detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Thu, 23 Feb 2023 14:02:14 GMT
Age: 11248
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
hesaplimagaza.com/
78.135.82.40301 Moved Permanently 0 B IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Set-Cookie: lisansimo=1677172180
OCSESSID=c66c6b3a4a4942fc6dc4262fba; path=/
OCSESSID=b88a06c591f2dd819c6a9deb3e; path=/
language=tr-tr; expires=Sat, 25-Mar-2023 17:09:40 GMT; Max-Age=2592000; path=/; domain=hesaplimagaza.com
currency=TRY; expires=Sat, 25-Mar-2023 17:09:40 GMT; Max-Age=2592000; path=/; domain=hesaplimagaza.com
CSP-Redir: http (Mode:4, SSL:0, WWW:0)
Location: https://www.hesaplimagaza.com/
Content-Type: text/html; charset=UTF-8;
Content-Length: 0
Date: Thu, 23 Feb 2023 17:09:40 GMT
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9647
Expires: Thu, 23 Feb 2023 19:50:30 GMT
Date: Thu, 23 Feb 2023 17:09:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bf2985444924fcb7c28583d95fe3e07
95b5b25c5e28758f16327475be944d68ba858b4d
1e1b4f9fd2e5b5c38916cea3f07edc4abe897defb9db47123d374bc979cad933
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E1B4F9FD2E5B5C38916CEA3F07EDC4ABE897DEFB9DB47123D374BC979CAD933"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12257
Expires: Thu, 23 Feb 2023 20:34:00 GMT
Date: Thu, 23 Feb 2023 17:09:43 GMT
Connection: keep-alive
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Thu, 23 Feb 2023 14:02:14 GMT
Age: 11249
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 47 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 41f1143d65f4627ba9ac44f5611fb2e4
e030d7a8e2a83c45a70c8756041c47fcd04bdbe4
543c2556817b6ea7f553b7baee47c3ebb74b4edf823b5b37a57a5e3d3ef08a12
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: Lwoez3Wbhmbm3jY1XIgZzTRPOgVK1jjbfMWGpvV-NBf55n2LvG8bRQ==
content-encoding: gzip
via: 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 17:05:51 GMT
age: 658
content-type: application/json
vary: Accept-Encoding
content-length: 46641
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4569ebd95f766b8f22ed69d69334c37
a7fcd3f640877885077a4126708968d7e1e0d252
e485343a8251f50009506dfc6a42c82ca6b09b434d1e0984ea7c2dfea7dcd28d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E485343A8251F50009506DFC6A42C82CA6B09B434D1E0984EA7C2DFEA7DCD28D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5374
Expires: Thu, 23 Feb 2023 18:39:17 GMT
Date: Thu, 23 Feb 2023 17:09:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2yDSgORj0kC15EaOJb8hOmINGeqCgWwP4KQ6mKD+dxzCRnufUhMsIqYLprCL9RsKSAZZEzpbH6c=
x-amz-request-id: NG3PY6M3B4GYYW6W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 16:20:24 GMT
age: 2959
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 17:09:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6f313739c4c44174fc9a97ac63621b46
319da68d06694330ad9f7901bcde1ca0a6eeac0d
321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2305
Expires: Thu, 23 Feb 2023 17:48:08 GMT
Date: Thu, 23 Feb 2023 17:09:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 16:53:56 GMT
content-type: application/json
age: 947
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5aa46280b9f4ef8602f5e1b6864d898f
f1b8d2278116c2873ec0683122818fc186c74392
bb61e1178bc48dc26984f63f54d2621706fe49faa6f9a5651b06befa53cea9a0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5881
Cache-Control: max-age=91424
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:44 GMT
Etag: "63f648ff-1d7"
Expires: Fri, 24 Feb 2023 18:33:28 GMT
Last-Modified: Wed, 22 Feb 2023 16:55:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Expires, Last-Modified, Cache-Control, ETag, Backoff, Content-Type, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 16:51:26 GMT
age: 1098
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11659
Expires: Thu, 23 Feb 2023 20:24:03 GMT
Date: Thu, 23 Feb 2023 17:09:44 GMT
Connection: keep-alive
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
44.225.87.128200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 44.225.87.128:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Thu, 23 Feb 2023 17:09:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
push.services.mozilla.com/
54.186.103.190101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.103.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AMvp8yAKR24Ij3DAJjcHmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5ldaY98tE1CVvIQoL2ZhsbZjlio=
www.hesaplimagaza.com/catalog/view/theme/journal3/icons/fonts/icomoon.woff2?v1
78.135.82.40200 OK 154 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/icons/fonts/icomoon.woff2?v1
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type Web Open Font Format (Version 2), TrueType, length 153680, version 1.0\012- data
Size 154 kB (153680 bytes)
Hash 4425e89e07010a02214ddf4a2d71365b
a5d9872f403493d46cd5903e63e65887ecd37d99
9d3cb8c2161075a2a868afc19fe3c026c5f4ed4552d43a4bf22ce9e34b8057b7
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/icons/fonts/icomoon.woff2?v1 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: font/woff2
last-modified: Thu, 01 Apr 2021 01:32:06 GMT
accept-ranges: bytes
content-length: 153680
date: Thu, 23 Feb 2023 17:09:42 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/javascript/bootstrap/css/bootstrap.min.css?v=14218c54
78.135.82.40200 OK 16 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/javascript/bootstrap/css/bootstrap.min.css?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (65371)
Hash 0d2c5cefedf9a1fcfb5ad9a8470f880d
204249ea236087ce204b0c7440fc115c6d6dfb80
cc7224290f899218d6cf3b4d6af0cd12339f5e6f58b9ff3f83dc96d45b9656d8
GET /catalog/view/javascript/bootstrap/css/bootstrap.min.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Sat, 22 Jul 2017 10:58:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16378
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/javascript/font-awesome/css/font-awesome.min.css?v=14218c54
78.135.82.40200 OK 5.6 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/javascript/font-awesome/css/font-awesome.min.css?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (30837)
Hash 1e1637ad1a171618a0de37b7a2ae2aa2
b4daa2dfc83fe639253646e80b64eb0343c4793c
52ff237a3cb893fbcbd754cd47b6a232d6ea9a951c3bd114265bcd310f401724
GET /catalog/view/javascript/font-awesome/css/font-awesome.min.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Sat, 22 Jul 2017 10:58:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5633
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/icons/style.minimal.css?v=14218c54
78.135.82.40200 OK 258 B URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/icons/style.minimal.css?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
Hash d03ff709e13ec19a64d0e11be72defd1
9b8ccdf83b72574dc0f420714f304e3264459667
d26988e141a11458df2f55ca4cb3f9a1e0af4abcf53a7b42cf16bb93e797f2fb
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/icons/style.minimal.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Thu, 01 Apr 2021 01:31:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 258
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 295ecb42da084d2556789eada5291422
24c3605ff6984776ca77a2aa3b3b4bba4267f76f
f787cdc01fe5b6c0889f133cdf9cd0e38973f4cb8515014e8a14418521af04bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hesaplimagaza.com/
78.135.82.40200 OK 51 kB IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7002)
Hash a49f363bc2f087e0c3be9230547ec661
dabe0a71c1857825e1b8647cf694b07760ff90f5
013a055bd4af8b68ffe8c4d5a201d3baa97bcb381526d1f2072e2136f5eab68b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
set-cookie: lisansimo=1677172181
OCSESSID=8e73fd33ebf86c96da1d99d000; path=/
OCSESSID=f69cc83ace55998d344f68dcd9; path=/
language=tr-tr; expires=Sat, 25-Mar-2023 17:09:41 GMT; Max-Age=2592000; path=/; domain=www.hesaplimagaza.com
currency=TRY; expires=Sat, 25-Mar-2023 17:09:41 GMT; Max-Age=2592000; path=/; domain=www.hesaplimagaza.com
content-type: text/html; charset=utf-8
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Feb 2023 17:09:42 GMT
alt-svc: quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/skins/minimal/style.css?v=14218c54
78.135.82.40200 OK 796 B URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/skins/minimal/style.css?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
Hash 5c2890afb7f54e471c3009adebfc7526
e71d31f265aba1858b8cca8c4909133869355c12
07eb82581100590c5602dcf4bafdd8a9da0f7eb8c16129640cc200178a8bc789
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/lib/masterslider/skins/minimal/style.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Thu, 01 Apr 2021 01:34:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 796
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/swiper/swiper.min.css?v=14218c54
78.135.82.40200 OK 2.6 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/swiper/swiper.min.css?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (19533)
Hash 0ea88050720f5c8e58510ed3ded7cecf
cfcb9f0ecc76d8db3b646a4b188990b9f67f71ec
cd47dfca625896020e3bea01c5f09beb449eec60f54aa61596a21d6682a67aff
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/lib/swiper/swiper.min.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Thu, 01 Apr 2021 01:32:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2589
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/stylesheet/style.css?v=14218c54
78.135.82.40200 OK 27 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/stylesheet/style.css?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
Hash 8584527d1c41978b0771cd9fc609d73d
c14e97f17a191472827a775ad5ea0dba9b3d9937
a0df5cf56fdb6b94856ec7a780fcbc5f474227aad14315e59b4410af834e6e01
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/stylesheet/style.css?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: text/css
last-modified: Sun, 18 Apr 2021 23:20:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 26906
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/modernizr/modernizr-custom.js?v=14218c54
78.135.82.40200 OK 2.0 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/modernizr/modernizr-custom.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (4868)
Hash 62106eddbd51734b506ffd620738587b
126b3058ffaf30b4081010445abaabad47bf4fad
73ee46fe2e6ea92af21ce7bfbf075fd72a3a43be02aa2446e7a30e2fc383e666
GET /catalog/view/theme/journal3/lib/modernizr/modernizr-custom.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1992
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/jquery/jquery-2.1.1.min.js?v=14218c54
78.135.82.40200 OK 27 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/jquery/jquery-2.1.1.min.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (32061)
Hash 6e3a191fba73c5493278d42a5bb86481
35f2cb5410860b3527e099e2bba031e11eec4d76
1b18e06f87c1cddda0d2925aebe7d2862335547092710eae3bd705787dd686c2
GET /catalog/view/theme/journal3/lib/jquery/jquery-2.1.1.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 26637
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/javascript/bootstrap/js/bootstrap.min.js?v=14218c54
78.135.82.40200 OK 8.6 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/javascript/bootstrap/js/bootstrap.min.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (32034)
Hash ed68c4f2106d2ad6f0892c3e8c6327b9
bfc9e8a24030446447f76dc4f7b888131612e5d7
34732ac788da14a0902f9ac97f3024a096e6c170dc7de10c01b7e77edfd50af6
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/javascript/bootstrap/js/bootstrap.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Sat, 22 Jul 2017 10:58:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8640
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/javascript/common.js?v=14218c54
78.135.82.40200 OK 2.5 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/javascript/common.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
Hash 2444088e0d62edbeaee2a590570184ef
b541ff8056239fb1026024e33354dff112202b20
9ec5482f99f1415625813c19e92de422dbf2dec738afc0924a8842865303c20b
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/javascript/common.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Sat, 22 Jul 2017 10:58:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2462
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/logo/site-logo-400x111.webp
78.135.82.40200 OK 5.4 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/logo/site-logo-400x111.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image\012- data
Hash a4cd13c3717a774757aa81815643dc33
f2024e2fa5a029e11f6c8ddf5c5fbc6e8da4de94
f13aabb29818564c37bd55486bfb14c12fd2ff9b43a862007e31fa1721bbf13f
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/logo/site-logo-400x111.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Wed, 29 Sep 2021 23:07:40 GMT
accept-ranges: bytes
content-length: 5448
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/demo22/slider-1-3000x1000.webp
78.135.82.40200 OK 133 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/slider-1-3000x1000.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 3000x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 133 kB (132778 bytes)
Hash 6445d436912a8b63e56b8b3fea7ec2f2
cfd7fc7e779ba180ca3f0e3f5433f25b7b666093
dee919f80e6ec13c6bad8f17145aa00ff7c5e64b00a27b736c8877566520cbdf
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/demo22/slider-1-3000x1000.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Wed, 29 Sep 2021 23:29:10 GMT
accept-ranges: bytes
content-length: 132778
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/yap%C4%B1-market-250x350.webp
78.135.82.40200 OK 17 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/yap%C4%B1-market-250x350.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e9307cb64e6fd8d7fb7514ebcbf90bf4
306a827d938ef64120a7c73c7d67eaeb2830f11c
5ae244d312c6a53393bfa7e988fdc8584fb221096f0178ae8ff53dd25a205c82
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/yap%C4%B1-market-250x350.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Tue, 05 Oct 2021 15:57:22 GMT
accept-ranges: bytes
content-length: 17168
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/demo22/slider-2-3000x1000.webp
78.135.82.40200 OK 138 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/slider-2-3000x1000.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 3000x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 138 kB (138276 bytes)
Hash 25735d047be13933e834aec497befc57
bb34e20a778b6216b909bb39a147305ea217ab63
4fa93734568b42e8044bccf067cfef45efbc0fe67fbb56f54be7c369084540f9
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/demo22/slider-2-3000x1000.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Wed, 29 Sep 2021 23:40:45 GMT
accept-ranges: bytes
content-length: 138276
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/banyo-aksesuarlar%C4%B112-250x350.webp
78.135.82.40200 OK 13 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/banyo-aksesuarlar%C4%B112-250x350.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 912f8abf476d22d8d8b512e6b59674ba
7edafefdfaedd7bdf786f2decc39760679ebea52
07a1b095be4a05f04f9b0ee6057a84e7998988e33f31070074ca6d21a8a2b742
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/banyo-aksesuarlar%C4%B112-250x350.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Tue, 05 Oct 2021 15:57:23 GMT
accept-ranges: bytes
content-length: 13280
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/perde13-250x350.webp
78.135.82.40200 OK 28 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/perde13-250x350.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a0476c5da648b5d1e479277e6d3cc4c1
956a16c9b72995aa86936a48b1d3354a996658c8
40e02243e8665e0bd690f8505ea85341065d6df0edc4dfdfe5594d45f81db018
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/perde13-250x350.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 07 Oct 2021 14:50:29 GMT
accept-ranges: bytes
content-length: 28320
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/bah%C3%A7e-tak%C4%B1m12-250x350.webp
78.135.82.40200 OK 12 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/bah%C3%A7e-tak%C4%B1m12-250x350.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x350, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 405dd858be4eeb03cec83a58686ac752
bed8eac7329ba004dbeb080d82be1037a5dd577b
f77be7cf88ccb22eace4731ce0429f0682d09dd26175dd388b19a78d138e0df5
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/bah%C3%A7e-tak%C4%B1m12-250x350.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Tue, 05 Oct 2021 15:57:23 GMT
accept-ranges: bytes
content-length: 12320
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/unnamed-512x512.webp
78.135.82.40200 OK 36 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/unnamed-512x512.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash feb70ec1dae1bc312183d9dd8c0173b0
b432734f27dd4a36fd8ab17abbe740d3166f6a03
b9a4496f31229334e70796cbdd4c93ef6d36a30f5047d3b9a1632f648d833a57
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/unnamed-512x512.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Fri, 05 Nov 2021 15:11:30 GMT
accept-ranges: bytes
content-length: 35876
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/anime/anime.min.js?v=14218c54
78.135.82.40200 OK 5.5 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/anime/anime.min.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (547)
Hash 9aefc3049445a1443e7527f2bb54ac6f
6191713116f5629d3cb403bc5c33032053fada1b
29d9f20dda081548969b3450d757c7f2f6e91d057dcd7110d3d19e81bc7724d2
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/lib/anime/anime.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5533
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/vanilla-lazyload/lazyload.min.js?v=14218c54
78.135.82.40200 OK 2.4 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/vanilla-lazyload/lazyload.min.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (7889)
Hash d1b1877e29778c3f802e31b234582569
0796f21cf5421f2a83d94da7e7c8ab128f1fd6a6
8e09c9f4063fe0702a7c00c3ff236c86830c1328e9f6873e62874060b9ec5bd2
GET /catalog/view/theme/journal3/lib/vanilla-lazyload/lazyload.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2388
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/countdown/jquery.countdown.min.js?v=14218c54
78.135.82.40200 OK 1.2 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/countdown/jquery.countdown.min.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (3640), with no line terminators
Hash dd666ad4e58c6795674dc9ad6afd6431
c951b15c7452058dd5c68912798639ac9c2e75cc
a14c044f11e67746afefe74636cf7f8189c33ef155e5ddb494f11f9ac6d0755a
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/lib/countdown/jquery.countdown.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1165
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/demo22/1-100x100-1-100x100.webp
78.135.82.40200 OK 3.4 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/1-100x100-1-100x100.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 074b8e2bf87fd2429d755bd20938c260
628d79d8ca7821a516a110b6429a6a10098c4b8a
c6920aaba89ab51466fd987c1f66b02f00d618526eaf8e698cfc0a588283034e
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/demo22/1-100x100-1-100x100.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:33 GMT
accept-ranges: bytes
content-length: 3352
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/demo22/2-100x100-2-100x100.webp
78.135.82.40200 OK 3.7 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/2-100x100-2-100x100.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image\012- data
Hash f87b6ec3b00f76d4b008541312377521
9e578de2cea9be060731b02b2d3fad48a5fb9317
c0b417db55cb2d811de2ff5fa2e12894845b0bee4273fa2cbbbb15cfa9ec65ca
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/demo22/2-100x100-2-100x100.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:33 GMT
accept-ranges: bytes
content-length: 3722
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/demo22/3-100x100-3-100x100.webp
78.135.82.40200 OK 3.7 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/3-100x100-3-100x100.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image\012- data
Hash e54b0668918a236e679862892318ef60
dd78f6ad78db92e6b6b1b506167bf6a24c5f6a64
38f442b39b9f4fec25462c736da7966e17dea433f514179632193b96b144c2a5
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/demo22/3-100x100-3-100x100.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:33 GMT
accept-ranges: bytes
content-length: 3740
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/demo22/g5-5-1-100x100.webp
78.135.82.40200 OK 3.6 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/g5-5-1-100x100.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image\012- data
Hash b4e26dbb9f6b4751f2d9675181b59fa7
bd7730425273c3bc6c1137b174b88f8df1c015a3
522677ecdb6c7dc11e5ee3c251124ed70c2a5c175f3389c03a8688827115e0cd
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/demo22/g5-5-1-100x100.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:33 GMT
accept-ranges: bytes
content-length: 3636
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/demo22/4-100x100-4-100x100.webp
78.135.82.40200 OK 3.5 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/4-100x100-4-100x100.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image\012- data
Hash d48c25842b57c98ed064dae3818ab65e
1f233b10f9a45d62acd2dbadfda111b9a04c5bc1
949ddbe3c24427b0fbcf85ee38437d30f6682a5ceaf3d3619fd28dc5b4826d8a
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/demo22/4-100x100-4-100x100.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:33 GMT
accept-ranges: bytes
content-length: 3544
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/logo/storeapp-119x39.webp
78.135.82.40200 OK 2.1 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/logo/storeapp-119x39.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6a66174e6b3957cc00c07fc93eb208b6
a0cc892dcbd1927e3e47cb9abab15cd5eb3a77e1
1b7ddb1d81812bcf0ff9775f8b20e7f323aedce16446e6386450b9e6228d5955
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/logo/storeapp-119x39.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:51:44 GMT
accept-ranges: bytes
content-length: 2084
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/logo/storeplay-119x39.webp
78.135.82.40200 OK 1.9 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/logo/storeplay-119x39.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image\012- data
Hash b62d2ec4dbbf47dd9714430402f0dff6
8d7d6c3643a3f22004cedef9401d06fa7153a186
f26d972428f7649caab06959d2ce37205696b4a65441f2efb11b8178311e4bbd
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/logo/storeplay-119x39.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:51:44 GMT
accept-ranges: bytes
content-length: 1852
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/logo/footerkartlar-min-613x69-613x69-613x69.webp
78.135.82.40200 OK 9.7 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/logo/footerkartlar-min-613x69-613x69-613x69.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 016ab3cdebfcd0f20dbfe271af771e2f
472db8e05ece5b2c4d224d077626e7dfd5d9659e
d96c316051bca6a4bb00cfb4fe8990a8f4916cfa41b544d8d0a9261e5b132dc7
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/logo/footerkartlar-min-613x69-613x69-613x69.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:51:45 GMT
accept-ranges: bytes
content-length: 9696
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221677169679041%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221677169679041%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (21681), with no line terminators
Hash 813f445188bb2e620c9996e1b327bc68
2b08fa7a69fa1b3064ad5bc8a156130205c08cd5
29d88cd24761bda0c774c5ffab4df68f76f4cad4f5f9abd91cd9a4e1766e54e5
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221677169679041%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21681
via: 1.1 google
date: Thu, 23 Feb 2023 16:32:05 GMT
last-modified: Thu, 23 Feb 2023 16:27:59 GMT
content-type: application/json
age: 2260
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/typeahead/typeahead.jquery.min.js?v=14218c54
78.135.82.40200 OK 7.3 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/typeahead/typeahead.jquery.min.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (26751)
Hash 5db8983e4c51bee388e6e3ebad57b57c
b69f8f2fc563674f4cefc02194d524a1428c4496
8f6334679ef50e117e9fbf29f0c6b979d9e03568b0078777de2802e329d2bf0b
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/lib/typeahead/typeahead.jquery.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:21 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7278
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 17:09:45 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1206549
expires: Tue, 13 Feb 2024 17:09:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIziwA9wrXcF86Jctxdoeht2Is8owRjwBYTV4uUi2Mo6D4xmupDYc634eEv5M3MUSFgbtDnxO0Y3R7W0W5yPq8GjgS3qov3xGvEpUz7gKPC%2Bjpd1cHCDQU9z2XxOsLcxyRp%2BEBCe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79e1922cfe92b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/demo22/sd4-3000x1000h.webp
78.135.82.40200 OK 331 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/sd4-3000x1000h.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 3000x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 331 kB (331048 bytes)
Hash d1acbf39f66a37d95b8f505a59f3f363
ed9be0c0080389c1be49393e03bf9c752fce8d2f
147b02b25be09a69900959d85d17f65bd810bcd55201295bd5a5041afd6c0cd3
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/demo22/sd4-3000x1000h.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 00:02:31 GMT
accept-ranges: bytes
content-length: 331048
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/hoverintent/jquery.hoverIntent.min.js?v=14218c54
78.135.82.40200 OK 816 B URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/hoverintent/jquery.hoverIntent.min.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (1933)
Hash eff64abe5017176704ecc75f77941d88
b695a2a0b28d708afb424211033f7eda596730e4
885117b812eab4b1db7f8d676ad5a01a06d000d4071372773f0abb3c1eafa441
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/lib/hoverintent/jquery.hoverIntent.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 816
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/cjs/cjs.js?v=14218c54
78.135.82.40200 OK 1.3 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/cjs/cjs.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
Hash e6c52e57d08f56a8a551a14f402e293d
2ecc252388e076cb2ecc0e30fbbc50591348677b
0f6d83cbc72d15f1acf287e7a6ce45a35a2ac401a5247497448138b20def139e
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/lib/cjs/cjs.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1312
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/masterslider.js?v=14218c54
78.135.82.40200 OK 48 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/masterslider.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
Hash 9bf267dbfe568e855539933495d9203f
8d83f2ff6d756dc3ea13b750640a02e084815289
161a4edb0a63a1fa9a25b35af3f8f319f0dbf49e0632bddceb2e4befeec242a4
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/lib/masterslider/masterslider.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:17 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 48240
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/swiper/swiper.min.js?v=14218c54
78.135.82.40200 OK 29 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/swiper/swiper.min.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (65271)
Hash 5c7f48473d6b21919a76a582e00ee2d6
a54747ba42f8ad0fd7fddb82c73ef88a35cbb13a
c1d5d6673d84bda73f479d288750c71ad0fea0fca949a53459990c5f0df94db3
GET /catalog/view/theme/journal3/lib/swiper/swiper.min.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29276
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/js/common.js?v=14218c54
78.135.82.40200 OK 2.7 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/js/common.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type Unicode text, UTF-8 text, with very long lines (356)
Hash 6b518264b5d91c88a02236e71e834deb
495aa2f84b2f0285472eb2d61915b5bb48b92a22
f68ec926a637c6a61ac7e5e12da0032668f90cb016457e360cdd2856080c8c03
GET /catalog/view/theme/journal3/js/common.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2674
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/theme/journal3/js/journal.js?v=14218c54
78.135.82.40200 OK 9.7 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/js/journal.js?v=14218c54
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
Hash 03b9220acc71308b149b1a38895c1195
9060f7c17fe465d55930150f12446a9e03bf6fd5
3545465dd30bac16800a6193622165c8dcf616cb7bbed35ebaac37c6294fcda3
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/theme/journal3/js/journal.js?v=14218c54 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Apr 2021 01:32:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9670
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/demo22/0000044-400x400.gif
78.135.82.40200 OK 386 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/0000044-400x400.gif
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type GIF image data, version 89a, 400 x 400\012- data
Size 386 kB (386323 bytes)
Hash 26d4217150055f5712afe9a96c3a630d
cc9f630c5f99fce0bcefd56cf1afe08878c35007
95eb10fbbcd0eb7715250a9c3e248159188246ad636a33aa7b1ac6bc68da858c
GET /image/cache/catalog/demo22/0000044-400x400.gif HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/gif
last-modified: Thu, 30 Sep 2021 00:13:01 GMT
accept-ranges: bytes
content-length: 386323
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1677069440866&_since=%221666204638208%22
35.241.9.150200 OK 33 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1677069440866&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (32643), with no line terminators
Hash 111a124bfe0fcca1d00eacc4056304c0
09f7b2abd4d09de09db0e11add552e995346c23c
3dfc4c61e3f4a5d95c359d2914ec2dcf4bfc413116dec9b98bc104ecc9f446bf
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1677069440866&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 32643
via: 1.1 google
date: Thu, 23 Feb 2023 16:35:04 GMT
age: 2081
last-modified: Wed, 22 Feb 2023 12:37:20 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/demo22/0000046-400x400.gif
78.135.82.40200 OK 309 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/0000046-400x400.gif
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type GIF image data, version 89a, 400 x 400\012- data
Size 309 kB (309374 bytes)
Hash 9d9eb6afd92d8b70386df5d7a6cbcfd2
7ab42ed288167c9589dad9203b067fa5389c621c
99826c0f8cb34070ea464d8010a7d8f764653be518a6e014e0f765b9463fea6f
GET /image/cache/catalog/demo22/0000046-400x400.gif HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/gif
last-modified: Thu, 30 Sep 2021 00:13:01 GMT
accept-ranges: bytes
content-length: 309374
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 295ecb42da084d2556789eada5291422
24c3605ff6984776ca77a2aa3b3b4bba4267f76f
f787cdc01fe5b6c0889f133cdf9cd0e38973f4cb8515014e8a14418521af04bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hesaplimagaza.com/image/cache/catalog/demo22/0000043-400x400.gif
78.135.82.40200 OK 456 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/0000043-400x400.gif
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type GIF image data, version 89a, 400 x 400\012- data
Size 456 kB (456354 bytes)
Hash c901ea28cfff3332b7fbe39c46c3b3c0
4882af7aa0566c41b44f7415d694f69fccc779c3
2d7eb5d4826d2f79609d85abba89bad24a703900d7a2b51c9f36ab883b34147a
GET /image/cache/catalog/demo22/0000043-400x400.gif HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/gif
last-modified: Thu, 30 Sep 2021 00:13:01 GMT
accept-ranges: bytes
content-length: 456354
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/style.css
78.135.82.40404 Not Found 1.2 kB URL HTTP/2 www.hesaplimagaza.com/style.css
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 30a9aa3e2018df9e4d5a7dea65c283f6
6abb0707a87dd0140ae3488c3f2a378726e2ca53
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682
GET /style.css HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1236
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/javascript/facebook_business/facebook_pixel_3_1_2.js
78.135.82.40200 OK 1.1 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/javascript/facebook_business/facebook_pixel_3_1_2.js
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
Hash fdaea2b3bdef028d82fd67c80fe2cfe9
2a992bda145ff362100ac6e83fc0ca85515ec175
16c988060d5d1929ff281780e788f7189196c2a57dc8abbd3153b7833def995c
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/javascript/facebook_business/facebook_pixel_3_1_2.js HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: application/javascript
last-modified: Sun, 18 Apr 2021 02:14:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1074
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ymqfLbIqtZ0OBiKu79QN1MoRDegFLHwFsd06hR5Bz91zgbATokPKsp1mE2SlFRG9ElIj6sauy4E=
x-amz-request-id: 5D1QG1WXMXEGNQGT
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 16:49:09 GMT
age: 1236
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.hesaplimagaza.com/catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
78.135.82.40200 OK 77 kB URL HTTP/2 www.hesaplimagaza.com/catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /catalog/view/javascript/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/catalog/view/javascript/font-awesome/css/font-awesome.min.css?v=14218c54
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: font/woff2
last-modified: Sat, 22 Jul 2017 10:58:14 GMT
accept-ranges: bytes
content-length: 77160
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Feb 2023 18:52:41 GMT
expires: Tue, 20 Feb 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 253024
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Feb 2023 02:42:37 GMT
expires: Wed, 21 Feb 2024 02:42:37 GMT
cache-control: public, max-age=31536000
age: 224828
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Feb 2023 10:24:41 GMT
expires: Mon, 19 Feb 2024 10:24:41 GMT
cache-control: public, max-age=31536000
age: 369904
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
142.250.74.35200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 96b6d54684daa94742f7bfd72a981213
72c3ac29b2fcceea390d3a51c7a892efde65e4d9
4ce2c84c474fb80b33e347ae6f356796021d6fd42e88a6352fc6e9ca0b22bd63
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 21:56:43 GMT
expires: Thu, 22 Feb 2024 21:56:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:38 GMT
content-type: font/woff2
age: 69182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
142.250.74.35200 OK 5.5 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 5452, version 1.0\012- data
Hash a6ff41d10fa89e7f8fec937c243d7428
334853f61ceb1fb096818740cc62d5840fbbae46
5f9d6298f5edc6d2b57a6f3a30f87f1c93c84b7aad7c5e9bf9d3a2c9384403fa
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 12:07:30 GMT
expires: Fri, 23 Feb 2024 12:07:30 GMT
cache-control: public, max-age=31536000
age: 18135
last-modified: Wed, 27 Apr 2022 16:10:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.35200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hesaplimagaza.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 14:34:21 GMT
expires: Fri, 23 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 9324
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 16:38:21 GMT
content-type: application/json
age: 1884
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 18880e1808370080e86c124fc0f15477
cee3e545df43115cf8bc5b560e2c25b529219c16
8f162b3abb4870796094fcc5a6736023539c294aec20e149c97af1ab39c42337
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 135606a5e990506b3e92eda82ef79170
a3de3c800534ad64b2e2198941e3911a4e51df8e
558ce08e84a4581859ae4302371540e4240e0b85866e37fb03174786388d5546
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "558CE08E84A4581859AE4302371540E4240E0B85866E37FB03174786388D5546"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6672
Expires: Thu, 23 Feb 2023 19:00:57 GMT
Date: Thu, 23 Feb 2023 17:09:45 GMT
Connection: keep-alive
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP 34.111.73.144:0
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: W0BOTyhr4twUvOZ5PXzJJypgQYWSdxyiNIVbzii2sCr6bqxjFhob0vSInGW+A8Nz6kahQNDtgAM=
x-amz-request-id: 5VNAE12H3Z1T7YB6
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Thu, 23 Feb 2023 11:49:07 GMT
age: 19238
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
www.hesaplimagaza.com/style.css
78.135.82.40404 Not Found 1.2 kB URL HTTP/2 www.hesaplimagaza.com/style.css
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 30a9aa3e2018df9e4d5a7dea65c283f6
6abb0707a87dd0140ae3488c3f2a378726e2ca53
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682
GET /style.css HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1236
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22
35.241.9.150200 OK 6.0 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (5951), with no line terminators
Hash 84c45909a46631dec23c78a3a547ca95
b511f80ad0abe7a6f0ce8988a0b9275573665c9a
ce6af1c28962645f13129411c11c7f156f0cd9e282f5ef0146d5cbd84a4e2b7e
GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5951
via: 1.1 google
date: Thu, 23 Feb 2023 16:49:30 GMT
age: 1215
last-modified: Sun, 19 Feb 2023 04:42:53 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0178fe0ebb0df24ee62cd67faccdc383
d25121befecd6d77962e988f68c871653cba1959
627efd1b332a0296cd7558e08374fabcd7c750683ab6ae22b9d7ab7f3b7537c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3129
Cache-Control: max-age=134743
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Etag: "63f6fcf7-1d7"
Expires: Sat, 25 Feb 2023 06:35:28 GMT
Last-Modified: Thu, 23 Feb 2023 05:43:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash be5a1814429d0a129322abda3791987f
9e0eeee65e17a9c6df149ed1f01d3d7194833fd8
75afa897dd6f4b97b0697589569c7c4f87e32b79addf981febc78a4ff741210e
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ooywWFZwKQ1e3Z2uGPD2CWASNQ2PIIjV6RGQLAPmHMymRsx598iYD4zdSCnZeTDRJT8VVliIC16uFtnCSgKScg==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1904183273
date: Thu, 23 Feb 2023 17:09:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.hesaplimagaza.com/favicon.ico
78.135.82.40404 Not Found 1.2 kB URL HTTP/2 www.hesaplimagaza.com/favicon.ico
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 30a9aa3e2018df9e4d5a7dea65c283f6
6abb0707a87dd0140ae3488c3f2a378726e2ca53
230d91b44ffd4de6a3cfe521b2560e5ed59763df51a5de76fc01513787fb1682
GET /favicon.ico HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1236
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677166673431&_since=%221666279968541%22
35.241.9.150200 OK 115 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677166673431&_since=%221666279968541%22
IP 35.241.9.150:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 115 kB (114691 bytes)
Hash e527a462754ad933c4afe4685a2ef8b3
e774f4492a12c6cb490a7981a6a587dd573373a7
00a33a3af2e664aa9ae0cd34f88a97e68f106b6a6d8236fa02db2428b2678d99
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677166673431&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 114691
via: 1.1 google
date: Thu, 23 Feb 2023 16:52:53 GMT
age: 1012
last-modified: Thu, 23 Feb 2023 15:37:53 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0178fe0ebb0df24ee62cd67faccdc383
d25121befecd6d77962e988f68c871653cba1959
627efd1b332a0296cd7558e08374fabcd7c750683ab6ae22b9d7ab7f3b7537c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3129
Cache-Control: max-age=134743
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 17:09:45 GMT
Etag: "63f6fcf7-1d7"
Expires: Sat, 25 Feb 2023 06:35:28 GMT
Last-Modified: Thu, 23 Feb 2023 05:43:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/style/grab.png
78.135.82.40200 OK 149 B URL HTTP/2 www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/style/grab.png
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a0f9c67b52b3d68a10c1d8c3fb478aa
712cd24d598b5662307fcd303ea52e4df993787a
80ba75bd8d2e4ef465a408b44ac86d6f86240d1435390dc712ea41db2b99738a
GET /catalog/view/theme/journal3/lib/masterslider/style/grab.png HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/catalog/view/theme/journal3/lib/masterslider/style/masterslider.css?v=14218c54
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/png
last-modified: Thu, 01 Apr 2021 01:32:56 GMT
accept-ranges: bytes
content-length: 149
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 23 Feb 2023 20:36:02 GMT
Date: Thu, 23 Feb 2023 17:09:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 23 Feb 2023 20:36:02 GMT
Date: Thu, 23 Feb 2023 17:09:46 GMT
Connection: keep-alive
www.hesaplimagaza.com/image/cache/catalog/product/625f434573618_3ccf34e1b922401f9a7d24187c7ff089-300x400w.webp
78.135.82.40200 OK 2.9 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/product/625f434573618_3ccf34e1b922401f9a7d24187c7ff089-300x400w.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce617a99a073f035447775e847eadbec
1666df42b5d81bc2e60a1d2c3f4c9fec54257ed1
28ea489f8eaebc4f9fbaab245c62a5a044800bf1d87a27b66bcbd1b1cc4a2e15
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/product/625f434573618_3ccf34e1b922401f9a7d24187c7ff089-300x400w.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/webp
last-modified: Fri, 22 Apr 2022 11:50:57 GMT
accept-ranges: bytes
content-length: 2898
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/product/62a8726fa8fe5_793f372d3a10484cb0db8cf945339e49-300x400w.webp
78.135.82.40200 OK 7.6 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/product/62a8726fa8fe5_793f372d3a10484cb0db8cf945339e49-300x400w.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc024d656c06350b4e6523caa0240b86
988849f3c9940e1d4e7e7a42b87f3711b796a799
e3c5a29dc439d565e81fd5a6663893334154ce44c00ee683ed6bf0506a84b27d
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/product/62a8726fa8fe5_793f372d3a10484cb0db8cf945339e49-300x400w.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/webp
last-modified: Tue, 14 Jun 2022 12:41:45 GMT
accept-ranges: bytes
content-length: 7608
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e7cd1e9feb9abc7f7d7f0d5fc7b181f0
cf3ce1808c48e1a86910e16731a044f6cb26275d
426c90298d5a0807b7820d803ce2907268df1195e15d5582eb0ff2f3deeb318c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7734
x-amzn-requestid: fe4dc342-33b6-45f6-984c-2c71dfa0ec13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-lGiJoAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f6-489049413f3cb63c537f20d0;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KyUqB4zqsHWgCv7C3-PymFep4oVmPy4ZHFf75lYOfWbb4qgvVRqoLg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:51:47 GMT
age: 69479
etag: "cf3ce1808c48e1a86910e16731a044f6cb26275d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4016fa20fa2642f89d375fcc2855d4b
f1733be34a214e9565208f814dd3990f89cafbcb
74686e6a674433c436bce8c70cecc1a2cde51e82241e8251188ebd587fd4ee18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9721
x-amzn-requestid: 5ddea3ff-b6e2-4528-8e71-eade54612b4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3HJpoAMF5LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-413219251feae2e32b9e6857;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iHR9N5OPgY8mjpsZowY-Ipeq62c8O_QQorpNmIOa68_vmWyY0eqt-A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:44:15 GMT
age: 69931
etag: "f1733be34a214e9565208f814dd3990f89cafbcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c6732b7444870a5b22ebce5df2c278b
bd8bd8ba57a3d59b71f910110b7b0ce23c7bf605
6232d37914485ffd42f7e5932c36a9ff49bdd42bb8a13837cc9c054d86ccdc78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6014
x-amzn-requestid: bd27a21d-c09d-4d37-ba2d-72144fc7dd53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aw9JeGqvoAMFkhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f6a8a2-4940a8d470c04d9b2ce70b12;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 23:43:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qb9klr3RdNqiiu9QulerHB84G6zpnon_xHZx8kJwq7PVqWxyPAz8vw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 04:52:48 GMT
age: 44218
etag: "bd8bd8ba57a3d59b71f910110b7b0ce23c7bf605"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a6c075bf39141bbc7826d6969cf2ac8
8a3f71fea281d57261814a858c94fd11f083b9fe
dbd5fd07729dd569dd87128ba167ccccb2fa1c8e73f3eb6d64ac1c37f8294db7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6643
x-amzn-requestid: 326ed8fb-b228-4546-adf3-a188ce799089
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArXwJG4OoAMFVZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46ccd-74c2a8741928ad99733db89f;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:03:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gu_G39ZXNYgyloJITQfAYavWjzrcB_sPNNOROrgBJW3BZtCVLpbxSQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 00:42:09 GMT
age: 59257
etag: "8a3f71fea281d57261814a858c94fd11f083b9fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
IP 34.120.237.76:0
File type gzip compressed data, max compression\012- data
Hash 6cc8eefce9948605452215c9ff59ec07
094943ffd302e56e7d6c0ee92194aa3fb676eff3
f484bc7a62679a5d6f352dbd58d86e31fecd78bb19f26c508c0d1821801b32f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9686
x-amzn-requestid: 4eb1ca50-a322-4f64-8cb9-be0315918800
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArYWFF8fIAMFRlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46dc0-35fee09f3e6ff22358e9da0c;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:07:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ifg3X--I8qSAGRMvv97fc3eLcmMZuEoLcaA87ONUHByrqcO_vfFq4Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 05:04:42 GMT
age: 43504
etag: "9cc85c16fd4a9d10df5db5ddfc54b0d88999f317"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbf1945668d4a8c35e68f8d60fd80f56
0553020a82f7a6245a2979d58e1765883a777893
4220c9dea6f77c1775be6ca4d1d133b3d8f1d9caec3cc6e85747b87c7d897a92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5823
x-amzn-requestid: 4b226ac8-c443-4382-ab8e-b618c95a713d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aq1HSFWvIAMFUAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f43561-7ac4a51e389a6e6b2a9199a5;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 03:07:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dtWC44nCUmtR6U6wTsd4PynkTqmJ79bFeZmUJUVQguz3l8BSR9A1Zg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 04:02:15 GMT
age: 47251
etag: "0553020a82f7a6245a2979d58e1765883a777893"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/product/61e87e6f8bf6e_8783686c0ac64046916e23d647e7b1e6-300x400w.webp
78.135.82.40200 OK 33 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/product/61e87e6f8bf6e_8783686c0ac64046916e23d647e7b1e6-300x400w.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ff0b34ab57e8e05f8b16408a449a7c3
77b49bb0e57ca8c800ab231a0c509894526abea0
0d1e4c789254260f0a1ade1d9a09d489687986ec7a5e50df8483aa2f6e974d61
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/product/61e87e6f8bf6e_8783686c0ac64046916e23d647e7b1e6-300x400w.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/webp
last-modified: Wed, 19 Jan 2022 21:20:07 GMT
accept-ranges: bytes
content-length: 33194
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 681 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Hash b3c57c4bb39f0c7541d93ba82a5cd4c9
be92fd1cee01b4a8bb4174b0b11e53be649cd1a3
98e848e13f44cb1595f2f1882c734fd25761a0e8facae4e0c3dcff6f322a4000
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Last-Modified, Backoff, Alert, Cache-Control, ETag, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Thu, 23 Feb 2023 16:36:49 GMT
age: 1977
last-modified: Wed, 22 Feb 2023 16:36:55 GMT
etag: "1677083815772"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/product/611d0215af3c1_4f705221a5034ec7b37de480fc135595-300x400h.webp
78.135.82.40200 OK 17 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/product/611d0215af3c1_4f705221a5034ec7b37de480fc135595-300x400h.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 64b0e15d82ecc2596e9ae43fca49343b
0169a3e424c1afd3b1d29aa19a4c13e336889249
d9d1e7a62eedea09919ba7047b6eba4acb30ee454ecdcfdb91d1794ce916b2db
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/product/611d0215af3c1_4f705221a5034ec7b37de480fc135595-300x400h.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 05:55:41 GMT
accept-ranges: bytes
content-length: 16668
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/product/63d3c9a84e8b8_b71ef00b11784722a4b98f6deebcea1f-300x400w.webp
78.135.82.40200 OK 15 kB URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/product/63d3c9a84e8b8_b71ef00b11784722a4b98f6deebcea1f-300x400w.webp
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9168d06614f4c1ee360a87337437009a
54efe884d2a792e939c2db8f265497d923446be7
16229f760658c6179f41033a44b2fae6735db20187f2e0b9e9f9542e7d6f3086
Analyzer Verdict Alert fortinet Malware
GET /image/cache/catalog/product/63d3c9a84e8b8_b71ef00b11784722a4b98f6deebcea1f-300x400w.webp HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:43 GMT
content-type: image/webp
last-modified: Fri, 27 Jan 2023 20:01:13 GMT
accept-ranges: bytes
content-length: 14726
date: Thu, 23 Feb 2023 17:09:43 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1718), with no line terminators
Hash 3cbf51bbaf8bb528a034989257447d86
8dd38651205ecdbf2c5093b3df5de8bd626c9d92
59a47ed5c562bad2d78d22af00951c1fdf4a6eb2066324e966dbe4525e64ec3f
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1718
via: 1.1 google
date: Thu, 23 Feb 2023 16:59:47 GMT
age: 599
last-modified: Wed, 22 Feb 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1250), with no line terminators
Hash c9f7f64ea0e8fd2d1098afb18806601b
fac82a10d89a339d7970db44b47633465d7b16f8
e0ed15ed986855d3c7eec307e2333aeea9211c5c3d8849dabaa56395dbaec026
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1250
via: 1.1 google
date: Thu, 23 Feb 2023 16:15:56 GMT
age: 3230
last-modified: Wed, 22 Feb 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1743), with no line terminators
Hash 8d7098a815bd465cf003589b0703c6b0
202cba221e952763f4ccf8e16df65693d9098b44
8cf3d3a8263ffc0df70842cb3968feef260daaa2977cd450819a346d48712114
GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1743
via: 1.1 google
date: Thu, 23 Feb 2023 16:55:41 GMT
age: 845
last-modified: Wed, 22 Feb 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3484434284957071&ev=PageView&dl=https%3A%2F%2Fwww.hesaplimagaza.com%2F&rl=&if=false&ts=1677172205846&sw=1280&sh=1024&v=2.9.96&r=stable&a=exopencart-3.0.2.0-4.0.0&ec=0&o=30&cs_est=true&fbp=fb.1.1677172205845.50032132&it=1677172205394&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=3484434284957071&ev=PageView&dl=https%3A%2F%2Fwww.hesaplimagaza.com%2F&rl=&if=false&ts=1677172205846&sw=1280&sh=1024&v=2.9.96&r=stable&a=exopencart-3.0.2.0-4.0.0&ec=0&o=30&cs_est=true&fbp=fb.1.1677172205845.50032132&it=1677172205394&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=3484434284957071&ev=PageView&dl=https%3A%2F%2Fwww.hesaplimagaza.com%2F&rl=&if=false&ts=1677172205846&sw=1280&sh=1024&v=2.9.96&r=stable&a=exopencart-3.0.2.0-4.0.0&ec=0&o=30&cs_est=true&fbp=fb.1.1677172205845.50032132&it=1677172205394&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 23 Feb 2023 17:09:46 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22
35.241.9.150200 OK 5.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (5628), with no line terminators
Hash c2aaf121f79032d2dbef3b6bbebc5bda
9aea63df55fe7bbf0337658087da5679e68fff39
570d0386b573c64a975e5ce952c25a81ad35b59a114e7d86f9a85d2a0d4c5c62
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5628
via: 1.1 google
date: Thu, 23 Feb 2023 17:00:41 GMT
age: 545
last-modified: Wed, 22 Feb 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22
35.241.9.150200 OK 60 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (59855), with no line terminators
Hash bcb198ca74c45fbd1b5861b2a0f9d223
5412c0ce213fac042543ac71439580df1344f9d6
cc36baa1c30fb3d6aa628df0a08dad136d3ddbf90fb7efcd7d814b80fed967d9
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 59855
via: 1.1 google
date: Thu, 23 Feb 2023 16:35:05 GMT
age: 2081
last-modified: Tue, 21 Feb 2023 20:40:27 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1505), with no line terminators
Hash 8c387573e466da58de34efecea89a4a1
3bee30f48f21c082dee7ce7b52ebd7b4e30edca8
019686dbf2b110ba2e746777c3539cf842f44eeb333ec45af0f41d785a2c9272
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1505
via: 1.1 google
date: Thu, 23 Feb 2023 17:02:48 GMT
age: 418
last-modified: Mon, 20 Feb 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 935 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Hash 6c796237d371d417e638a02a0cd932e7
6d289d3a27964ab953e0dd0d0d771ce754bc8851
b8d634496126a0452c5b9443293308160c29efffa1462027e0161876494982e8
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Thu, 23 Feb 2023 16:38:43 GMT
age: 1864
last-modified: Mon, 20 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (22469), with no line terminators
Hash 17717d070272f82b3d1e5ea83e8cb663
71c48b44180dd2fa42c9506df93de407f8ad3362
e9499f291df345def3e65b7c951365247357ba986c5c4aaf74c24bae96402a23
GET /v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22469
via: 1.1 google
date: Thu, 23 Feb 2023 16:25:19 GMT
age: 2668
last-modified: Thu, 16 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: QTTU+tjihf3VsXZj9Rga3flg/BF4OwFQ/p/YawOzscZhYzRduJuXPzUrYQfymoW7pFqklWpdD9c=
x-amz-request-id: ZQTYHETYF2C3N9PC
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Thu, 23 Feb 2023 16:54:09 GMT
age: 938
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
content-length: 5348
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
35.241.9.150200 OK 2.4 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (2385), with no line terminators
Hash 3ed4ee56cc126168f925b2f49a8dcc1c
45f3b4100b2280bbe32cacbd96e61f557a6c59ad
262bb8b6c01231075d5b8091e674d404a647efe8f2e0bf679f2f350a4a4222e3
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2385
via: 1.1 google
date: Thu, 23 Feb 2023 16:56:10 GMT
last-modified: Thu, 23 Feb 2023 16:36:43 GMT
content-type: application/json
age: 817
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hesaplimagaza.com/image/cache/catalog/demo22/0000045-400x400.gif
78.135.82.40200 OK 0 B URL HTTP/2 www.hesaplimagaza.com/image/cache/catalog/demo22/0000045-400x400.gif
IP 78.135.82.40:0
ASN #207326 HostLAB Bilisim Teknolojileri A.S.
GET /image/cache/catalog/demo22/0000045-400x400.gif HTTP/1.1
Host: www.hesaplimagaza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Cookie: lisansimo=1677172181; OCSESSID=f69cc83ace55998d344f68dcd9; language=tr-tr; currency=TRY
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 02 Mar 2023 17:09:42 GMT
content-type: image/gif
last-modified: Thu, 30 Sep 2021 00:13:01 GMT
accept-ranges: bytes
content-length: 483013
date: Thu, 23 Feb 2023 17:09:42 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat&display=swap
IP 142.250.74.74:0
GET /css?family=Montserrat&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hesaplimagaza.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Feb 2023 17:09:44 GMT
date: Thu, 23 Feb 2023 17:09:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2