AZtYbg; path=/; Domain=.cox.com; Secure; SameSite=None
incap_ses_721_2781768=1m6OYmki+X8ZjaOh6oEBCmooPGMAAAAAj8hU+8HCx+maaVYr9A2z5w==; path=/; Domain=.cox.com; Secure; SameSite=None
x-cdn: Imperva
x-iinfo: 9-21725776-21725790 NNNN CT(1 8 0) RT(1664886890064 228) q(0 0 1 0) r(1 6) U5
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4474
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:34:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4474
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:34:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4474
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:34:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4474
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:34:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 63afa079-f66e-428a-b491-c5859aed2e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJFU9EknoAMF1uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63338285-54f784262318d7ca0e560d44;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 23:08:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wueU8yVJPql7JutY2H26gdjyBCPTeyX_sG9c5mNE-PS57lyMGftW2g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 08:27:48 GMT
age: 14824
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 53432
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2287c489794dab0e9ba923a2057988f
2b9f6828a38da81b40dcad033572e48b4c5896db
e853fa2acf2425d14cb9746e8bbd45c8765598d2bb630859086b4668182dbf6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8534
x-amzn-requestid: 8ae51cd3-697b-47ed-8493-8f83e2bc7469
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuHlXoAMFucg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-165d72034440cf810d42f3bd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPt8LUVoKhXjfz-jZHLmnWD15tQgSLRaxl-Bsl0UU83G7wm3jj7_mg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:34 GMT
age: 53418
etag: "2b9f6828a38da81b40dcad033572e48b4c5896db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 53419
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 53432
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 53417
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
143.204.55.25200 OK 0 B URL HTTP/2 global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
IP 143.204.55.25:0
GET /okta-signin-widget/3.8.2/css/okta-sign-in.min.css HTTP/1.1
Host: global.oktacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://eski.nitrobilisim.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
x-amz-replication-status: COMPLETED
last-modified: Fri, 20 Mar 2020 02:19:40 GMT
x-amz-version-id: VioymT0ami6RAq5l.msmhnEwxweXAIS1
server: AmazonS3
strict-transport-security: max-age=315360000
access-control-allow-origin: *
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 Oct 2022 05:30:44 GMT
cache-control: public,max-age=31536000,s-maxage=1814400
etag: W/"92cb194fd7896eb0997c23a4a3dbb596"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: N3ggC4sjCxdQirrSbfpMGM8qRmdRIRdNvcf6I_OtNWqxrlw-uM3Unw==
age: 25447
X-Firefox-Spdy: h2