firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 14:35:09 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GOXrd-9euqlGmKjJgH5YhrKXyyYgG5JNiAhyBKNo-eWSPr2-1eGfVQ==
Age: 3304
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
185.46.40.71200 OK 9.3 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4822)
Hash c06212ab627a2a6da0ee8260f4b0a48e
8d6f369cfca4f7f42f1e1bd900d003cd489f843a
30484ede5eee9899e124cf7b34fbd36b66593a95dd7e6129e85042c8f743b653
Analyzer Verdict Alert openphish The Union Bank of the Philippines
phishtank Other
fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/login.php HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 490c003436e215e91596f285fcba92f5
0c4c9a5802e7cdb699f4918c252dbdf8431c25ec
9fe6beb1cb3851018168765a243b6de69ec71d30770f8c2dcc57cae7d9978cc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE6BEB1CB3851018168765A243B6DE69EC71D30770F8C2DCC57CAE7D9978CC1"
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17245
Expires: Wed, 28 Sep 2022 20:17:38 GMT
Date: Wed, 28 Sep 2022 15:30:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z-C5fSuVWtQfy2xScfwWSj4-kZ_EhUa5g-prxzPQfCJnewMMwxiC_A==
age: 36107
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 15:30:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 267
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:13 GMT
Last-Modified: Wed, 28 Sep 2022 15:25:46 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
104.17.25.14200 OK 5.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
IP 104.17.25.14:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash aa712f2a9ab349290ddbc871138b13ba
2be3765114dbce70c84786dd7d2838c7edce486c
84dce905b67560d91a9993771337d6e5946c7f1e502b5bf06fb0ef6d34b97b57
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 15:30:13 GMT
content-type: text/css; charset=utf-8
content-length: 5884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-9226"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2325909
expires: Mon, 18 Sep 2023 15:30:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg8WbKA%2Ft%2BtTBh06ajMJc07Y%2Bf837jLizl9BkwBXfJhCaopPnZzji%2FLBOXmlQ9sFPS%2BhRq7yqfWhlnwLYSD3%2BmFdM0F6bk%2FoZfiirTlAYylOLzR4g4Rz1bH2OB3l%2BAr9kVvTKNqB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751d84e37d28fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
172.217.21.170200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (32089)
Hash bf899cc5ba60c522341e4d712a5246bf
2c92c54c9919c8b81b4e77a97bfd4d8f202e1a6a
4f8b9bf1630c24cf17444ec093052451c370c9371212db74b4bf8b4fd71a2817
GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33018
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 05:13:03 GMT
expires: Mon, 25 Sep 2023 05:13:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 296230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 267
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:13 GMT
Last-Modified: Wed, 28 Sep 2022 15:25:46 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/script.js
185.46.40.71200 OK 393 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/script.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with CRLF line terminators
Hash 6a2e6dbb7e1b3f957d2cb45fb492668e
f2680b4bf9b43296032575e74c6f522073c088b2
953ff524a462191b00e7966089eb722ce2f7d32334c603ebe06298b2ae5ba958
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/script.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 393
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/api.js
185.46.40.71200 OK 708 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/api.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (708), with no line terminators
Hash a14455948d94f9a9ed0255ddffdc1eef
cd95e227eb30c684473c1e26101bfbe1ce8f3137
e88fe96181aaff74f1fae525dab9641052853f643711f87e2307ed1cca4266b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/api.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 708
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/sdk.js(1)
185.46.40.71200 OK 3.2 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/sdk.js(1)
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (2088)
Hash bed46e0f7a43ef971658bde3da164aea
d4a3512ba6112886f55def602aad237dc2709501
3f6cfb2a107314566e4293ba29234e305a8d9e35dd8670fb41cbacc78f3bf22f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/sdk.js(1) HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 3224
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/style.css
185.46.40.71404 Not Found 9.2 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/style.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash b8b659dcc27cdfde5eb2f29e82bcd51b
968adc39b76989b43a362e7232762b954cbc4644
bffe0ee8c1d59415f06721dad50f117b156f689e86090f31fe3da2e9cd1e4bf4
GET /wp-includes/certificates/online.unionbankph.com/login/style.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://samvision.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1.1bf376f9696bfb8874af.css
185.46.40.71200 OK 1.3 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1.1bf376f9696bfb8874af.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (741)
Hash 3eda1ec039a6602339cbb94e11f4ae95
82cb323be785d6520838d0af1835cc74b8d45a68
c5f7e61cae5551b8a64036de44778ee9bd0baa12b57d75ff02a593e29caca5bd
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1.1bf376f9696bfb8874af.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 1275
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 15:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 16:24:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -LEljtv_CqL1dHX7NfqtgHRZubrxH8r15A2oSE1AVL8sFWqd6Fp5WQ==
Age: 40
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.css
185.46.40.71200 OK 294 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
Hash c185e013973ef666acf656dcb0a7063e
c321c0beb96a3670ca5c71c425c377ca7dee54ca
514fcc4cbd416bb0385b2145ec15929d59f01b49daef7f6605df546a8ba340d6
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 294
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.css
185.46.40.71200 OK 3.8 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (3822)
Hash 4cc6c72e41ec5a21e41d34c3e7f07a7c
99c5cae3a778bab69c748517723d887d7f8b04f2
de051944e81c05e4b7e9b7b1490a2f97287fead1fb62252c8b0eb678a618093b
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 3824
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5497
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:14 GMT
Last-Modified: Wed, 28 Sep 2022 13:58:37 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.js
185.46.40.71200 OK 795 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type Unicode text, UTF-8 text, with very long lines (32811), with LF, NEL line terminators
Size 795 kB (794834 bytes)
Hash bd4eb626f73a2bdebb49c9149bd345ef
a7e9a65dee29cc8a3d4eac600b86fa9c95ac0b3b
e101196b35417e0a66350d07b1e6ce10563b8093ea7177276d008f56b45c9725
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 794834
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.js
185.46.40.71200 OK 398 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type Unicode text, UTF-8 text, with very long lines (65468)
Size 398 kB (397898 bytes)
Hash b3ff7069fb30087eb69bf18b3cfc5b35
4cf232bd57407c61bb5138d17da5aded1d96219b
bc4c57fdfb845c45382334a2ea04b63a21fea8f4a42ec56ce4e05bb948160cb1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/12.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 397898
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.css
185.46.40.71200 OK 783 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (750)
Size 783 kB (782583 bytes)
Hash 86d54638cb030ae8f1629ecd2120efa1
14ffa0622651543ce8f735cddfa6b65bbe92972a
be831ee01cb7b77ee74e5c1fd468c6f0f514874523e50d27d9dec5d4d23b0d46
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/bundle.1bf376f9696bfb8874af.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 782583
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/components.1bf376f9696bfb8874af.js
185.46.40.71200 OK 1.3 MB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/components.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type Unicode text, UTF-8 text, with very long lines (65508), with no line terminators
Size 1.3 MB (1346823 bytes)
Hash 490e2962a5e8dcb1ffa51d2ea4dab1c2
b3ae0abe5c59da07be938923e05e2da53ee2685a
24573626435ac4aef93f207169afee030de75f86bad78d86a48962ac3e988e25
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/components.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 1346823
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5f4b013b5656bef604b0022eb233d049
5b5ac71b8dbb5b488d7267d0d70292c2f7651c5b
238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5228
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:14 GMT
Last-Modified: Wed, 28 Sep 2022 14:03:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
54.149.28.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.28.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VdmkmQt7QDUdBOzNN4qn6Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f9VJWPGfbhQoeSNez5NMBf8TkxE=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5f4b013b5656bef604b0022eb233d049
5b5ac71b8dbb5b488d7267d0d70292c2f7651c5b
238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5228
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:14 GMT
Last-Modified: Wed, 28 Sep 2022 14:03:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.js
185.46.40.71200 OK 1.3 MB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type Unicode text, UTF-8 text, with very long lines (39616)
Size 1.3 MB (1268902 bytes)
Hash 507063643ab7d92bb142e5d95e8569c6
bf12da9b7e9cd816cfe4c31e28500e10a783e55b
f716f9ec048441e37bfaed734ca9fbbd3ac496b736f684dbcb1b736978ed38e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/7.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:13 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 1268902
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1200px-Unionbank_2018_logo.svg.png
185.46.40.71200 OK 21 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1200px-Unionbank_2018_logo.svg.png
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type PNG image data, 1200 x 368, 8-bit/color RGBA, non-interlaced\012- data
Hash 70f65465e7c6d090d9277be5ce120b45
8ce111118f53f497079d066a4216f61b72347b87
2e916e6e4167cd80e0f126a9d67f8c4f40af081e5d28e56516fbe492700f5fc8
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/1200px-Unionbank_2018_logo.svg.png HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:14 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 20846
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/0197659eaac436e5082dd8b8f0f5edc3.png
185.46.40.71200 OK 3.8 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/0197659eaac436e5082dd8b8f0f5edc3.png
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type PNG image data, 130 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 0197659eaac436e5082dd8b8f0f5edc3
a378d1dac92182598e3c72d5cebf3e8492d9bd25
46644f655d69d30a39e701d2927ce0969a921c99bb7dd73d8747455c4526b6d6
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/0197659eaac436e5082dd8b8f0f5edc3.png HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:14 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 3771
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
samvision.com.tr/online-banking/58cfe04e893f01896e517ae625751e6a.png
185.46.40.71404 Not Found 9.2 kB URL HTTP/1.1 samvision.com.tr/online-banking/58cfe04e893f01896e517ae625751e6a.png
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 128bde3e3993c55576cf6ed6c7f60d4b
2c53ebdaece0dbd38d528e7feba935f91f17dd7e
b24d08741dc27d46aca51c64919e8b4a646428470b24c8c357e9972c5e36fdf8
GET /online-banking/58cfe04e893f01896e517ae625751e6a.png HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 15:30:14 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://samvision.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://samvision.com.tr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 590167
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://samvision.com.tr
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 590167
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource(1).html
185.46.40.71200 OK 152 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource(1).html
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource(1).html HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:14 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 152
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
185.46.40.71200 OK 20 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10169)
Hash 0b8cda296623afe44f3914cd9ac30c55
133480e45d76f1ab920ed8cfe2cfad5a1c34ea3a
5ca7bd61b32a17e08013d6c799fbeee980b6a57fbade97df2fd0d19525c83c85
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:14 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 20222
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a0ba78242dec587bdc9bd8dc3338b138
51bdb0ccfa2b0d4e0056ef4ba4c06a0e1aeb15fa
3474b92488104a72f035335264bc7284dfea368606bc616d76d76d71beab0325
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1226
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:15 GMT
Last-Modified: Wed, 28 Sep 2022 15:09:49 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/04aa55f8de2e368f5621bbfb4c0c67e2.jpg
185.46.40.71200 OK 333 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/04aa55f8de2e368f5621bbfb4c0c67e2.jpg
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1800x1414, components 3\012- data
Size 333 kB (333216 bytes)
Hash c8abb6a211f03e56f37d6a9e953f951b
93acfcac2ae7b89fa282e8cdd7d2088e098c6418
ff2746f58870ea29115010a06010d45f9a584b9798a80c5114a30cc39ab777b1
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/04aa55f8de2e368f5621bbfb4c0c67e2.jpg HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:14 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 333216
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.google-analytics.com/analytics.js
216.239.38.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.38.178:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 14:34:43 GMT
expires: Wed, 28 Sep 2022 16:34:43 GMT
cache-control: public, max-age=7200
age: 3332
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/styles__ltr.css
185.46.40.71200 OK 51 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/styles__ltr.css
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type ASCII text, with very long lines (50696), with no line terminators
Hash 7a11414e0680c65aa4db14e9ebb8f025
0b27811e2cf398e5b3fccff6ff7e1d8e66e6f7a6
08b3c452b051deb45ab872c4da7bdba7cf14b345318f5e28b22703ef4b04ba18
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/styles__ltr.css HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:14 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 50696
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
connect.facebook.net/en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a
IP 157.240.200.14:0
File type ASCII text, with very long lines (18598)
Hash 44f45398c5cc9241318356d43379b33f
0b3dc225e102f8a16b2fb99aedb679af477206b8
1dd8903e7d0f452dd8e194fadd8a64016ce70bb1de2f75aa05e0e3a9a43b2bba
GET /en_US/sdk.js?hash=43076a9dd9f24fdb8cd3e0cc0cc4be7a HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://samvision.com.tr
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 8753aa7f1cb62f4c3d2f98ef04c2f845
etag: "4386ee6988d2308d94aec3892e34372d"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Sep 2023 15:18:29 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: RPRTmMXMkkExg1bUM3mzPw==
x-fb-debug: 22vqJU7scoVVCQOzzlY1h83frvoP9a3El77ulbAC5g5S9jvfHwTfbnyHwt3coaUGxt5jjBK1uYWA/rhCZeFbVQ==
priority: u=3,i
content-length: 88835
x-fb-trip-id: 1679558926
date: Wed, 28 Sep 2022 15:30:15 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 15:30:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6174
Expires: Wed, 28 Sep 2022 17:13:09 GMT
Date: Wed, 28 Sep 2022 15:30:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6174
Expires: Wed, 28 Sep 2022 17:13:09 GMT
Date: Wed, 28 Sep 2022 15:30:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6174
Expires: Wed, 28 Sep 2022 17:13:09 GMT
Date: Wed, 28 Sep 2022 15:30:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6174
Expires: Wed, 28 Sep 2022 17:13:09 GMT
Date: Wed, 28 Sep 2022 15:30:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6174
Expires: Wed, 28 Sep 2022 17:13:09 GMT
Date: Wed, 28 Sep 2022 15:30:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rV80hKsopWPf_A8hKw0kwTOjVN4Bq-5f8oXDP2wluyGwof5yXFe2Bw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:42:47 GMT
age: 64048
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 63792
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Di1kDUlYEc1rv31fHM-OquU_W_LggEzDCTVME5iFJ5KffZcQyN6i2A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:31:39 GMT
age: 28716
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KmVkKXoPqZmnwFtpKhuox1kJNDoSxMEmYE39_zVPyaeoU4sPqq-_wA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:23 GMT
age: 63952
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 63945
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e9HgIoAMFxUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:53 GMT
age: 64162
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/recaptcha__en.js.download
185.46.40.71404 Not Found 9.2 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/recaptcha__en.js.download
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 128bde3e3993c55576cf6ed6c7f60d4b
2c53ebdaece0dbd38d528e7feba935f91f17dd7e
b24d08741dc27d46aca51c64919e8b4a646428470b24c8c357e9972c5e36fdf8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/recaptcha__en.js.download HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 15:30:14 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://samvision.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
185.46.40.71404 Not Found 9.2 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 128bde3e3993c55576cf6ed6c7f60d4b
2c53ebdaece0dbd38d528e7feba935f91f17dd7e
b24d08741dc27d46aca51c64919e8b4a646428470b24c8c357e9972c5e36fdf8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/dvDKLY21EpsggPpYe7mLhx2vZ59WAsI8UCV0Rb2v1fM.js.download HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 15:30:14 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://samvision.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/favicon.ico
185.46.40.71404 Not Found 9.2 kB URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/favicon.ico
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 128bde3e3993c55576cf6ed6c7f60d4b
2c53ebdaece0dbd38d528e7feba935f91f17dd7e
b24d08741dc27d46aca51c64919e8b4a646428470b24c8c357e9972c5e36fdf8
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/favicon.ico HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 15:30:14 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://samvision.com.tr/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://samvision.com.tr
Connection: keep-alive
Referer: http://samvision.com.tr/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15344
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 20:06:20 GMT
Expires: Tue, 26 Sep 2023 20:06:20 GMT
Cache-Control: public, max-age=31536000
Age: 156235
Last-Modified: Mon, 16 Oct 2017 17:32:55 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://samvision.com.tr
Connection: keep-alive
Referer: http://samvision.com.tr/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15552
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 23 Sep 2022 16:38:48 GMT
Expires: Sat, 23 Sep 2023 16:38:48 GMT
Cache-Control: public, max-age=31536000
Age: 427887
Last-Modified: Mon, 16 Oct 2017 17:33:02 GMT
Content-Type: font/woff2
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource.html
185.46.40.71200 OK 152 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource.html
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/saved_resource.html HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/anchor.html
Cookie: _ga=GA1.3.912769397.1664379013; _gid=GA1.3.909246269.1664379013
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:14 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 152
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/14.1bf376f9696bfb8874af.js
185.46.40.71200 OK 0 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/14.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/14.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:13 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 428261
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/base.1bf376f9696bfb8874af.js
185.46.40.71200 OK 0 B URL HTTP/1.1 samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/unionbank_files/base.1bf376f9696bfb8874af.js
IP 185.46.40.71:0
ASN #34984 Tellcom Iletisim Hizmetleri A.s.
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/certificates/online.unionbankph.com/login/unionbank_files/base.1bf376f9696bfb8874af.js HTTP/1.1
Host: samvision.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samvision.com.tr/wp-includes/certificates/online.unionbankph.com/login/login.php
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 15:30:12 GMT
Server: Apache
Last-Modified: Sat, 22 Jan 2022 05:13:04 GMT
Accept-Ranges: bytes
Content-Length: 922195
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 15:30:14 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 13689821
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 751d84ea8c9ab506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:300
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,700|Open+Sans:300
IP 142.250.74.10:0
GET /css?family=Roboto:400,700|Open+Sans:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samvision.com.tr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 15:30:14 GMT
date: Wed, 28 Sep 2022 15:30:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2