Report - mainyer6.com/

Report Overview

Submitted URL
mainyer6.com/
IP
92.205.14.166
ASN
#21499 Host Europe GmbH
Submitted
2023-02-08 00:49:19
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
190

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
mainyer6.com	unknown	2021-11-13T21:00:55Z	2023-03-05T22:36:17Z	15 kB	294 kB	92.205.14.166
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	479 B	5.3 kB	142.250.74.74
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	4.9 kB	142.250.74.131
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.9 kB	88 kB	142.250.74.35
www.bimcell.com.tr	unknown	2017-03-12T11:28:25Z	2023-03-11T04:54:15Z	1.0 kB	3.3 kB	212.98.241.171
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.161.188.100
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	64 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-08 00:50:00	high	92.205.14.166	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-08 00:50:01	high	92.205.14.166	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell
2023-02-07	medium	mainyer6.com/	Bim Cell

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	mainyer6.com/	Phishing
2023-02-08	medium	mainyer6.com/kit.fontawesome.com/f07874fbed.js	Phishing
2023-02-08	medium	mainyer6.com/www.bimcell.com.tr/applications/popup/scripts/kuramsoftdynamichead.js	Phishing
2023-02-08	medium	mainyer6.com/www.bimcell.com.tr/templates/scripts/bootstrap.min.js	Phishing
2023-02-08	medium	mainyer6.com/www.bimcell.com.tr/templates/scripts/main.js	Phishing
2023-02-08	medium	mainyer6.com/code.jquery.com/jquery-1.9.1.min.js	Phishing
2023-02-08	medium	mainyer6.com/code.jquery.com/ui/1.11.0/jquery-ui.min.js	Phishing
2023-02-08	medium	mainyer6.com/code.jquery.com/ui/1.11.0/jquery-ui.min.js	Phishing
2023-02-08	medium	mainyer6.com/www.bimcell.com.tr/templates/scripts/jquery-1.10.2.js	Phishing
2023-02-08	medium	mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/bootstrap777d.css?1.1	Phishing
2023-02-08	medium	mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/style6512.css?11	Phishing
2023-02-08	medium	mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/css/fonts/mulish-v1-vietnamese_latin-ext_latin-regular.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed
2023-02-08	medium	mainyer6.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	mainyer6.com/	143 B	2023-03-07	2023-10-23
Pretty URL mainyer6.com/ IP 92.205.14.166 ASN #21499 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:58 Last Seen2023-10-23 22:54:19 Times Seen32 Hash f9dffbff47d1262d765304a04382c39a e0fb3c51c274e98ce8b8a6815df55a3329cb3060 31ced590e21d00084866917415264f220fe3921c7e0dc976c39615dac1e5de77 Loading...

	mainyer6.com/www.bimcell.com.tr/templates/scripts/main.js	113 B	2023-03-07	2023-10-23
Pretty URL mainyer6.com/www.bimcell.com.tr/templates/scripts/main.js IP 92.205.14.166 ASN #21499 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:58 Last Seen2023-10-23 22:54:19 Times Seen24 Hash 70970af67840d3257c12569983c62b38 2779465c451894ffa6aa16bb49ed868d4291e33a 083a79dfb02f0bd469f899a9aeb4887f08d68d05dff5ec028616edc77eb98993 Loading...

	mainyer6.com/main.php	44 B	2023-03-07	2023-07-03
Pretty URL mainyer6.com/main.php IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:58 Last Seen2023-07-03 02:17:42 Times Seen16 Hash f6a409ebd28399d118f43a6fab53e266 ba9a27af71b644139263df7a835a92f6bdc27798 9ee5361a2b4d73743e1bc2356ff169e506c88d389cc42ce2788990959356da5b Loading...

	mainyer6.com/main.php	239 B	2023-03-07	2023-04-03
Pretty URL mainyer6.com/main.php IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:58 Last Seen2023-04-03 23:58:59 Times Seen4 Hash 21aa9a7b1a7d78f483ada475a4aa0229 90b9fd2e185d71a314e584453cde39892258dd3a 4ca6b19c41f0c162318cdbdb551ff9312a91c8efe19dd187f515af755adf84aa Loading...

	mainyer6.com/www.bimcell.com.tr/templates/scripts/bootstrap.min.js	29 kB	2023-03-07	2024-04-26
Pretty URL mainyer6.com/www.bimcell.com.tr/templates/scripts/bootstrap.min.js IP 92.205.14.166 ASN #21499 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-26 20:03:54 Times Seen9766 Hash ba847811448ef90d98d272aeccef2a95 5814e91bb6276f4de8b7951c965f2f190a03978d 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1 Loading...

	mainyer6.com/www.bimcell.com.tr/applications/popup/scripts/kuramsoftdynamichead.js	3.2 kB	2023-03-07	2023-10-23
Pretty URL mainyer6.com/www.bimcell.com.tr/applications/popup/scripts/kuramsoftdynamichead.js IP 92.205.14.166 ASN #21499 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:58 Last Seen2023-10-23 22:54:19 Times Seen38 Hash 6f02ede71773b6a6cc85cb3df9079487 ea0fc238c79cd8a4ede662ab46dcd11794b03a7f 308b06ea1c330ad521de5aee9814d8dde828305e717afd82b747367c0841cec6 Loading...

	mainyer6.com/www.bimcell.com.tr/templates/scripts/jquery-1.10.2.js	273 kB	2023-03-07	2024-04-25
Pretty URL mainyer6.com/www.bimcell.com.tr/templates/scripts/jquery-1.10.2.js IP 92.205.14.166 ASN #21499 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:58 Last Seen2024-04-25 13:45:21 Times Seen1275 Hash 91515770ce8c55de23b306444d8ea998 1d85f0f3464e5e49b0522744bf7314e176ac76d9 8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a Loading...

	mainyer6.com/	440 B	2023-03-07	2023-04-03
Pretty URL mainyer6.com/ IP 92.205.14.166 ASN #21499 Host Europe GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:58 Last Seen2023-04-03 23:58:59 Times Seen4 Hash 6e71f99a029934c9ef1e91ab4ae24163 771c273731739e6a79cb85df0572046ce126115c 120df01a0cff971ab6a32be115b8c7e27b2ea286544e6d60b3e2301f7b0b66ea Loading...

	mainyer6.com/main.php	1.1 kB	2023-03-07	2023-07-03
Pretty URL mainyer6.com/main.php IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:58 Last Seen2023-07-03 02:17:42 Times Seen10 Hash 1b3b8178735475fdb0055eee5df7347a a4ce38fa49fbdf340dcaecbb81e28a736c85a2a9 93b586368affd3f73f5193cd66154d470a5ae630ff88d84098f7ab245af10fe0 Loading...

	mainyer6.com/main.php	253 B	2023-03-07	2023-07-03
Pretty URL mainyer6.com/main.php IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:58 Last Seen2023-07-03 02:17:42 Times Seen10 Hash a616b7ca749213162ab96c21ccf962b9 94068b784ce88cd7ccd6d5ad7cf5b8f78a457e67 c2c00f6f7c8a170a5379cd38e1640c65fd723e2a729066183683884c47324bea Loading...

HTTP Transactions (77)

URL IP Response Size

mainyer6.com/

92.205.14.166

200 OK

2.3 kB

URL HTTP/1.1
mainyer6.com/
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (374)
Size
2.3 kB (2305 bytes)
Hash
f04e7a539dc8794a5b6d689c31ca8b4d
a368dbd88b9826b78b4c30c2b0a65afcc22b0ced
510864389abd876ba8dbef287ea1218efe2b87f778d65df4d245ff3e672462a9

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET / HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
X-Powered-By: PHP/8.0.26
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2305
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5229
Expires: Wed, 08 Feb 2023 02:16:17 GMT
Date: Wed, 08 Feb 2023 00:49:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5698
Expires: Wed, 08 Feb 2023 02:24:06 GMT
Date: Wed, 08 Feb 2023 00:49:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5156
Expires: Wed, 08 Feb 2023 02:15:04 GMT
Date: Wed, 08 Feb 2023 00:49:08 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 00:34:10 GMT
content-type: application/json
age: 898
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 4QIECNrdCQa0RKBKwgK5FvC/j6AMZ2MpP5Bv/L6Q1bIKMO79dvHf5qa7p3FHv0k8/U1PqzS/+Zo=
x-amz-request-id: 7C0G33P6WR46NP79
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 00:35:43 GMT
age: 805
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

mainyer6.com/kit.fontawesome.com/f07874fbed.js

92.205.14.166

404 Not Found

315 B

URL HTTP/1.1
mainyer6.com/kit.fontawesome.com/f07874fbed.js
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /kit.fontawesome.com/f07874fbed.js HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

mainyer6.com/www.bimcell.com.tr/applications/popup/scripts/kuramsoftdynamichead.js

92.205.14.166

200 OK

919 B

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/applications/popup/scripts/kuramsoftdynamichead.js
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
HTML document text\012- HTML document, ASCII text, with very long lines (443)
Size
919 B (919 bytes)
Hash
c43b8ae277c69c53cc57889919b63f97
007a182cceb341621f7ff0a4cb8c98133def175f
d6a52797a139e89d468306e2b20bf91886906e055d78156a42ae34f60a6758b2

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/applications/popup/scripts/kuramsoftdynamichead.js HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 07 Jan 2022 14:51:46 GMT
ETag: "48808cf-c75-5d4ff2045ffaa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 919
Keep-Alive: timeout=5
Content-Type: application/javascript

mainyer6.com/www.bimcell.com.tr/templates/css/reset.css

92.205.14.166

200 OK

478 B

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/css/reset.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (734)
Size
478 B (478 bytes)
Hash
5de029b89e5c627fc9fd7aa10bc09a2c
0e0cc4e174f0746308ff51c0947393d8c9a2a184
6d9cfcbf20ac35a58523a05fb0de8676ceae5c4c0c4c627ccf18bdb2933e79f0

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/css/reset.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 07 Jan 2022 14:51:39 GMT
ETag: "4880739-316-5d4ff1fd91444-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 478
Keep-Alive: timeout=5
Content-Type: text/css

mainyer6.com/www.bimcell.com.tr/templates/css/style.css

92.205.14.166

200 OK

3.0 kB

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/css/style.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
3.0 kB (2969 bytes)
Hash
802608b5080f9cb926d3a673d35ff37c
aae636adab28fdac8b8cffeeb2252274060303eb
bc607bd6fa10166d8a49b013756f0ff266a10ba750f98fa73e6f66d7bcfb5434

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/css/style.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 07 Jan 2022 14:51:40 GMT
ETag: "48808c3-3a65-5d4ff1fe48dd4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2969
Keep-Alive: timeout=5
Content-Type: text/css

mainyer6.com/www.bimcell.com.tr/templates/css/font-awesome/css/font-awesome.min.css

92.205.14.166

200 OK

4.7 kB

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/css/font-awesome/css/font-awesome.min.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (20859)
Size
4.7 kB (4732 bytes)
Hash
9c024974b49dee1f64cd0e99d67a2e07
8a6ffda99f95d586da6e69bf2cba855b1a75c42a
46eae01c8a84dcca0d0481fc71905ea6016689535bbaa23960aeec15bb8d7688

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/css/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 07 Jan 2022 14:51:49 GMT
ETag: "48808d8-521d-5d4ff2076280d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4732
Keep-Alive: timeout=5
Content-Type: text/css

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 00:49:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

mainyer6.com/www.bimcell.com.tr/templates/scripts/bootstrap.min.js

92.205.14.166

200 OK

7.7 kB

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/scripts/bootstrap.min.js
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (28941)
Size
7.7 kB (7679 bytes)
Hash
18c650acaadcdf582747aea91bebda89
254df0d455514d4888e4906993b3e72d5f56d2d0
cd2d43b5075c59279839a156425c64abefa206144a4e7ee4a9c35c1157e1217a

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/scripts/bootstrap.min.js HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:41 GMT
ETag: "48808c7-71b6-5d4ff1ffacd42-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7679
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript

mainyer6.com/www.bimcell.com.tr/templates/scripts/main.js

92.205.14.166

200 OK

126 B

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/scripts/main.js
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
Unicode text, UTF-8 (with BOM) text
Size
126 B (126 bytes)
Hash
bcbf0f08b26a9591ec40d09d44859378
e76a024ed0d3c7ae84f55bc71f2b5557bf6604fe
87a3d13e2c9ca08032536a9160c7d881d4f40d266f8b18a7bb2fc1d15cbb6439

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/scripts/main.js HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:42 GMT
ETag: "48808c8-74-5d4ff2006db43-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 126
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript

mainyer6.com/www.bimcell.com.tr/templates/css/bootstrap.css

92.205.14.166

200 OK

18 kB

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/css/bootstrap.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
assembler source, ASCII text, with very long lines (540)
Size
18 kB (18403 bytes)
Hash
73444eced66f1e3051aa2a40eddc3e7b
5a3b2f654776191bc37a31cd004a310bd3c73651
c245122b7dab61aacf4453b2d9216d2e2841a7dd20d3912af064c82eddbc7701

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/css/bootstrap.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 07 Jan 2022 14:51:40 GMT
ETag: "48808c2-1da2d-5d4ff1fe1ea08-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18403
Keep-Alive: timeout=5
Content-Type: text/css

mainyer6.com/code.jquery.com/jquery-1.9.1.min.js

92.205.14.166

404 Not Found

315 B

URL HTTP/1.1
mainyer6.com/code.jquery.com/jquery-1.9.1.min.js
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /code.jquery.com/jquery-1.9.1.min.js HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

mainyer6.com/code.jquery.com/ui/1.11.0/jquery-ui.min.js

92.205.14.166

404 Not Found

315 B

URL HTTP/1.1
mainyer6.com/code.jquery.com/ui/1.11.0/jquery-ui.min.js
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /code.jquery.com/ui/1.11.0/jquery-ui.min.js HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 00:49:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mainyer6.com/code.jquery.com/ui/1.11.0/jquery-ui.min.js

92.205.14.166

404 Not Found

315 B

URL HTTP/1.1
mainyer6.com/code.jquery.com/ui/1.11.0/jquery-ui.min.js
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /code.jquery.com/ui/1.11.0/jquery-ui.min.js HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

mainyer6.com/www.bimcell.com.tr/templates/scripts/jquery-1.10.2.js

92.205.14.166

200 OK

81 kB

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/scripts/jquery-1.10.2.js
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
81 kB (81060 bytes)
Hash
dc6ceefe33b3d2e3b223483e9711cd70
7e2aecf16821ad1ee4cd65d5f957aa5f39a7f177
c360afbcecdd56977a559207f6bff0d360d256b21356fb2a40dfd75b9096f3a1

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/scripts/jquery-1.10.2.js HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:42 GMT
ETag: "48808c6-42b2f-5d4ff2004c030-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

mainyer6.com/www.bimcell.com.tr/templates/css/images/bottom_logo.png

92.205.14.166

200 OK

1.3 kB

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/css/images/bottom_logo.png
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
PNG image data, 109 x 39, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1309 bytes)
Hash
4ebbd7f7e48df7dd2d0b570f01e6ccb0
4e39ebbbb4cd36d21667821eb8494fc4b1053eca
576478ae1dc83021e5695547c46bb943fee6b8592c4b60372dc37632111942c0

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/css/images/bottom_logo.png HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:48 GMT
ETag: "48808d2-51d-5d4ff205a04c6"
Accept-Ranges: bytes
Content-Length: 1309
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

mainyer6.com/www.bimcell.com.tr/templates/css/images/logo.png

92.205.14.166

200 OK

2.5 kB

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/css/images/logo.png
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
PNG image data, 170 x 61, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2465 bytes)
Hash
d39ee84d792707f7fce407bab7ecd4a1
adca826799c7513ffb2e76478763bd667f6401ef
9fa988580b6be1f2d45105d565442715cbfd2223e61f8d7afc7d47581f2387b2

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/css/images/logo.png HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:48 GMT
ETag: "48808d3-9a1-5d4ff205aa4ef"
Accept-Ranges: bytes
Content-Length: 2465
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

mainyer6.com/www.bimcell.com.tr/templates/css/images/icon/download.png

92.205.14.166

200 OK

369 B

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/css/images/icon/download.png
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
PNG image data, 15 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
369 B (369 bytes)
Hash
42fecfa5937a3960af7788b4bded669d
2676cf8f861d12428d8740312b3cdddef3dc2986
fe63f0ede667ce21480b86f1386827bfc782968f40844b85db75538f5fdc11a7

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/css/images/icon/download.png HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/www.bimcell.com.tr/templates/css/style.css

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:49 GMT
ETag: "48808d7-171-5d4ff206edcd2"
Accept-Ranges: bytes
Content-Length: 369
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

mainyer6.com/www.bimcell.com.tr/templates/css/images/icon/phone.png

92.205.14.166

200 OK

424 B

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/css/images/icon/phone.png
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
PNG image data, 17 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size
424 B (424 bytes)
Hash
8e4e4113bcfd9131a729a390d0af058a
8dcba519f480380139b0f964888e3d592d257f7a
f8f33ff94a93cb696541eda6b717e708bb09cac46afe5bb3713a479fd373d91b

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/css/images/icon/phone.png HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/www.bimcell.com.tr/templates/css/style.css

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:50 GMT
ETag: "48808da-1a8-5d4ff208147c4"
Accept-Ranges: bytes
Content-Length: 424
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 00:49:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mainyer6.com/www.bimcell.com.tr/templates/css/images/icon/monitor.png

92.205.14.166

200 OK

418 B

URL HTTP/1.1
mainyer6.com/www.bimcell.com.tr/templates/css/images/icon/monitor.png
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
PNG image data, 29 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
418 B (418 bytes)
Hash
157d2db88af73ddf7c5d26781da073fe
6902de5730cd4443eace771ff1f5f6316eb522fd
07c90a81248b93654e3e72d77b6d47abac7554b0f7d73283139827c1b037e411

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /www.bimcell.com.tr/templates/css/images/icon/monitor.png HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/www.bimcell.com.tr/templates/css/style.css

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:08 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:49 GMT
ETag: "48808d9-1a2-5d4ff2075e1bc"
Accept-Ranges: bytes
Content-Length: 418
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 00:49:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.74

200 OK

4.7 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
4.7 kB (4715 bytes)
Hash
1c6f208a3e284bae21ad51963f001ebe
79cc3da24aabc8f382d11f2cee10a6560ed32832
68e681755b01adcaa2a156a2098b8f6fec13b5e800933946fd1fd6253bfd67dd

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mainyer6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 00:49:08 GMT
date: Wed, 08 Feb 2023 00:49:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 00:49:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mainyer6.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 182828
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mainyer6.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 579429
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

142.250.74.35

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Size
12 kB (11800 bytes)
Hash
e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mainyer6.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 00:55:59 GMT
expires: Mon, 05 Feb 2024 00:55:59 GMT
cache-control: public, max-age=31536000
age: 258789
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

142.250.74.35

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data
Size
12 kB (11824 bytes)
Hash
deb26e9b1a25438118e5d39d741ae6b6
a2801defb4c8bed8e4083dfde0b2a5a9c0537020
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mainyer6.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:58:07 GMT
expires: Thu, 01 Feb 2024 20:58:07 GMT
cache-control: public, max-age=31536000
age: 532261
last-modified: Wed, 11 May 2022 19:24:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 00:49:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 00:49:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

142.250.74.35

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Size
12 kB (11872 bytes)
Hash
87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mainyer6.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 14:50:08 GMT
expires: Wed, 07 Feb 2024 14:50:08 GMT
cache-control: public, max-age=31536000
age: 35941
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mainyer6.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 13:09:06 GMT
expires: Wed, 07 Feb 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 42003
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 00:49:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/chosen.min.css

92.205.14.166

200 OK

2.0 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/chosen.min.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (8718)
Size
2.0 kB (2001 bytes)
Hash
8fb2fd0422400b42f2e07672cb972bb5
55e3242f9c81f18fa427f304646022399d4df531
74f0666e34a2fa1b2f09ae1ffba1581d4542df7aeb174ed3ed81fc0cba482455

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/chosen.min.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:22 GMT
ETag: "4860fc1-2288-5d4ff1ed819b9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2001
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/animate.min.css

92.205.14.166

200 OK

4.1 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/animate.min.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (45426)
Size
4.1 kB (4140 bytes)
Hash
ab6f6d62d5978c51bfc6197f318066fc
77845a68273255f6a840f7f5f39b7d4d7cb7b912
2ec9101e9c19830dab5819fe2e4f64969c60cfbbb03a795e1525c042ca1558f5

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/animate.min.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:22 GMT
ETag: "4860fbf-b5ef-5d4ff1ed2bab1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4140
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/bootstrap.min.css

92.205.14.166

200 OK

20 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/bootstrap.min.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (65371)
Size
20 kB (19804 bytes)
Hash
c235689b4046026ea2123a8631956a43
b488904c37b563240688bf0f948352a2a5f19f29
031efd78da5f5370bfa591909976e7541a5864ed6cf36ab793d351f2ebee3840

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/bootstrap.min.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:23 GMT
ETag: "4860fc0-1db40-5d4ff1edcf7d8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19804
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/scss/tt.min.css

92.205.14.166

200 OK

10 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/scss/tt.min.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (394)
Size
10 kB (10504 bytes)
Hash
f64c27ab8dded50da3c7163437aa2357
98555349cfaf5cdaffa124f50e71018fde926c5c
c4b3f28af6ac4330f8e2e9716a08062a217969e47597f73b60fb9ce7640e45ab

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/scss/tt.min.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:51 GMT
ETag: "4860f82-148aa-5d4ff1cfab04e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10504
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/slick-theme.min.css

92.205.14.166

200 OK

766 B

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/slick-theme.min.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
Unicode text, UTF-8 text, with very long lines (2386), with no line terminators
Size
766 B (766 bytes)
Hash
224579c7fa1523e25f6661f17bcc265b
66061bfe87a7f49ebb39b594a161ac2ced4c45d9
14d5ea9da62d9840a54f1e6782ff29ea911bfe198a0a38ce6046a66242a761f0

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/slick-theme.min.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:23 GMT
ETag: "4860fc2-95c-5d4ff1edfab43-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 766
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/slick.min.css

92.205.14.166

200 OK

479 B

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/slick.min.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (1297), with no line terminators
Size
479 B (479 bytes)
Hash
dccd4582f989e4502f589bbee430768b
74a54c10b7d3de27d692bf8cbbe93199c91c75f6
5548bf564e1afd4c6600b1fbdca874aee07e965a24dcaf6ce673624114e5bb3f

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/libs/css/slick.min.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:23 GMT
ETag: "4860fc3-511-5d4ff1ee27a07-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 479
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/jquery.smartbanner.css

92.205.14.166

200 OK

1.3 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/jquery.smartbanner.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (496)
Size
1.3 kB (1275 bytes)
Hash
f2251684eef5645d165532de859a48bd
30ff072497f21c31b7a21976ead53ec67444a5fa
bf4a03f898b207449e155afcc7a3acb9e73ec4b0b55d5b90e8b56af41fd4f0f4

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/jquery.smartbanner.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:15 GMT
ETag: "4860f08-ff6-5d4ff1ad68539-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1275
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/base3abf.css?q=1.0

92.205.14.166

200 OK

2.0 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/base3abf.css?q=1.0
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (13063), with no line terminators
Size
2.0 kB (1985 bytes)
Hash
7967b3ae75c0d652aac124f83455220e
f200c696da46fd81ccfab2830fe6e4c8c4be3177
1bb775c445c0bcf9bd768fd0c9a41973767a7946db6aa51eeb0362d17fa5e288

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/base3abf.css?q=1.0 HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:14 GMT
ETag: "4860f02-3307-5d4ff1ac7a48c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1985
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/general.css

92.205.14.166

200 OK

545 B

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/general.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
545 B (545 bytes)
Hash
cbb08398f144d6f56971ffafe71af403
2ab30cd5c82e103b6f0e1675f6da5038c7eb6eff
acf6f8c311398a68e0d97b84cf7915a6c8a6a5ea947346b34d2171385857ff76

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/general.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:15 GMT
ETag: "4860f07-8fe-5d4ff1ad39735-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 545
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/pluginsc81e.css?2

92.205.14.166

200 OK

528 B

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/pluginsc81e.css?2
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (1837)
Size
528 B (528 bytes)
Hash
e7557681cdb198637908e830beec0a06
0ef22b925fca18e3d5d606094eeae8d59a53260e
fb2892b935d71cc9b81c1230ec9987c2bc65a7da08cb3f86e4ab2f3cfdc7afa8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/pluginsc81e.css?2 HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:15 GMT
ETag: "4860f0a-7cc-5d4ff1adb5b88-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 528
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsiveeccb.css?3

92.205.14.166

200 OK

1.7 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsiveeccb.css?3
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
assembler source, ASCII text
Size
1.7 kB (1727 bytes)
Hash
fc343648bd2fb9638e76a679bd928873
e7e795929d7a2fd483939ea03199e818601d7602
a315e239df3a6d84b118f8d5f5db1e6146ffa28ebf3179464d34fa2569d8dae0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/responsiveeccb.css?3 HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:16 GMT
ETag: "4860f0b-1dc4-5d4ff1ae03d8e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1727
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/dataTables.bootstrap.css

92.205.14.166

200 OK

1.6 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/dataTables.bootstrap.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
1.6 kB (1566 bytes)
Hash
6bc849921517cc7b91e36b60307b5bc3
74c25e63ea526ecb5d0ace859b271ebaf04dfd63
4305c6275fef15d5480dd1f57c66ce3bcd09e2b69587e1a2d148bcefa5644acf

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/dataTables.bootstrap.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:15 GMT
ETag: "4860f04-1aa2-5d4ff1ace3445-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1566
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/listbox.css

92.205.14.166

200 OK

508 B

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/listbox.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
508 B (508 bytes)
Hash
0cd9b785d1d5cb687400017a2caedafa
ab43e9667b1f7ec6c4a8bb02b5bc4cf4cc9122e3
658cb56cc9ad714c9df384215387fc118a69830ffd38b7e091331a0707e500bf

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/listbox.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:15 GMT
ETag: "4860f09-493-5d4ff1ad9e86e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 508
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/bootstrap777d.css?1.1

92.205.14.166

200 OK

20 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/bootstrap777d.css?1.1
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (19959 bytes)
Hash
50f7795621fffa14c8f1efcc8bfc6d6a
4934fe956936ca79ef08deaca22394a057489706
42f72e5e22f9dc3ce10aef35fe93e218aa54110f6d2286e3588911655b42f8cf

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/bootstrap777d.css?1.1 HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:15 GMT
ETag: "4860f03-201cd-5d4ff1ace094d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19959
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/datepicker/bootstrap-datetimepicker.min.css

92.205.14.166

200 OK

1.6 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/datepicker/bootstrap-datetimepicker.min.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
1.6 kB (1619 bytes)
Hash
792ced0b8b74a1101eb0574f271cd9c4
fc304204f39a12b011e5df3e3eaabbe397d7ad8d
5eeafc7a40a1b7253b5df566e390bcb15e37e888bbeb91762ae4ea4d914da40c

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/datepicker/bootstrap-datetimepicker.min.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:54 GMT
ETag: "4860f85-1f99-5d4ff1d2d3a14-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1619
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/css/fonts.css

92.205.14.166

200 OK

452 B

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/css/fonts.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
452 B (452 bytes)
Hash
063858eebd53a7dbd06b2d87d0f0f7df
abcbfee5e443d7c47ff245a45c4c24cf43f59002
179a42c60dde4c0de3eb309459694454884c04fc5ae011d77dca8c8131e050f6

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/css/fonts.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/scss/tt.min.css

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:40 GMT
ETag: "4860f71-f67-5d4ff1c57e3a5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 452
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/favicon.ico

92.205.14.166

404 Not Found

315 B

URL HTTP/1.1
mainyer6.com/favicon.ico
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/

HTTP/1.1 404 Not Found
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/mobile.css

92.205.14.166

200 OK

533 B

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/mobile.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
533 B (533 bytes)
Hash
f53d0ea72800de8e2ba8a3b0537a63a9
ad8215a03e304ae7d6d92dbf6bb15deff8c73177
f24c926db1b2bc1f87b5696c1804aefa8230ade431ddf509042763d819b8e74f

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/mobile.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/general.css

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:03 GMT
ETag: "4860f93-aef-5d4ff1db43966-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 533
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/tablet.css

92.205.14.166

200 OK

389 B

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/tablet.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
389 B (389 bytes)
Hash
06c2154f99ef768097f1d02be602c7a3
bab10654a63152da8d712ac1323bce63fdd56674
6da393ec335847a427c5c55f9853d618447c87ce09e18adc471f15863b868739

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/tablet.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/general.css

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:04 GMT
ETag: "4860f94-76a-5d4ff1dba3896-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 389
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/desktop.css

92.205.14.166

200 OK

368 B

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/desktop.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
368 B (368 bytes)
Hash
db8cffd48819cec65039301cf9d09a2d
7434069222952bcca154a568720bce3b4e0c5de7
d51a819dc7576afe06435035521d8450d73a834db7552a4e3ca51098fa43942b

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/desktop.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/general.css

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:03 GMT
ETag: "4860f90-6f7-5d4ff1dae652e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 368
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/style6512.css?11

92.205.14.166

200 OK

50 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/style6512.css?11
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (1943)
Size
50 kB (50325 bytes)
Hash
99d073aa36ce506e60990dbd155cfc93
dda6d74f58a1e5ef02ee9c186001a90b96ef6307
6181ce4ec6b5efc830617b656f5b77b80dab895fcef537aa1124f48c049b28a2

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/style6512.css?11 HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:50:19 GMT
ETag: "4860f0c-47542-5d4ff1b0f8f18-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 50325
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/maximum-tablet.css

92.205.14.166

200 OK

302 B

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/maximum-tablet.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
302 B (302 bytes)
Hash
22d8965dcb7a4c754dfc60cb83595be1
9f356ee6f7052ac1a0eb3f1a4323b212f6115e6c
f79b41870dff23fb6eacdaf96e477136a4bc38cbafdbdec8240207a85a411dc7

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/maximum-tablet.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/general.css

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:03 GMT
ETag: "4860f91-4f8-5d4ff1dae9bde-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 302
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/minimum-tablet.css

92.205.14.166

200 OK

461 B

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/minimum-tablet.css
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
ASCII text
Size
461 B (461 bytes)
Hash
4f17e09d9a1c15edbe04ac36e3c1ba63
0d5feeabd4c86482714f97702c55ea08e47b0619
4dcd7c2a752e7fb7d40785fcd1057f2c48761633a9cd4f0fec2e786b290db14c

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/css/responsive/minimum-tablet.css HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/css/general.css

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:03 GMT
ETag: "4860f92-91e-5d4ff1db3df8d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 461
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets-ext/images/oi/avea/icon_how_do.png

92.205.14.166

200 OK

3.9 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets-ext/images/oi/avea/icon_how_do.png
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3932 bytes)
Hash
1bb3609c32e987ff9a0fc969ce4669e6
92f75f0c90be633d73d974540bb20efda755b75d
bae3ba98a456a91085c66342ccabb8b3be47cd152e6820392ac0facc79f3d57b

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/assets-ext/images/oi/avea/icon_how_do.png HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mainyer6.com/main.php

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:35 GMT
ETag: "488028c-f5c-5d4ff1f949c8d"
Accept-Ranges: bytes
Content-Length: 3932
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png

www.bimcell.com.tr/templates/css/font-awesome/fonts/fontawesome-webfont.woff?v=4.1.0

212.98.241.171

404 Not Found

1.2 kB

URL HTTP/2
www.bimcell.com.tr/templates/css/font-awesome/fonts/fontawesome-webfont.woff?v=4.1.0
IP
212.98.241.171:0
ASN
#15924 Vodafone Net Iletisim Hizmetleri Anonim Sirketi

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

HTTP Headers

GET /templates/css/font-awesome/fonts/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: www.bimcell.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mainyer6.com
Connection: keep-alive
Referer: http://mainyer6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cache-control: private
content-type: text/html
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=1lix2kbrtlnzqkzkmpojvuqr; path=/; secure; HttpOnly; SameSite=None
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
date: Wed, 08 Feb 2023 00:49:08 GMT
content-length: 1245
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 23:51:19 GMT
age: 3470
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/css/fonts/mulish-v1-vietnamese_latin-ext_latin-regular.woff2

92.205.14.166

200 OK

32 kB

URL HTTP/1.1
mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/css/fonts/mulish-v1-vietnamese_latin-ext_latin-regular.woff2
IP
92.205.14.166:0
ASN
#21499 Host Europe GmbH

File type
Web Open Font Format (Version 2), TrueType, length 32124, version 1.0\012- data
Size
32 kB (32124 bytes)
Hash
846be84526c219fcecce78cf5de559b7
7d4f9e45cb423c3c876fb6820a24a00f85396ede
198a9051bde3e14e464d616fe4f5f9015f62c6f750bb9430e60566e2010e0739

Detections

Analyzer	Verdict	Alert
openphish	Bim Cell
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/css/fonts/mulish-v1-vietnamese_latin-ext_latin-regular.woff2 HTTP/1.1
Host: mainyer6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mainyer6.com/onlineislemler.turktelekom.com.tr/mps/assets/assets_new_menu/css/fonts.css

HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:49:09 GMT
Server: Apache
Last-Modified: Fri, 07 Jan 2022 14:51:20 GMT
ETag: "4860fb8-7d7c-5d4ff1eae5de7"
Accept-Ranges: bytes
Content-Length: 32124
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2

www.bimcell.com.tr/templates/css/font-awesome/fonts/fontawesome-webfont.ttf?v=4.1.0

212.98.241.171

404 Not Found

1.2 kB

URL HTTP/2
www.bimcell.com.tr/templates/css/font-awesome/fonts/fontawesome-webfont.ttf?v=4.1.0
IP
212.98.241.171:0
ASN
#15924 Vodafone Net Iletisim Hizmetleri Anonim Sirketi

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1245 bytes)
Hash
5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

HTTP Headers

GET /templates/css/font-awesome/fonts/fontawesome-webfont.ttf?v=4.1.0 HTTP/1.1
Host: www.bimcell.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mainyer6.com
Connection: keep-alive
Referer: http://mainyer6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cache-control: private
content-type: text/html
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=h4ggyvr3w5p3rvcc3obmnnh5; path=/; secure; HttpOnly; SameSite=None
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
date: Wed, 08 Feb 2023 00:49:08 GMT
content-length: 1245
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2822
Expires: Wed, 08 Feb 2023 01:36:11 GMT
Date: Wed, 08 Feb 2023 00:49:09 GMT
Connection: keep-alive

push.services.mozilla.com/

35.161.188.100

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.188.100:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ndE8UdiUhimgJFjq0Eym1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RVbuKxgBu7r/rMj2+tv9fyopcCU=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17286
Expires: Wed, 08 Feb 2023 05:37:16 GMT
Date: Wed, 08 Feb 2023 00:49:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17286
Expires: Wed, 08 Feb 2023 05:37:16 GMT
Date: Wed, 08 Feb 2023 00:49:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17286
Expires: Wed, 08 Feb 2023 05:37:16 GMT
Date: Wed, 08 Feb 2023 00:49:10 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12216 bytes)
Hash
fe800d6af728cd622a6192ad5e7dda6a
3a301dd894fc428c7d1863c9d5eaf2652f5c2083
f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cf13Lp2SFHQ4SSF6_KpC4zx339tZRkMmnmF-OKM_2hbWbIoR3OLJ_g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:50:49 GMT
age: 10701
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13160 bytes)
Hash
003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81DTnHIh40lNEi6l5hC87Vo9R8k4w79Fr71zibyvGP0iJm4kmhWITA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:45:27 GMT
age: 61423
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6838 bytes)
Hash
4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mgfr5wO7Bj5BVjKYY7O0c4ogLognfq09QrA9khZROr2CVyOWgKTz1g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:35 GMT
age: 10595
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7847 bytes)
Hash
5129898de057eb92808f18d120eb7a70
eb0a900843beac5c4ee46686b89b3e8b8d77f80f
7ce3e4f7be652895e93cb8c1a9019b70d699c0a9da013d311395a6440b4e9f96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7847
x-amzn-requestid: 60759e32-ac58-4dda-8ea3-fd80413c0deb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkkEpMoAMFnGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c483-61b8715a0da73f4526215649;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NwaKQCUYm5ov0l7aSUXurRhRMvaAOsjf5QOIWCttb8xkUbgrQei-Yw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:18 GMT
age: 10612
etag: "eb0a900843beac5c4ee46686b89b3e8b8d77f80f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8703 bytes)
Hash
be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oDXgginig1GJvV9QIPvDGVumNDnOrBbrGRZSqyJ_NDRUX4XP5jxHxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:03:47 GMT
age: 9923
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8629 bytes)
Hash
02fde25be5ded120af759d19d8304f73
8d2a4d9ab5947113ce0737d4d4bed3e30a971026
7cdf26668cca22f28eee047d3fcf30cea8d97b1d8804fe2132728f26cd11558d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8629
x-amzn-requestid: cc20d28e-3937-4826-97ef-100fb5dd2645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFn3oAMF61A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-6e764236604212fa26dab38a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0sEMzqETD-gbgXOXb_CJmLjYQmNGMN4-_ggiB7ifbifltHJYsTRRsQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:22 GMT
age: 10608
etag: "8d2a4d9ab5947113ce0737d4d4bed3e30a971026"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML