Report - hesaplimagaza.com/

Report Overview

Submitted URL
hesaplimagaza.com/
IP
78.135.82.40
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.
Submitted
2023-02-23 17:10:01
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
80

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-14T05:10:25Z	429 B	6.7 kB	104.17.25.14
hesaplimagaza.com	unknown	2014-07-03T00:56:33Z	2023-02-23T18:10:32Z	349 B	565 B	78.135.82.40
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-14T05:09:37Z	333 B	391 B	34.117.237.239
www.hesaplimagaza.com	unknown	2019-07-31T01:38:17Z	2023-02-23T18:09:43Z	30 kB	2.5 MB	78.135.82.40
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-14T05:09:37Z	1.3 kB	18 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T18:13:28Z	8.1 kB	285 kB	35.241.9.150
shavar.services.mozilla.com	3602	2015-09-28T08:30:01Z	2023-03-14T05:09:38Z	453 B	204 B	44.225.87.128
firefox-settings-attachments.cdn.mozilla.net	11509	2019-11-30T10:32:57Z	2023-03-14T05:09:39Z	412 B	808 kB	34.111.73.144
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-14T05:10:26Z	379 B	29 kB	31.13.72.12
detectportal.firefox.com	1601	2018-08-30T11:52:03Z	2023-03-14T05:09:38Z	606 B	428 B	34.107.221.82
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-14T05:09:04Z	2.7 kB	7.1 kB	23.33.119.27
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-14T05:09:37Z	435 B	47 kB	34.120.5.221
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-14T08:09:39Z	1.0 kB	2.4 kB	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-14T05:09:38Z	606 B	127 B	54.186.103.190
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T18:12:07Z	2.7 kB	5.6 kB	142.250.74.131
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-14T08:49:03Z	3.0 kB	108 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.3 kB	53 kB	34.120.237.76
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	636 B	349 B	31.13.72.36
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-14T02:50:33Z	424 B	630 B	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-23	medium	hesaplimagaza.com/	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/icons/fonts/icomoon.woff2?v1	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/icons/style.minimal.css?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/skins/minimal/style.css?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/swiper/swiper.min.css?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/stylesheet/style.css?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/javascript/bootstrap/js/bootstrap.min.js?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/javascript/common.js?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/logo/site-logo-400x111.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/demo22/slider-1-3000x1000.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/yap%C4%B1-market-250x350.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/demo22/slider-2-3000x1000.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/banyo-aksesuarlar%C4%B112-250x350.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/perde13-250x350.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/bah%C3%A7e-tak%C4%B1m12-250x350.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/unnamed-512x512.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/anime/anime.min.js?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/countdown/jquery.countdown.min.js?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/demo22/1-100x100-1-100x100.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/demo22/2-100x100-2-100x100.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/demo22/3-100x100-3-100x100.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/demo22/g5-5-1-100x100.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/demo22/4-100x100-4-100x100.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/logo/storeapp-119x39.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/logo/storeplay-119x39.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/logo/footerkartlar-min-613x69-613x69-613x69.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/typeahead/typeahead.jquery.min.js?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/demo22/sd4-3000x1000h.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/hoverintent/jquery.hoverIntent.min.js?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/cjs/cjs.js?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/masterslider.js?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/theme/journal3/js/journal.js?v=14218c54	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/javascript/facebook_business/facebook_pixel_3_1_2.js	Malware
2023-02-23	medium	www.hesaplimagaza.com/catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/product/625f434573618_3ccf34e1b922401f9a7d24187c7ff089-300x400w.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/product/62a8726fa8fe5_793f372d3a10484cb0db8cf945339e49-300x400w.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/product/61e87e6f8bf6e_8783686c0ac64046916e23d647e7b1e6-300x400w.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/product/611d0215af3c1_4f705221a5034ec7b37de480fc135595-300x400h.webp	Malware
2023-02-23	medium	www.hesaplimagaza.com/image/cache/catalog/product/63d3c9a84e8b8_b71ef00b11784722a4b98f6deebcea1f-300x400w.webp	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/swiper/swiper.min.js?v=14218c54	129 kB	2023-03-07	2024-03-29
Pretty URL www.hesaplimagaza.com/catalog/view/theme/journal3/lib/swiper/swiper.min.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:08 Last Seen2024-03-29 08:08:22 Times Seen703 Hash bc50849111663577c0eab162d4271bca 9832a5a89b5685c8dd62161e1d27ddf1281f3a5f c51fcb73c911f8b85efa8ac61e1eb7a7d049fadf20a9b1ffc5e66a0f2b16a2e2 Loading...

	www.hesaplimagaza.com/catalog/view/theme/journal3/js/common.js?v=14218c54	17 kB	2023-03-07	2024-01-27
Pretty URL www.hesaplimagaza.com/catalog/view/theme/journal3/js/common.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:20:17 Last Seen2024-01-27 18:38:43 Times Seen184 Hash 2dda13bee0403ec183d2ef40236aed63 c9b8b3127cf544f304ba45f566c0cfe9a46fef4a 901f285abfe9860c92d4a812784a93af51619f933b7041661e0971ffbd4159b0 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 14:48:33 Times Seen36974297 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.hesaplimagaza.com/catalog/view/javascript/common.js?v=14218c54	13 kB	2023-03-07	2024-03-15
Pretty URL www.hesaplimagaza.com/catalog/view/javascript/common.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:01 Last Seen2024-03-15 16:37:39 Times Seen809 Hash 178ebcd4a38568ef4c3b97b9c43883f5 b31b8f900b71763dfc9a8fd68c53c4d490a8f1a4 44f66f8bf75bceb5868517ed1edc6e73d77e27f3812a2d84984051d819a5ffb5 Loading...

	www.hesaplimagaza.com/	636 B	2023-03-14	2024-01-05
Pretty URL www.hesaplimagaza.com/ IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:08:58 Last Seen2024-01-05 03:53:45 Times Seen14 Hash fcd99e857cea387819a55c73b90d9dd9 ebc338c0e4d0d0e649302492c83b32b6b636bbfc 9f25289206a974fff09496142099709b001c351ec5dd8267f7f9f08322dccbab Loading...

	www.hesaplimagaza.com/	194 B	2023-03-07	2024-02-06
Pretty URL www.hesaplimagaza.com/ IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:33:50 Last Seen2024-02-06 10:38:08 Times Seen172 Hash f278c4a532876d9e733069fea63c5deb 9fc88de9cb64646503bde50e7271434a3f5d9aa4 efb4c84649b81017cdeedceb2b51b41fa9ba0bb3ed5dea3dd2250b3e5fefc26c Loading...

	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/vanilla-lazyload/lazyload.min.js?v=14218c54	7.9 kB	2023-03-07	2024-04-19
Pretty URL www.hesaplimagaza.com/catalog/view/theme/journal3/lib/vanilla-lazyload/lazyload.min.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 12:28:03 Times Seen3321 Hash d18523e4a4aaa9420a86e4dddfb07554 fa22a3d38dc3c87ca92f1456846682abeb696b96 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41 Loading...

	www.hesaplimagaza.com/catalog/view/javascript/facebook_business/facebook_pixel_3_1_2.js	3.9 kB	2023-03-14	2023-03-14
Pretty URL www.hesaplimagaza.com/catalog/view/javascript/facebook_business/facebook_pixel_3_1_2.js IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:08:58 Last Seen2023-03-14 09:08:59 Times Seen1 Hash 9c415cd3c0b8e8b0c9d055a8a4f4eb8a 6f5715ec018cbbd29c2014104dea909faed97217 68baa8b2b8a8b699113aef2ef4e5c2278654828152b61970a791ba8540812a7a Loading...

	connect.facebook.net/signals/plugins/identity.js?v=2.9.96	65 kB	2023-03-08	2024-02-19
Pretty URL connect.facebook.net/signals/plugins/identity.js?v=2.9.96 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:50 Last Seen2024-02-19 23:40:48 Times Seen4401 Hash ed5d6caf417fab681343bc3414babc55 410ba8d8866d7c7df41f21526345cfb7426386f2 7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f Loading...

	connect.facebook.net/signals/config/3484434284957071?v=2.9.96&r=stable	386 kB	2023-03-14	2023-03-14
Pretty URL connect.facebook.net/signals/config/3484434284957071?v=2.9.96&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:08:58 Last Seen2023-03-14 09:08:59 Times Seen1 Hash 1f2cf0552b5c4da39e8f41db193d5eea 6ecc068ad47bfc28f86f782377c94dec9086f9bc fafb447f3ac273244e04e840e00ea58dd255f39d8957e4835208773fbc72fee4 Loading...

	www.hesaplimagaza.com/	8.2 kB	2023-03-07	2024-03-29
Pretty URL www.hesaplimagaza.com/ IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:55 Last Seen2024-03-29 08:08:14 Times Seen313 Hash f799c2751fbf38acfeb537ad017a15c3 e683583516c56aead27b5aa582d2f96b7b96ae1d ebcc1674bc6636e1bfd3548055a8621201a73465c5b6c22074ae352c94b6ea73 Loading...

	www.hesaplimagaza.com/	174 B	2023-03-14	2023-03-14
Pretty URL www.hesaplimagaza.com/ IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:08:58 Last Seen2023-03-14 09:08:59 Times Seen1 Hash f249cf14249123f9b13fe9a237fa1544 0faecffc25211b24f660999e63343f5fe540241f e6de54bd2dc428814e22574f13cd9213b3acfef12df682ecefe7eeeca25f63a2 Loading...

	www.hesaplimagaza.com/	172 B	2023-03-07	2024-02-06
Pretty URL www.hesaplimagaza.com/ IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:33:50 Last Seen2024-02-06 10:38:08 Times Seen164 Hash 83e967fcd28640f1d614f5da56aa2a63 29484fa9e571a578839d82136dc55fef10e7c5d0 e88d7091983999059df5ad5b9343fc906035149a9e20beefa2dab998dfdfbbfd Loading...

	www.hesaplimagaza.com/	2.1 kB	2023-03-08	2024-02-06
Pretty URL www.hesaplimagaza.com/ IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:34:52 Last Seen2024-02-06 10:38:08 Times Seen76 Hash 3e4173f08302fd8522770fc75e3b4723 7f4db4a941dd4da65505d3ce4b76510261b5f2a4 e91b96d65a5951eb9d79e1fbae6e56590f1ac24beb092bfa2a4a767360877353 Loading...

	www.hesaplimagaza.com/	475 B	2023-03-14	2023-03-14
Pretty URL www.hesaplimagaza.com/ IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:08:58 Last Seen2023-03-14 09:08:59 Times Seen1 Hash 165e1a62807d38a1804040cc6e9d7117 dc07dc5d7ef559e2c00f6867414b1c86e4f90547 3c730ccfcac65ea8942265d187d0a5a0337934471ba401bbb925a87e5f36c3a0 Loading...

	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/cjs/cjs.js?v=14218c54	3.9 kB	2023-03-07	2024-03-15
Pretty URL www.hesaplimagaza.com/catalog/view/theme/journal3/lib/cjs/cjs.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:01 Last Seen2024-03-15 16:37:39 Times Seen516 Hash c378f329f6f309a3927acc1d23e74781 81911a3916a99aade7343221e4b745ec8e24d892 057cb25666bb05fd8cfb9635a191923c321116b49fdda49b7f7b6e875787b037 Loading...

	www.hesaplimagaza.com/	3.1 kB	2023-03-14	2023-03-14
Pretty URL www.hesaplimagaza.com/ IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:08:58 Last Seen2023-03-14 09:08:59 Times Seen1 Hash a38d1824800f677e37cbed968f9c6d1d c263b63a9b45aea1223ee2b2e5a261764963a6fd 12d562ac56bdde4d3bf426efea6ffd09d03e17b9782ec017fe3a3e0ff2bbc881 Loading...

	www.hesaplimagaza.com/	1.4 kB	2023-03-14	2023-03-14
Pretty URL www.hesaplimagaza.com/ IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 09:08:58 Last Seen2023-03-14 09:08:59 Times Seen1 Hash 3b476fdb80594b106924151c86a8a0d7 ce498cbfcb1583b3bca85b4e854280c614998dc2 ac38ff125b164f0be0a87ef6315ebdee21c5af56f9c06f6dcfcc86f0ac9dcb19 Loading...

	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/masterslider.js?v=14218c54	268 kB	2023-03-07	2024-01-16
Pretty URL www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/masterslider.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:20:17 Last Seen2024-01-16 11:03:28 Times Seen109 Hash 7285b621eb3eed08e8f5727ca9273cba 7e292533fab56fd3c0cee8d0d8e34bcab5b16af3 6c02b7e0650931f7a71e94ef89a1fe09a29c9a30818430040714ffbd982f62a5 Loading...

	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/hoverintent/jquery.hoverIntent.min.js?v=14218c54	2.2 kB	2023-03-07	2024-04-20
Pretty URL www.hesaplimagaza.com/catalog/view/theme/journal3/lib/hoverintent/jquery.hoverIntent.min.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:51 Last Seen2024-04-20 10:26:06 Times Seen895 Hash db954eadb8d5c1fb769afa7b26366379 a49f29d18742f94ec338d0056c6e348fec54a41a 844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9 Loading...

	www.hesaplimagaza.com/catalog/view/javascript/bootstrap/js/bootstrap.min.js?v=14218c54	37 kB	2023-03-07	2024-04-19
Pretty URL www.hesaplimagaza.com/catalog/view/javascript/bootstrap/js/bootstrap.min.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:46 Last Seen2024-04-19 17:42:48 Times Seen10636 Hash 4becdc9104623e891fbb9d38bba01be4 6c264e0e0026ab5ece49350c6a8812398e696cbb 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327 Loading...

	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/modernizr/modernizr-custom.js?v=14218c54	5.0 kB	2023-03-07	2024-03-15
Pretty URL www.hesaplimagaza.com/catalog/view/theme/journal3/lib/modernizr/modernizr-custom.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:01 Last Seen2024-03-15 16:37:39 Times Seen485 Hash e3124de3584e365d1faa5302fcfa03b6 f4f5d03685ddb7e1d8836608aea99ed31368a3a1 e44f82a765e071cda3f818e8ce0851d565ee3d36cbd270b04c861cd65f35d9c5 Loading...

	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/typeahead/typeahead.jquery.min.js?v=14218c54	27 kB	2023-03-07	2024-04-16
Pretty URL www.hesaplimagaza.com/catalog/view/theme/journal3/lib/typeahead/typeahead.jquery.min.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:01 Last Seen2024-04-16 10:53:51 Times Seen723 Hash 4b525e49c674b8129a1277f3151f7646 0ba6ee4649593cdcc5fbb22ac4aa8d392d10b43f 9ce4658f427c663bc6cfeeabb476f625c734403012b0350d3b05247dcc285bc0 Loading...

	www.hesaplimagaza.com/catalog/view/theme/journal3/js/journal.js?v=14218c54	50 kB	2023-03-07	2024-03-15
Pretty URL www.hesaplimagaza.com/catalog/view/theme/journal3/js/journal.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:20:17 Last Seen2024-03-15 16:37:39 Times Seen375 Hash f490ae9ed9a9936fa9245d2a8a012283 1eff687f5c9b39add83ebb85d9f31d5382444e37 837dfc8bce7f2fb9dff4aca25aa705416ea726f93f84f972cae2c023236fadfd Loading...

	www.hesaplimagaza.com/catalog/view/theme/journal3/lib/countdown/jquery.countdown.min.js?v=14218c54	3.6 kB	2023-03-07	2024-03-29
Pretty URL www.hesaplimagaza.com/catalog/view/theme/journal3/lib/countdown/jquery.countdown.min.js?v=14218c54 IP 78.135.82.40 ASN #207326 HostLAB Bilisim Teknolojileri A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:01 Last Seen2024-03-29 08:08:13 Times Seen552 Hash b98388e7b546033a73f2f11d9a1a5d98 bdd8f4f6b123efc230607349576ff9c62b6db8b2 05919bd2c32c365c9fdbe9e8eadf9d67b0f06cea0fef584dd63a6a07f08fbaaa Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-14	2023-10-19
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 00:30:04 Last Seen2023-10-19 02:58:15 Times Seen11 Hash 467eb094cd171743fc97afdaa813ee31 e3c70cc60cc406293f2eefbadeebc1791942632f dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19 Loading...

HTTP Transactions (117)

URL IP Response Size

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Thu, 23 Feb 2023 14:02:14 GMT
Age: 11248
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

hesaplimagaza.com/

78.135.82.40

301 Moved Permanently

0 B

URL HTTP/1.1
hesaplimagaza.com/
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Set-Cookie: lisansimo=1677172180
OCSESSID=c66c6b3a4a4942fc6dc4262fba; path=/
OCSESSID=b88a06c591f2dd819c6a9deb3e; path=/
language=tr-tr; expires=Sat, 25-Mar-2023 17:09:40 GMT; Max-Age=2592000; path=/; domain=hesaplimagaza.com
currency=TRY; expires=Sat, 25-Mar-2023 17:09:40 GMT; Max-Age=2592000; path=/; domain=hesaplimagaza.com
CSP-Redir: http (Mode:4, SSL:0, WWW:0)
Location: https://www.hesaplimagaza.com/
Content-Type: text/html; charset=UTF-8;
Content-Length: 0
Date: Thu, 23 Feb 2023 17:09:40 GMT

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9647
Expires: Thu, 23 Feb 2023 19:50:30 GMT
Date: Thu, 23 Feb 2023 17:09:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bf2985444924fcb7c28583d95fe3e07
95b5b25c5e28758f16327475be944d68ba858b4d
1e1b4f9fd2e5b5c38916cea3f07edc4abe897defb9db47123d374bc979cad933

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E1B4F9FD2E5B5C38916CEA3F07EDC4ABE897DEFB9DB47123D374BC979CAD933"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12257
Expires: Thu, 23 Feb 2023 20:34:00 GMT
Date: Thu, 23 Feb 2023 17:09:43 GMT
Connection: keep-alive

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Thu, 23 Feb 2023 14:02:14 GMT
Age: 11249
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

47 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
47 kB (46641 bytes)
Hash
41f1143d65f4627ba9ac44f5611fb2e4
e030d7a8e2a83c45a70c8756041c47fcd04bdbe4
543c2556817b6ea7f553b7baee47c3ebb74b4edf823b5b37a57a5e3d3ef08a12

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: Lwoez3Wbhmbm3jY1XIgZzTRPOgVK1jjbfMWGpvV-NBf55n2LvG8bRQ==
content-encoding: gzip
via: 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 17:05:51 GMT
age: 658
content-type: application/json
vary: Accept-Encoding
content-length: 46641
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4569ebd95f766b8f22ed69d69334c37
a7fcd3f640877885077a4126708968d7e1e0d252
e485343a8251f50009506dfc6a42c82ca6b09b434d1e0984ea7c2dfea7dcd28d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E485343A8251F50009506DFC6A42C82CA6B09B434D1E0984EA7C2DFEA7DCD28D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5374
Expires: Thu, 23 Feb 2023 18:39:17 GMT
Date: Thu, 23 Feb 2023 17:09:43 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 2yDSgORj0kC15EaOJb8hOmINGeqCgWwP4KQ6mKD+dxzCRnufUhMsIqYLprCL9RsKSAZZEzpbH6c=
x-amz-request-id: NG3PY6M3B4GYYW6W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 16:20:24 GMT
age: 2959
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 17:09:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6f313739c4c44174fc9a97ac63621b46
319da68d06694330ad9f7901bcde1ca0a6eeac0d
321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2305
Expires: Thu, 23 Feb 2023 17:48:08 GMT
Date: Thu, 23 Feb 2023 17:09:43 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 16:53:56 GMT
content-type: application/json
age: 947
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5aa46280b9f4ef8602f5e1b6864d898f
f1b8d2278116c2873ec0683122818fc186c74392
bb61e1178bc48dc26984f63f54d2621706fe49faa6f9a5651b06befa53cea9a0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5881
Cache-Control: max-age=91424
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:44 GMT
Etag: "63f648ff-1d7"
Expires: Fri, 24 Feb 2023 18:33:28 GMT
Last-Modified: Wed, 22 Feb 2023 16:55:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Expires, Last-Modified, Cache-Control, ETag, Backoff, Content-Type, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 16:51:26 GMT
age: 1098
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11659
Expires: Thu, 23 Feb 2023 20:24:03 GMT
Date: Thu, 23 Feb 2023 17:09:44 GMT
Connection: keep-alive

shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2

44.225.87.128

200 OK

8 B

URL HTTP/1.1
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
44.225.87.128:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
8 B (8 bytes)
Hash
29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b

HTTP Headers

POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Thu, 23 Feb 2023 17:09:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close

push.services.mozilla.com/

54.186.103.190

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.103.190:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AMvp8yAKR24Ij3DAJjcHmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5ldaY98tE1CVvIQoL2ZhsbZjlio=

www.hesaplimagaza.com/catalog/view/theme/journal3/icons/fonts/icomoon.woff2?v1

78.135.82.40

200 OK

154 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/icons/fonts/icomoon.woff2?v1
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
Web Open Font Format (Version 2), TrueType, length 153680, version 1.0\012- data
Size
154 kB (153680 bytes)
Hash
4425e89e07010a02214ddf4a2d71365b
a5d9872f403493d46cd5903e63e65887ecd37d99
9d3cb8c2161075a2a868afc19fe3c026c5f4ed4552d43a4bf22ce9e34b8057b7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/icons/fonts/icomoon.woff2?v1 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 01:32:06 GMT
accept-ranges: bytes
content-length: 153680
date: Thu, 23 Feb 2023 17:09:42 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/javascript/bootstrap/css/bootstrap.min.css?v=14218c54

78.135.82.40

200 OK

16 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/javascript/bootstrap/css/bootstrap.min.css?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (65371)
Size
16 kB (16378 bytes)
Hash
0d2c5cefedf9a1fcfb5ad9a8470f880d
204249ea236087ce204b0c7440fc115c6d6dfb80
cc7224290f899218d6cf3b4d6af0cd12339f5e6f58b9ff3f83dc96d45b9656d8

HTTP Headers

GET /catalog/view/javascript/bootstrap/css/bootstrap.min.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Sat, 22 Jul 2017 10:58:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16378
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/javascript/font-awesome/css/font-awesome.min.css?v=14218c54

78.135.82.40

200 OK

5.6 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/javascript/font-awesome/css/font-awesome.min.css?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5633 bytes)
Hash
1e1637ad1a171618a0de37b7a2ae2aa2
b4daa2dfc83fe639253646e80b64eb0343c4793c
52ff237a3cb893fbcbd754cd47b6a232d6ea9a951c3bd114265bcd310f401724

HTTP Headers

GET /catalog/view/javascript/font-awesome/css/font-awesome.min.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Sat, 22 Jul 2017 10:58:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5633
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/icons/style.minimal.css?v=14218c54

78.135.82.40

200 OK

258 B

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/icons/style.minimal.css?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text
Size
258 B (258 bytes)
Hash
d03ff709e13ec19a64d0e11be72defd1
9b8ccdf83b72574dc0f420714f304e3264459667
d26988e141a11458df2f55ca4cb3f9a1e0af4abcf53a7b42cf16bb93e797f2fb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/icons/style.minimal.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Thu, 01 Apr 2021 01:31:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 258
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
295ecb42da084d2556789eada5291422
24c3605ff6984776ca77a2aa3b3b4bba4267f76f
f787cdc01fe5b6c0889f133cdf9cd0e38973f4cb8515014e8a14418521af04bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.hesaplimagaza.com/

78.135.82.40

200 OK

51 kB

URL HTTP/2
www.hesaplimagaza.com/
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7002)
Size
51 kB (51034 bytes)
Hash
a49f363bc2f087e0c3be9230547ec661
dabe0a71c1857825e1b8647cf694b07760ff90f5
013a055bd4af8b68ffe8c4d5a201d3baa97bcb381526d1f2072e2136f5eab68b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
set-cookie: lisansimo=1677172181
OCSESSID=8e73fd33ebf86c96da1d99d000; path=/
OCSESSID=f69cc83ace55998d344f68dcd9; path=/
language=tr-tr; expires=Sat, 25-Mar-2023 17:09:41 GMT; Max-Age=2592000; path=/; domain=www.hesaplimagaza.com
currency=TRY; expires=Sat, 25-Mar-2023 17:09:41 GMT; Max-Age=2592000; path=/; domain=www.hesaplimagaza.com
content-type: text/html; charset=utf-8
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Feb 2023 17:09:42 GMT
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/skins/minimal/style.css?v=14218c54

78.135.82.40

200 OK

796 B

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/skins/minimal/style.css?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text
Size
796 B (796 bytes)
Hash
5c2890afb7f54e471c3009adebfc7526
e71d31f265aba1858b8cca8c4909133869355c12
07eb82581100590c5602dcf4bafdd8a9da0f7eb8c16129640cc200178a8bc789

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/lib/masterslider/skins/minimal/style.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Thu, 01 Apr 2021 01:34:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 796
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/swiper/swiper.min.css?v=14218c54

78.135.82.40

200 OK

2.6 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/swiper/swiper.min.css?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (19533)
Size
2.6 kB (2589 bytes)
Hash
0ea88050720f5c8e58510ed3ded7cecf
cfcb9f0ecc76d8db3b646a4b188990b9f67f71ec
cd47dfca625896020e3bea01c5f09beb449eec60f54aa61596a21d6682a67aff

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/lib/swiper/swiper.min.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Thu, 01 Apr 2021 01:32:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2589
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/stylesheet/style.css?v=14218c54

78.135.82.40

200 OK

27 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/stylesheet/style.css?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text
Size
27 kB (26906 bytes)
Hash
8584527d1c41978b0771cd9fc609d73d
c14e97f17a191472827a775ad5ea0dba9b3d9937
a0df5cf56fdb6b94856ec7a780fcbc5f474227aad14315e59b4410af834e6e01

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/stylesheet/style.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Sun, 18 Apr 2021 23:20:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 26906
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/modernizr/modernizr-custom.js?v=14218c54

78.135.82.40

200 OK

2.0 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/modernizr/modernizr-custom.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (4868)
Size
2.0 kB (1992 bytes)
Hash
62106eddbd51734b506ffd620738587b
126b3058ffaf30b4081010445abaabad47bf4fad
73ee46fe2e6ea92af21ce7bfbf075fd72a3a43be02aa2446e7a30e2fc383e666

HTTP Headers

GET /catalog/view/theme/journal3/lib/modernizr/modernizr-custom.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1992
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/jquery/jquery-2.1.1.min.js?v=14218c54

78.135.82.40

200 OK

27 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/jquery/jquery-2.1.1.min.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (32061)
Size
27 kB (26637 bytes)
Hash
6e3a191fba73c5493278d42a5bb86481
35f2cb5410860b3527e099e2bba031e11eec4d76
1b18e06f87c1cddda0d2925aebe7d2862335547092710eae3bd705787dd686c2

HTTP Headers

GET /catalog/view/theme/journal3/lib/jquery/jquery-2.1.1.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 26637
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/javascript/bootstrap/js/bootstrap.min.js?v=14218c54

78.135.82.40

200 OK

8.6 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/javascript/bootstrap/js/bootstrap.min.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (32034)
Size
8.6 kB (8640 bytes)
Hash
ed68c4f2106d2ad6f0892c3e8c6327b9
bfc9e8a24030446447f76dc4f7b888131612e5d7
34732ac788da14a0902f9ac97f3024a096e6c170dc7de10c01b7e77edfd50af6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/javascript/bootstrap/js/bootstrap.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Sat, 22 Jul 2017 10:58:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8640
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/javascript/common.js?v=14218c54

78.135.82.40

200 OK

2.5 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/javascript/common.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text
Size
2.5 kB (2462 bytes)
Hash
2444088e0d62edbeaee2a590570184ef
b541ff8056239fb1026024e33354dff112202b20
9ec5482f99f1415625813c19e92de422dbf2dec738afc0924a8842865303c20b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/javascript/common.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Sat, 22 Jul 2017 10:58:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2462
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/logo/site-logo-400x111.webp

78.135.82.40

200 OK

5.4 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/logo/site-logo-400x111.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.4 kB (5448 bytes)
Hash
a4cd13c3717a774757aa81815643dc33
f2024e2fa5a029e11f6c8ddf5c5fbc6e8da4de94
f13aabb29818564c37bd55486bfb14c12fd2ff9b43a862007e31fa1721bbf13f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/logo/site-logo-400x111.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Wed, 29 Sep 2021 23:07:40 GMT
accept-ranges: bytes
content-length: 5448
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/demo22/slider-1-3000x1000.webp

78.135.82.40

200 OK

133 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/slider-1-3000x1000.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 3000x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
133 kB (132778 bytes)
Hash
6445d436912a8b63e56b8b3fea7ec2f2
cfd7fc7e779ba180ca3f0e3f5433f25b7b666093
dee919f80e6ec13c6bad8f17145aa00ff7c5e64b00a27b736c8877566520cbdf

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/demo22/slider-1-3000x1000.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Wed, 29 Sep 2021 23:29:10 GMT
accept-ranges: bytes
content-length: 132778
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/yap%C4%B1-market-250x350.webp

78.135.82.40

200 OK

17 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/yap%C4%B1-market-250x350.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
17 kB (17168 bytes)
Hash
e9307cb64e6fd8d7fb7514ebcbf90bf4
306a827d938ef64120a7c73c7d67eaeb2830f11c
5ae244d312c6a53393bfa7e988fdc8584fb221096f0178ae8ff53dd25a205c82

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/yap%C4%B1-market-250x350.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Tue, 05 Oct 2021 15:57:22 GMT
accept-ranges: bytes
content-length: 17168
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/demo22/slider-2-3000x1000.webp

78.135.82.40

200 OK

138 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/slider-2-3000x1000.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 3000x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
138 kB (138276 bytes)
Hash
25735d047be13933e834aec497befc57
bb34e20a778b6216b909bb39a147305ea217ab63
4fa93734568b42e8044bccf067cfef45efbc0fe67fbb56f54be7c369084540f9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/demo22/slider-2-3000x1000.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Wed, 29 Sep 2021 23:40:45 GMT
accept-ranges: bytes
content-length: 138276
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/banyo-aksesuarlar%C4%B112-250x350.webp

78.135.82.40

200 OK

13 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/banyo-aksesuarlar%C4%B112-250x350.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
13 kB (13280 bytes)
Hash
912f8abf476d22d8d8b512e6b59674ba
7edafefdfaedd7bdf786f2decc39760679ebea52
07a1b095be4a05f04f9b0ee6057a84e7998988e33f31070074ca6d21a8a2b742

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/banyo-aksesuarlar%C4%B112-250x350.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Tue, 05 Oct 2021 15:57:23 GMT
accept-ranges: bytes
content-length: 13280
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/perde13-250x350.webp

78.135.82.40

200 OK

28 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/perde13-250x350.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
28 kB (28320 bytes)
Hash
a0476c5da648b5d1e479277e6d3cc4c1
956a16c9b72995aa86936a48b1d3354a996658c8
40e02243e8665e0bd690f8505ea85341065d6df0edc4dfdfe5594d45f81db018

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/perde13-250x350.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 07 Oct 2021 14:50:29 GMT
accept-ranges: bytes
content-length: 28320
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/bah%C3%A7e-tak%C4%B1m12-250x350.webp

78.135.82.40

200 OK

12 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/bah%C3%A7e-tak%C4%B1m12-250x350.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 250x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (12320 bytes)
Hash
405dd858be4eeb03cec83a58686ac752
bed8eac7329ba004dbeb080d82be1037a5dd577b
f77be7cf88ccb22eace4731ce0429f0682d09dd26175dd388b19a78d138e0df5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/bah%C3%A7e-tak%C4%B1m12-250x350.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Tue, 05 Oct 2021 15:57:23 GMT
accept-ranges: bytes
content-length: 12320
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/unnamed-512x512.webp

78.135.82.40

200 OK

36 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/unnamed-512x512.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
36 kB (35876 bytes)
Hash
feb70ec1dae1bc312183d9dd8c0173b0
b432734f27dd4a36fd8ab17abbe740d3166f6a03
b9a4496f31229334e70796cbdd4c93ef6d36a30f5047d3b9a1632f648d833a57

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/unnamed-512x512.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Fri, 05 Nov 2021 15:11:30 GMT
accept-ranges: bytes
content-length: 35876
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/anime/anime.min.js?v=14218c54

78.135.82.40

200 OK

5.5 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/anime/anime.min.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (547)
Size
5.5 kB (5533 bytes)
Hash
9aefc3049445a1443e7527f2bb54ac6f
6191713116f5629d3cb403bc5c33032053fada1b
29d9f20dda081548969b3450d757c7f2f6e91d057dcd7110d3d19e81bc7724d2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/lib/anime/anime.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5533
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/vanilla-lazyload/lazyload.min.js?v=14218c54

78.135.82.40

200 OK

2.4 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/vanilla-lazyload/lazyload.min.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (7889)
Size
2.4 kB (2388 bytes)
Hash
d1b1877e29778c3f802e31b234582569
0796f21cf5421f2a83d94da7e7c8ab128f1fd6a6
8e09c9f4063fe0702a7c00c3ff236c86830c1328e9f6873e62874060b9ec5bd2

HTTP Headers

GET /catalog/view/theme/journal3/lib/vanilla-lazyload/lazyload.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2388
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/countdown/jquery.countdown.min.js?v=14218c54

78.135.82.40

200 OK

1.2 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/countdown/jquery.countdown.min.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (3640), with no line terminators
Size
1.2 kB (1165 bytes)
Hash
dd666ad4e58c6795674dc9ad6afd6431
c951b15c7452058dd5c68912798639ac9c2e75cc
a14c044f11e67746afefe74636cf7f8189c33ef155e5ddb494f11f9ac6d0755a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/lib/countdown/jquery.countdown.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1165
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/demo22/1-100x100-1-100x100.webp

78.135.82.40

200 OK

3.4 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/1-100x100-1-100x100.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.4 kB (3352 bytes)
Hash
074b8e2bf87fd2429d755bd20938c260
628d79d8ca7821a516a110b6429a6a10098c4b8a
c6920aaba89ab51466fd987c1f66b02f00d618526eaf8e698cfc0a588283034e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/demo22/1-100x100-1-100x100.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:33 GMT
accept-ranges: bytes
content-length: 3352
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/demo22/2-100x100-2-100x100.webp

78.135.82.40

200 OK

3.7 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/2-100x100-2-100x100.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.7 kB (3722 bytes)
Hash
f87b6ec3b00f76d4b008541312377521
9e578de2cea9be060731b02b2d3fad48a5fb9317
c0b417db55cb2d811de2ff5fa2e12894845b0bee4273fa2cbbbb15cfa9ec65ca

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/demo22/2-100x100-2-100x100.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:33 GMT
accept-ranges: bytes
content-length: 3722
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/demo22/3-100x100-3-100x100.webp

78.135.82.40

200 OK

3.7 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/3-100x100-3-100x100.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.7 kB (3740 bytes)
Hash
e54b0668918a236e679862892318ef60
dd78f6ad78db92e6b6b1b506167bf6a24c5f6a64
38f442b39b9f4fec25462c736da7966e17dea433f514179632193b96b144c2a5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/demo22/3-100x100-3-100x100.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:33 GMT
accept-ranges: bytes
content-length: 3740
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/demo22/g5-5-1-100x100.webp

78.135.82.40

200 OK

3.6 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/g5-5-1-100x100.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.6 kB (3636 bytes)
Hash
b4e26dbb9f6b4751f2d9675181b59fa7
bd7730425273c3bc6c1137b174b88f8df1c015a3
522677ecdb6c7dc11e5ee3c251124ed70c2a5c175f3389c03a8688827115e0cd

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/demo22/g5-5-1-100x100.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:33 GMT
accept-ranges: bytes
content-length: 3636
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/demo22/4-100x100-4-100x100.webp

78.135.82.40

200 OK

3.5 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/4-100x100-4-100x100.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.5 kB (3544 bytes)
Hash
d48c25842b57c98ed064dae3818ab65e
1f233b10f9a45d62acd2dbadfda111b9a04c5bc1
949ddbe3c24427b0fbcf85ee38437d30f6682a5ceaf3d3619fd28dc5b4826d8a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/demo22/4-100x100-4-100x100.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:33 GMT
accept-ranges: bytes
content-length: 3544
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/logo/storeapp-119x39.webp

78.135.82.40

200 OK

2.1 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/logo/storeapp-119x39.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.1 kB (2084 bytes)
Hash
6a66174e6b3957cc00c07fc93eb208b6
a0cc892dcbd1927e3e47cb9abab15cd5eb3a77e1
1b7ddb1d81812bcf0ff9775f8b20e7f323aedce16446e6386450b9e6228d5955

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/logo/storeapp-119x39.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:51:44 GMT
accept-ranges: bytes
content-length: 2084
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/logo/storeplay-119x39.webp

78.135.82.40

200 OK

1.9 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/logo/storeplay-119x39.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.9 kB (1852 bytes)
Hash
b62d2ec4dbbf47dd9714430402f0dff6
8d7d6c3643a3f22004cedef9401d06fa7153a186
f26d972428f7649caab06959d2ce37205696b4a65441f2efb11b8178311e4bbd

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/logo/storeplay-119x39.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:51:44 GMT
accept-ranges: bytes
content-length: 1852
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/logo/footerkartlar-min-613x69-613x69-613x69.webp

78.135.82.40

200 OK

9.7 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/logo/footerkartlar-min-613x69-613x69-613x69.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
9.7 kB (9696 bytes)
Hash
016ab3cdebfcd0f20dbfe271af771e2f
472db8e05ece5b2c4d224d077626e7dfd5d9659e
d96c316051bca6a4bb00cfb4fe8990a8f4916cfa41b544d8d0a9261e5b132dc7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/logo/footerkartlar-min-613x69-613x69-613x69.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:51:45 GMT
accept-ranges: bytes
content-length: 9696
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221677169679041%22

35.241.9.150

200 OK

22 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221677169679041%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (21681), with no line terminators
Size
22 kB (21681 bytes)
Hash
813f445188bb2e620c9996e1b327bc68
2b08fa7a69fa1b3064ad5bc8a156130205c08cd5
29d88cd24761bda0c774c5ffab4df68f76f4cad4f5f9abd91cd9a4e1766e54e5

HTTP Headers

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221677169679041%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21681
via: 1.1 google
date: Thu, 23 Feb 2023 16:32:05 GMT
last-modified: Thu, 23 Feb 2023 16:27:59 GMT
content-type: application/json
age: 2260
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/typeahead/typeahead.jquery.min.js?v=14218c54

78.135.82.40

200 OK

7.3 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/typeahead/typeahead.jquery.min.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (26751)
Size
7.3 kB (7278 bytes)
Hash
5db8983e4c51bee388e6e3ebad57b57c
b69f8f2fc563674f4cefc02194d524a1428c4496
8f6334679ef50e117e9fbf29f0c6b979d9e03568b0078777de2802e329d2bf0b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/lib/typeahead/typeahead.jquery.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7278
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Feb 2023 17:09:45 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1206549
expires: Tue, 13 Feb 2024 17:09:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIziwA9wrXcF86Jctxdoeht2Is8owRjwBYTV4uUi2Mo6D4xmupDYc634eEv5M3MUSFgbtDnxO0Y3R7W0W5yPq8GjgS3qov3xGvEpUz7gKPC%2Bjpd1cHCDQU9z2XxOsLcxyRp%2BEBCe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79e1922cfe92b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/demo22/sd4-3000x1000h.webp

78.135.82.40

200 OK

331 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/sd4-3000x1000h.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 3000x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
331 kB (331048 bytes)
Hash
d1acbf39f66a37d95b8f505a59f3f363
ed9be0c0080389c1be49393e03bf9c752fce8d2f
147b02b25be09a69900959d85d17f65bd810bcd55201295bd5a5041afd6c0cd3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/demo22/sd4-3000x1000h.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 00:02:31 GMT
accept-ranges: bytes
content-length: 331048
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/hoverintent/jquery.hoverIntent.min.js?v=14218c54

78.135.82.40

200 OK

816 B

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/hoverintent/jquery.hoverIntent.min.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (1933)
Size
816 B (816 bytes)
Hash
eff64abe5017176704ecc75f77941d88
b695a2a0b28d708afb424211033f7eda596730e4
885117b812eab4b1db7f8d676ad5a01a06d000d4071372773f0abb3c1eafa441

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/lib/hoverintent/jquery.hoverIntent.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 816
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/cjs/cjs.js?v=14218c54

78.135.82.40

200 OK

1.3 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/cjs/cjs.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text
Size
1.3 kB (1312 bytes)
Hash
e6c52e57d08f56a8a551a14f402e293d
2ecc252388e076cb2ecc0e30fbbc50591348677b
0f6d83cbc72d15f1acf287e7a6ce45a35a2ac401a5247497448138b20def139e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/lib/cjs/cjs.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1312
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/masterslider.js?v=14218c54

78.135.82.40

200 OK

48 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/masterslider.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
Unicode text, UTF-8 text
Size
48 kB (48240 bytes)
Hash
9bf267dbfe568e855539933495d9203f
8d83f2ff6d756dc3ea13b750640a02e084815289
161a4edb0a63a1fa9a25b35af3f8f319f0dbf49e0632bddceb2e4befeec242a4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/lib/masterslider/masterslider.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 48240
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/swiper/swiper.min.js?v=14218c54

78.135.82.40

200 OK

29 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/swiper/swiper.min.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text, with very long lines (65271)
Size
29 kB (29276 bytes)
Hash
5c7f48473d6b21919a76a582e00ee2d6
a54747ba42f8ad0fd7fddb82c73ef88a35cbb13a
c1d5d6673d84bda73f479d288750c71ad0fea0fca949a53459990c5f0df94db3

HTTP Headers

GET /catalog/view/theme/journal3/lib/swiper/swiper.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29276
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/js/common.js?v=14218c54

78.135.82.40

200 OK

2.7 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/js/common.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
Unicode text, UTF-8 text, with very long lines (356)
Size
2.7 kB (2674 bytes)
Hash
6b518264b5d91c88a02236e71e834deb
495aa2f84b2f0285472eb2d61915b5bb48b92a22
f68ec926a637c6a61ac7e5e12da0032668f90cb016457e360cdd2856080c8c03

HTTP Headers

GET /catalog/view/theme/journal3/js/common.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2674
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/theme/journal3/js/journal.js?v=14218c54

78.135.82.40

200 OK

9.7 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/js/journal.js?v=14218c54
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text
Size
9.7 kB (9670 bytes)
Hash
03b9220acc71308b149b1a38895c1195
9060f7c17fe465d55930150f12446a9e03bf6fd5
3545465dd30bac16800a6193622165c8dcf616cb7bbed35ebaac37c6294fcda3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/theme/journal3/js/journal.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9670
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/demo22/0000044-400x400.gif

78.135.82.40

200 OK

386 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/0000044-400x400.gif
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
GIF image data, version 89a, 400 x 400\012- data
Size
386 kB (386323 bytes)
Hash
26d4217150055f5712afe9a96c3a630d
cc9f630c5f99fce0bcefd56cf1afe08878c35007
95eb10fbbcd0eb7715250a9c3e248159188246ad636a33aa7b1ac6bc68da858c

HTTP Headers

GET /image/cache/catalog/demo22/0000044-400x400.gif HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/gif
last-modified: Thu, 30 Sep 2021 00:13:01 GMT
accept-ranges: bytes
content-length: 386323
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1677069440866&_since=%221666204638208%22

35.241.9.150

200 OK

33 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1677069440866&_since=%221666204638208%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (32643), with no line terminators
Size
33 kB (32643 bytes)
Hash
111a124bfe0fcca1d00eacc4056304c0
09f7b2abd4d09de09db0e11add552e995346c23c
3dfc4c61e3f4a5d95c359d2914ec2dcf4bfc413116dec9b98bc104ecc9f446bf

HTTP Headers

GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1677069440866&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 32643
via: 1.1 google
date: Thu, 23 Feb 2023 16:35:04 GMT
age: 2081
last-modified: Wed, 22 Feb 2023 12:37:20 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/demo22/0000046-400x400.gif

78.135.82.40

200 OK

309 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/0000046-400x400.gif
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
GIF image data, version 89a, 400 x 400\012- data
Size
309 kB (309374 bytes)
Hash
9d9eb6afd92d8b70386df5d7a6cbcfd2
7ab42ed288167c9589dad9203b067fa5389c621c
99826c0f8cb34070ea464d8010a7d8f764653be518a6e014e0f765b9463fea6f

HTTP Headers

GET /image/cache/catalog/demo22/0000046-400x400.gif HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/gif
last-modified: Thu, 30 Sep 2021 00:13:01 GMT
accept-ranges: bytes
content-length: 309374
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
295ecb42da084d2556789eada5291422
24c3605ff6984776ca77a2aa3b3b4bba4267f76f
f787cdc01fe5b6c0889f133cdf9cd0e38973f4cb8515014e8a14418521af04bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.hesaplimagaza.com/image/cache/catalog/demo22/0000043-400x400.gif

78.135.82.40

200 OK

456 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/0000043-400x400.gif
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
GIF image data, version 89a, 400 x 400\012- data
Size
456 kB (456354 bytes)
Hash
c901ea28cfff3332b7fbe39c46c3b3c0
4882af7aa0566c41b44f7415d694f69fccc779c3
2d7eb5d4826d2f79609d85abba89bad24a703900d7a2b51c9f36ab883b34147a

HTTP Headers

GET /image/cache/catalog/demo22/0000043-400x400.gif HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/gif
last-modified: Thu, 30 Sep 2021 00:13:01 GMT
accept-ranges: bytes
content-length: 456354
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/style.css

78.135.82.40

404 Not Found

1.2 kB

URL HTTP/2
www.hesaplimagaza.com/style.css
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1236 bytes)
Hash
30a9aa3e2018df9e4d5a7dea65c283f6
6abb0707a87dd0140ae3488c3f2a378726e2ca53
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682

HTTP Headers

GET /style.css HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1236
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/javascript/facebook_business/facebook_pixel_3_1_2.js

78.135.82.40

200 OK

1.1 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/javascript/facebook_business/facebook_pixel_3_1_2.js
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
ASCII text
Size
1.1 kB (1074 bytes)
Hash
fdaea2b3bdef028d82fd67c80fe2cfe9
2a992bda145ff362100ac6e83fc0ca85515ec175
16c988060d5d1929ff281780e788f7189196c2a57dc8abbd3153b7833def995c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/javascript/facebook_business/facebook_pixel_3_1_2.js HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Sun, 18 Apr 2021 02:14:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1074
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: ymqfLbIqtZ0OBiKu79QN1MoRDegFLHwFsd06hR5Bz91zgbATokPKsp1mE2SlFRG9ElIj6sauy4E=
x-amz-request-id: 5D1QG1WXMXEGNQGT
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 16:49:09 GMT
age: 1236
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.hesaplimagaza.com/catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

78.135.82.40

200 OK

77 kB

URL HTTP/2
www.hesaplimagaza.com/catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/catalog/view/javascript/font-awesome/css/font-awesome.min.css?v=14218c54
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: font/woff2
last-modified: Sat, 22 Jul 2017 10:58:14 GMT
accept-ranges: bytes
content-length: 77160
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Feb 2023 18:52:41 GMT
expires: Tue, 20 Feb 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 253024
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

142.250.74.35

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Feb 2023 02:42:37 GMT
expires: Wed, 21 Feb 2024 02:42:37 GMT
cache-control: public, max-age=31536000
age: 224828
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Size
31 kB (31320 bytes)
Hash
3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Feb 2023 10:24:41 GMT
expires: Mon, 19 Feb 2024 10:24:41 GMT
cache-control: public, max-age=31536000
age: 369904
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2

142.250.74.35

200 OK

5.4 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Size
5.4 kB (5384 bytes)
Hash
96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 21:56:43 GMT
expires: Thu, 22 Feb 2024 21:56:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
age: 69182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2

142.250.74.35

200 OK

5.5 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 5452, version 1.0\012- data
Size
5.5 kB (5452 bytes)
Hash
a6ff41d10fa89e7f8fec937c243d7428
334853f61ceb1fb096818740cc62d5840fbbae46
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 12:07:30 GMT
expires: Fri, 23 Feb 2024 12:07:30 GMT
cache-control: public, max-age=31536000
age: 18135
last-modified: Wed, 27 Apr 2022 16:10:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.35

200 OK

7.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 14:34:21 GMT
expires: Fri, 23 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 9324
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 16:38:21 GMT
content-type: application/json
age: 1884
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
135606a5e990506b3e92eda82ef79170
a3de3c800534ad64b2e2198941e3911a4e51df8e
558ce08e84a4581859ae4302371540e4240e0b85866e37fb03174786388d5546

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "558CE08E84A4581859AE4302371540E4240E0B85866E37FB03174786388D5546"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6672
Expires: Thu, 23 Feb 2023 19:00:57 GMT
Date: Thu, 23 Feb 2023 17:09:45 GMT
Connection: keep-alive

firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin

34.111.73.144

200 OK

807 kB

URL HTTP/2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP
34.111.73.144:0
ASN
#15169 GOOGLE

File type
data
Size
807 kB (807180 bytes)
Hash
914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857

HTTP Headers

GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: W0BOTyhr4twUvOZ5PXzJJypgQYWSdxyiNIVbzii2sCr6bqxjFhob0vSInGW+A8Nz6kahQNDtgAM=
x-amz-request-id: 5VNAE12H3Z1T7YB6
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Thu, 23 Feb 2023 11:49:07 GMT
age: 19238
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2

www.hesaplimagaza.com/style.css

78.135.82.40

404 Not Found

1.2 kB

URL HTTP/2
www.hesaplimagaza.com/style.css
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1236 bytes)
Hash
30a9aa3e2018df9e4d5a7dea65c283f6
6abb0707a87dd0140ae3488c3f2a378726e2ca53
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682

HTTP Headers

GET /style.css HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1236
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22

35.241.9.150

200 OK

6.0 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (5951), with no line terminators
Size
6.0 kB (5951 bytes)
Hash
84c45909a46631dec23c78a3a547ca95
b511f80ad0abe7a6f0ce8988a0b9275573665c9a
ce6af1c28962645f13129411c11c7f156f0cd9e282f5ef0146d5cbd84a4e2b7e

HTTP Headers

GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5951
via: 1.1 google
date: Thu, 23 Feb 2023 16:49:30 GMT
age: 1215
last-modified: Sun, 19 Feb 2023 04:42:53 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0178fe0ebb0df24ee62cd67faccdc383
d25121befecd6d77962e988f68c871653cba1959
627efd1b332a0296cd7558e08374fabcd7c750683ab6ae22b9d7ab7f3b7537c1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3129
Cache-Control: max-age=134743
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Etag: "63f6fcf7-1d7"
Expires: Sat, 25 Feb 2023 06:35:28 GMT
Last-Modified: Thu, 23 Feb 2023 05:43:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27843 bytes)
Hash
be5a1814429d0a129322abda3791987f
9e0eeee65e17a9c6df149ed1f01d3d7194833fd8
75afa897dd6f4b97b0697589569c7c4f87e32b79addf981febc78a4ff741210e

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ooywWFZwKQ1e3Z2uGPD2CWASNQ2PIIjV6RGQLAPmHMymRsx598iYD4zdSCnZeTDRJT8VVliIC16uFtnCSgKScg==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1904183273
date: Thu, 23 Feb 2023 17:09:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.hesaplimagaza.com/favicon.ico

78.135.82.40

404 Not Found

1.2 kB

URL HTTP/2
www.hesaplimagaza.com/favicon.ico
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1236 bytes)
Hash
30a9aa3e2018df9e4d5a7dea65c283f6
6abb0707a87dd0140ae3488c3f2a378726e2ca53
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1236
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677166673431&_since=%221666279968541%22

35.241.9.150

200 OK

115 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677166673431&_since=%221666279968541%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
115 kB (114691 bytes)
Hash
e527a462754ad933c4afe4685a2ef8b3
e774f4492a12c6cb490a7981a6a587dd573373a7
00a33a3af2e664aa9ae0cd34f88a97e68f106b6a6d8236fa02db2428b2678d99

HTTP Headers

GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677166673431&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 114691
via: 1.1 google
date: Thu, 23 Feb 2023 16:52:53 GMT
age: 1012
last-modified: Thu, 23 Feb 2023 15:37:53 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0178fe0ebb0df24ee62cd67faccdc383
d25121befecd6d77962e988f68c871653cba1959
627efd1b332a0296cd7558e08374fabcd7c750683ab6ae22b9d7ab7f3b7537c1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3129
Cache-Control: max-age=134743
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Etag: "63f6fcf7-1d7"
Expires: Sat, 25 Feb 2023 06:35:28 GMT
Last-Modified: Thu, 23 Feb 2023 05:43:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/style/grab.png

78.135.82.40

200 OK

149 B

URL HTTP/2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/style/grab.png
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
149 B (149 bytes)
Hash
4a0f9c67b52b3d68a10c1d8c3fb478aa
712cd24d598b5662307fcd303ea52e4df993787a
80ba75bd8d2e4ef465a408b44ac86d6f86240d1435390dc712ea41db2b99738a

HTTP Headers

GET /catalog/view/theme/journal3/lib/masterslider/style/grab.png HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/style/masterslider.css?v=14218c54
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/png
last-modified: Thu, 01 Apr 2021 01:32:56 GMT
accept-ranges: bytes
content-length: 149
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 23 Feb 2023 20:36:02 GMT
Date: Thu, 23 Feb 2023 17:09:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 23 Feb 2023 20:36:02 GMT
Date: Thu, 23 Feb 2023 17:09:46 GMT
Connection: keep-alive

www.hesaplimagaza.com/image/cache/catalog/product/625f434573618_3ccf34e1b922401f9a7d24187c7ff089-300x400w.webp

78.135.82.40

200 OK

2.9 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/product/625f434573618_3ccf34e1b922401f9a7d24187c7ff089-300x400w.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.9 kB (2898 bytes)
Hash
ce617a99a073f035447775e847eadbec
1666df42b5d81bc2e60a1d2c3f4c9fec54257ed1
28ea489f8eaebc4f9fbaab245c62a5a044800bf1d87a27b66bcbd1b1cc4a2e15

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/product/625f434573618_3ccf34e1b922401f9a7d24187c7ff089-300x400w.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/webp
last-modified: Fri, 22 Apr 2022 11:50:57 GMT
accept-ranges: bytes
content-length: 2898
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/product/62a8726fa8fe5_793f372d3a10484cb0db8cf945339e49-300x400w.webp

78.135.82.40

200 OK

7.6 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/product/62a8726fa8fe5_793f372d3a10484cb0db8cf945339e49-300x400w.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.6 kB (7608 bytes)
Hash
fc024d656c06350b4e6523caa0240b86
988849f3c9940e1d4e7e7a42b87f3711b796a799
e3c5a29dc439d565e81fd5a6663893334154ce44c00ee683ed6bf0506a84b27d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/product/62a8726fa8fe5_793f372d3a10484cb0db8cf945339e49-300x400w.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/webp
last-modified: Tue, 14 Jun 2022 12:41:45 GMT
accept-ranges: bytes
content-length: 7608
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7734 bytes)
Hash
e7cd1e9feb9abc7f7d7f0d5fc7b181f0
cf3ce1808c48e1a86910e16731a044f6cb26275d
426c90298d5a0807b7820d803ce2907268df1195e15d5582eb0ff2f3deeb318c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7734
x-amzn-requestid: fe4dc342-33b6-45f6-984c-2c71dfa0ec13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-lGiJoAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f6-489049413f3cb63c537f20d0;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KyUqB4zqsHWgCv7C3-PymFep4oVmPy4ZHFf75lYOfWbb4qgvVRqoLg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:51:47 GMT
age: 69479
etag: "cf3ce1808c48e1a86910e16731a044f6cb26275d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9721 bytes)
Hash
e4016fa20fa2642f89d375fcc2855d4b
f1733be34a214e9565208f814dd3990f89cafbcb
74686e6a674433c436bce8c70cecc1a2cde51e82241e8251188ebd587fd4ee18

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9721
x-amzn-requestid: 5ddea3ff-b6e2-4528-8e71-eade54612b4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3HJpoAMF5LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-413219251feae2e32b9e6857;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iHR9N5OPgY8mjpsZowY-Ipeq62c8O_QQorpNmIOa68_vmWyY0eqt-A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:44:15 GMT
age: 69931
etag: "f1733be34a214e9565208f814dd3990f89cafbcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6014 bytes)
Hash
8c6732b7444870a5b22ebce5df2c278b
bd8bd8ba57a3d59b71f910110b7b0ce23c7bf605
6232d37914485ffd42f7e5932c36a9ff49bdd42bb8a13837cc9c054d86ccdc78

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6014
x-amzn-requestid: bd27a21d-c09d-4d37-ba2d-72144fc7dd53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aw9JeGqvoAMFkhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f6a8a2-4940a8d470c04d9b2ce70b12;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 23:43:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qb9klr3RdNqiiu9QulerHB84G6zpnon_xHZx8kJwq7PVqWxyPAz8vw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 04:52:48 GMT
age: 44218
etag: "bd8bd8ba57a3d59b71f910110b7b0ce23c7bf605"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6643 bytes)
Hash
9a6c075bf39141bbc7826d6969cf2ac8
8a3f71fea281d57261814a858c94fd11f083b9fe
dbd5fd07729dd569dd87128ba167ccccb2fa1c8e73f3eb6d64ac1c37f8294db7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6643
x-amzn-requestid: 326ed8fb-b228-4546-adf3-a188ce799089
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArXwJG4OoAMFVZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46ccd-74c2a8741928ad99733db89f;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:03:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gu_G39ZXNYgyloJITQfAYavWjzrcB_sPNNOROrgBJW3BZtCVLpbxSQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 00:42:09 GMT
age: 59257
etag: "8a3f71fea281d57261814a858c94fd11f083b9fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
10 kB (10510 bytes)
Hash
6cc8eefce9948605452215c9ff59ec07
094943ffd302e56e7d6c0ee92194aa3fb676eff3
f484bc7a62679a5d6f352dbd58d86e31fecd78bb19f26c508c0d1821801b32f9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9686
x-amzn-requestid: 4eb1ca50-a322-4f64-8cb9-be0315918800
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArYWFF8fIAMFRlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46dc0-35fee09f3e6ff22358e9da0c;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:07:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ifg3X--I8qSAGRMvv97fc3eLcmMZuEoLcaA87ONUHByrqcO_vfFq4Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 05:04:42 GMT
age: 43504
etag: "9cc85c16fd4a9d10df5db5ddfc54b0d88999f317"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5823 bytes)
Hash
fbf1945668d4a8c35e68f8d60fd80f56
0553020a82f7a6245a2979d58e1765883a777893
4220c9dea6f77c1775be6ca4d1d133b3d8f1d9caec3cc6e85747b87c7d897a92

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5823
x-amzn-requestid: 4b226ac8-c443-4382-ab8e-b618c95a713d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aq1HSFWvIAMFUAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f43561-7ac4a51e389a6e6b2a9199a5;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 03:07:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dtWC44nCUmtR6U6wTsd4PynkTqmJ79bFeZmUJUVQguz3l8BSR9A1Zg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 04:02:15 GMT
age: 47251
etag: "0553020a82f7a6245a2979d58e1765883a777893"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/product/61e87e6f8bf6e_8783686c0ac64046916e23d647e7b1e6-300x400w.webp

78.135.82.40

200 OK

33 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/product/61e87e6f8bf6e_8783686c0ac64046916e23d647e7b1e6-300x400w.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
33 kB (33194 bytes)
Hash
9ff0b34ab57e8e05f8b16408a449a7c3
77b49bb0e57ca8c800ab231a0c509894526abea0
0d1e4c789254260f0a1ade1d9a09d489687986ec7a5e50df8483aa2f6e974d61

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/product/61e87e6f8bf6e_8783686c0ac64046916e23d647e7b1e6-300x400w.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/webp
last-modified: Wed, 19 Jan 2022 21:20:07 GMT
accept-ranges: bytes
content-length: 33194
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258

35.241.9.150

200 OK

681 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Size
681 B (681 bytes)
Hash
b3c57c4bb39f0c7541d93ba82a5cd4c9
be92fd1cee01b4a8bb4174b0b11e53be649cd1a3
98e848e13f44cb1595f2f1882c734fd25761a0e8facae4e0c3dcff6f322a4000

HTTP Headers

GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Last-Modified, Backoff, Alert, Cache-Control, ETag, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Thu, 23 Feb 2023 16:36:49 GMT
age: 1977
last-modified: Wed, 22 Feb 2023 16:36:55 GMT
etag: "1677083815772"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/product/611d0215af3c1_4f705221a5034ec7b37de480fc135595-300x400h.webp

78.135.82.40

200 OK

17 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/product/611d0215af3c1_4f705221a5034ec7b37de480fc135595-300x400h.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
17 kB (16668 bytes)
Hash
64b0e15d82ecc2596e9ae43fca49343b
0169a3e424c1afd3b1d29aa19a4c13e336889249
d9d1e7a62eedea09919ba7047b6eba4acb30ee454ecdcfdb91d1794ce916b2db

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/product/611d0215af3c1_4f705221a5034ec7b37de480fc135595-300x400h.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:41 GMT
accept-ranges: bytes
content-length: 16668
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/product/63d3c9a84e8b8_b71ef00b11784722a4b98f6deebcea1f-300x400w.webp

78.135.82.40

200 OK

15 kB

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/product/63d3c9a84e8b8_b71ef00b11784722a4b98f6deebcea1f-300x400w.webp
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
15 kB (14726 bytes)
Hash
9168d06614f4c1ee360a87337437009a
54efe884d2a792e939c2db8f265497d923446be7
16229f760658c6179f41033a44b2fae6735db20187f2e0b9e9f9542e7d6f3086

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /image/cache/catalog/product/63d3c9a84e8b8_b71ef00b11784722a4b98f6deebcea1f-300x400w.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/webp
last-modified: Fri, 27 Jan 2023 20:01:13 GMT
accept-ranges: bytes
content-length: 14726
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22

35.241.9.150

200 OK

1.7 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1718), with no line terminators
Size
1.7 kB (1718 bytes)
Hash
3cbf51bbaf8bb528a034989257447d86
8dd38651205ecdbf2c5093b3df5de8bd626c9d92
59a47ed5c562bad2d78d22af00951c1fdf4a6eb2066324e966dbe4525e64ec3f

HTTP Headers

GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1718
via: 1.1 google
date: Thu, 23 Feb 2023 16:59:47 GMT
age: 599
last-modified: Wed, 22 Feb 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22

35.241.9.150

200 OK

1.3 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1250), with no line terminators
Size
1.3 kB (1250 bytes)
Hash
c9f7f64ea0e8fd2d1098afb18806601b
fac82a10d89a339d7970db44b47633465d7b16f8
e0ed15ed986855d3c7eec307e2333aeea9211c5c3d8849dabaa56395dbaec026

HTTP Headers

GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1250
via: 1.1 google
date: Thu, 23 Feb 2023 16:15:56 GMT
age: 3230
last-modified: Wed, 22 Feb 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22

35.241.9.150

200 OK

1.7 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1743), with no line terminators
Size
1.7 kB (1743 bytes)
Hash
8d7098a815bd465cf003589b0703c6b0
202cba221e952763f4ccf8e16df65693d9098b44
8cf3d3a8263ffc0df70842cb3968feef260daaa2977cd450819a346d48712114

HTTP Headers

GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1743
via: 1.1 google
date: Thu, 23 Feb 2023 16:55:41 GMT
age: 845
last-modified: Wed, 22 Feb 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=3484434284957071&ev=PageView&dl=https%3A%2F%2Fwww.hesaplimagaza.com%2F&rl=&if=false&ts=1677172205846&sw=1280&sh=1024&v=2.9.96&r=stable&a=exopencart-3.0.2.0-4.0.0&ec=0&o=30&cs_est=true&fbp=fb.1.1677172205845.50032132&it=1677172205394&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=3484434284957071&ev=PageView&dl=https%3A%2F%2Fwww.hesaplimagaza.com%2F&rl=&if=false&ts=1677172205846&sw=1280&sh=1024&v=2.9.96&r=stable&a=exopencart-3.0.2.0-4.0.0&ec=0&o=30&cs_est=true&fbp=fb.1.1677172205845.50032132&it=1677172205394&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=3484434284957071&ev=PageView&dl=https%3A%2F%2Fwww.hesaplimagaza.com%2F&rl=&if=false&ts=1677172205846&sw=1280&sh=1024&v=2.9.96&r=stable&a=exopencart-3.0.2.0-4.0.0&ec=0&o=30&cs_est=true&fbp=fb.1.1677172205845.50032132&it=1677172205394&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 23 Feb 2023 17:09:46 GMT
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22

35.241.9.150

200 OK

5.6 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (5628), with no line terminators
Size
5.6 kB (5628 bytes)
Hash
c2aaf121f79032d2dbef3b6bbebc5bda
9aea63df55fe7bbf0337658087da5679e68fff39
570d0386b573c64a975e5ce952c25a81ad35b59a114e7d86f9a85d2a0d4c5c62

HTTP Headers

GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5628
via: 1.1 google
date: Thu, 23 Feb 2023 17:00:41 GMT
age: 545
last-modified: Wed, 22 Feb 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22

35.241.9.150

200 OK

60 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (59855), with no line terminators
Size
60 kB (59855 bytes)
Hash
bcb198ca74c45fbd1b5861b2a0f9d223
5412c0ce213fac042543ac71439580df1344f9d6
cc36baa1c30fb3d6aa628df0a08dad136d3ddbf90fb7efcd7d814b80fed967d9

HTTP Headers

GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 59855
via: 1.1 google
date: Thu, 23 Feb 2023 16:35:05 GMT
age: 2081
last-modified: Tue, 21 Feb 2023 20:40:27 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22

35.241.9.150

200 OK

1.5 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1505), with no line terminators
Size
1.5 kB (1505 bytes)
Hash
8c387573e466da58de34efecea89a4a1
3bee30f48f21c082dee7ce7b52ebd7b4e30edca8
019686dbf2b110ba2e746777c3539cf842f44eeb333ec45af0f41d785a2c9272

HTTP Headers

GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1505
via: 1.1 google
date: Thu, 23 Feb 2023 17:02:48 GMT
age: 418
last-modified: Mon, 20 Feb 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22

35.241.9.150

200 OK

935 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Size
935 B (935 bytes)
Hash
6c796237d371d417e638a02a0cd932e7
6d289d3a27964ab953e0dd0d0d771ce754bc8851
b8d634496126a0452c5b9443293308160c29efffa1462027e0161876494982e8

HTTP Headers

GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Thu, 23 Feb 2023 16:38:43 GMT
age: 1864
last-modified: Mon, 20 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22

35.241.9.150

200 OK

22 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (22469), with no line terminators
Size
22 kB (22469 bytes)
Hash
17717d070272f82b3d1e5ea83e8cb663
71c48b44180dd2fa42c9506df93de407f8ad3362
e9499f291df345def3e65b7c951365247357ba986c5c4aaf74c24bae96402a23

HTTP Headers

GET /v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22469
via: 1.1 google
date: Thu, 23 Feb 2023 16:25:19 GMT
age: 2668
last-modified: Thu, 16 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: QTTU+tjihf3VsXZj9Rga3flg/BF4OwFQ/p/YawOzscZhYzRduJuXPzUrYQfymoW7pFqklWpdD9c=
x-amz-request-id: ZQTYHETYF2C3N9PC
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Thu, 23 Feb 2023 16:54:09 GMT
age: 938
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
content-length: 5348
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22

35.241.9.150

200 OK

2.4 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (2385), with no line terminators
Size
2.4 kB (2385 bytes)
Hash
3ed4ee56cc126168f925b2f49a8dcc1c
45f3b4100b2280bbe32cacbd96e61f557a6c59ad
262bb8b6c01231075d5b8091e674d404a647efe8f2e0bf679f2f350a4a4222e3

HTTP Headers

GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2385
via: 1.1 google
date: Thu, 23 Feb 2023 16:56:10 GMT
last-modified: Thu, 23 Feb 2023 16:36:43 GMT
content-type: application/json
age: 817
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.hesaplimagaza.com/image/cache/catalog/demo22/0000045-400x400.gif

78.135.82.40

200 OK

0 B

URL HTTP/2
www.hesaplimagaza.com/image/cache/catalog/demo22/0000045-400x400.gif
IP
78.135.82.40:0
ASN
#207326 HostLAB Bilisim Teknolojileri A.S.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /image/cache/catalog/demo22/0000045-400x400.gif HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/gif
last-modified: Thu, 30 Sep 2021 00:13:01 GMT
accept-ranges: bytes
content-length: 483013
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat&display=swap

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Feb 2023 17:09:44 GMT
date: Thu, 23 Feb 2023 17:09:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL