Report - anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

Report Overview

Visited public
2023-09-22 10:51:52
Tags
dhl logistics phishing
URL
anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Finishing URL
anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
IP / ASN
93.89.224.165
#51557 Isimtescil Bilisim A.S.
Title
Tracking | DHL | Global
Phishing - DHL

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ipinfo.io	8136	2013-04-23	2013-12-16 08:25:53	2023-09-22 06:00:08	754 B	918 B	34.117.59.81
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-09-22 05:15:53	795 B	9.0 kB	151.101.193.229
anadolutelekom.org	unknown	unknown	2017-12-22 23:34:23	2023-03-21 03:46:20	8.0 kB	528 kB	93.89.224.165
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-09-22 08:01:48	354 B	34 kB	142.250.74.138
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-09-22 05:24:08	445 B	32 kB	151.101.66.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-22 10:51:35	medium	Client IP	34.117.59.81	ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	From	Size	First Seen	Last Seen
	anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1 IP 93.89.224.165 ASN #51557 Isimtescil Bilisim A.S. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 09:24 Times Seen4635109 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	anadolutelekom.org/wp-content/-/dist/js.cookie.js	ScriptElement	3.4 kB	2023-03-07	2025-03-27
Pretty URL anadolutelekom.org/wp-content/-/dist/js.cookie.js IP 93.89.224.165 ASN #51557 Isimtescil Bilisim A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-03-27 17:22 Times Seen119 Hash 19d988c6d1e7cd9d601639a616dc769b 2cf3f170a083a3e4538a6f55b1064eaf737f6180 9df6e8c4bc8ea670d2f4da40a35a41772cc8857aca288a77acfa891cf1a54c36 Loading...

	anadolutelekom.org/wp-content/-/dist/jquery-lang.js	ScriptElement	28 kB	2023-03-07	2025-03-27
Pretty URL anadolutelekom.org/wp-content/-/dist/jquery-lang.js IP 93.89.224.165 ASN #51557 Isimtescil Bilisim A.S. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-03-27 17:22 Times Seen102 Hash 1062fb1e2ffb1b8b6c596da423b9aef6 e0f54f2cdfce6d3861506744d6c52fbc23f612e9 67829a15eafd08a53376a78dc3574724e4bf87455bdc7b52c9b01828df272ca2 Loading...

	unknown	ScriptElement	1.5 kB	2023-03-07	2025-01-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-01-21 12:50 Times Seen16 Hash faea0c32cf28c16cb1806a8a8b067394 2f2fe3af60bd6411c061fd6562552e29c252e062 6b5f479eedfe9c88977a141bfd5bce751323ef84955f0284b6b39634fd4e3784 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js	ScriptElement	93 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 08:26 Times Seen10307 Hash e0e0559014b222245deb26b6ae8bd940 e2f3603e23711f6446f278a411d905623d65201e 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Loading...

	anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1 IP 93.89.224.165 ASN #51557 Isimtescil Bilisim A.S. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 09:24 Times Seen4635109 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	24 kB	2023-04-05	2025-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 03:16 Last Seen2025-05-09 01:38 Times Seen1255 Hash 2adc424801bb73bee0fa69c743346a66 0ae93cd2e60fe32e1e9027753ad5886c1881fbc3 4d387da2ff19dfde5d0c90c4c0f0f97a8da665a6e0f9553758626d0135c08714 Loading...

	unknown	ScriptElement	629 B	2023-03-07	2025-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-29 12:30 Times Seen113 Hash 40caf4b9db3eeb421d7639f1c1cb39e0 d0afc8f3fef2cf87946a0eca6461a4a2d55a5680 4443f9401c6a316d9ac2cb120686003f32a7933a52b29894609185f058a5308e Loading...

	cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js	ScriptElement	21 kB	2023-03-07	2025-05-08
Pretty URL cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 22:07 Times Seen6210 Hash 1022eaf388cc780bcfeb6456157adb7d 313789ca0e31b654784dbba8b0f83f364f8683b4 fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f Loading...

	anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1 IP 93.89.224.165 ASN #51557 Isimtescil Bilisim A.S. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 09:24 Times Seen4635109 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1 IP 93.89.224.165 ASN #51557 Isimtescil Bilisim A.S. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 09:24 Times Seen4635109 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/pen.js	ScriptElement	2.1 kB	2023-03-07	2025-01-21
Pretty URL anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/pen.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-01-21 12:50 Times Seen15 Hash 9f83c8f33fcf9ff06b273fc12daf3e7e 5cdfb9168b61438c796cfaef083bb926670b4668 458c68857a7206d069c0135294fc1d66bc37c81beb29996115f54f32c7025828 Loading...

	unknown	ScriptElement	9 B	2023-03-07	2025-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 09:03 Times Seen20194 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

	code.jquery.com/jquery-3.5.1.min.js	ScriptElement	90 kB	2023-03-07	2025-05-09
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 07:58 Times Seen108603 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

HTTP Transactions (23)

URL IP Response Size

anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

93.89.224.165

1.8 kB

URL User Request GET
anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
IP
93.89.224.165:0
ASN
#51557 Isimtescil Bilisim A.S.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.8 kB (1782 bytes)
Hash
e9bb5045993f47e94abe95ed8a6dd09c
cf36b8ecf43c58664fbb5b3c079eccab4296e487
b47449d7c5ea58ab75f5244df83e8344efd70f2a7f40d49b7eb91ebd093edbca

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1 HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
Last-Modified: Mon, 01 Aug 2022 18:50:13 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1782
Date: Fri, 22 Sep 2023 10:51:32 GMT
Server: LiteSpeed

ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

142.250.74.138

200 OK

33 kB

URL GET HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
142.250.74.138:80
ASN
#15169 GOOGLE

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
ASCII text, with very long lines (32072)
Size
33 kB (32954 bytes)
Hash
e0e0559014b222245deb26b6ae8bd940
e2f3603e23711f6446f278a411d905623d65201e
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

HTTP Headers

GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32954
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 19 Sep 2023 13:53:21 GMT
Expires: Wed, 18 Sep 2024 13:53:21 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 248293
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding

code.jquery.com/jquery-3.5.1.min.js

151.101.66.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://anadolutelekom.org
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 22 Sep 2023 10:51:34 GMT
age: 577695
x-served-by: cache-lga13628-LGA, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 59, 148005
x-timer: S1695379894.470530,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2

anadolutelekom.org/wp-content/-/dist/js.cookie.js

93.89.224.165

200 OK

1.4 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/js.cookie.js
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
ASCII text
Size
1.4 kB (1387 bytes)
Hash
19d988c6d1e7cd9d601639a616dc769b
2cf3f170a083a3e4538a6f55b1064eaf737f6180
9df6e8c4bc8ea670d2f4da40a35a41772cc8857aca288a77acfa891cf1a54c36

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/js.cookie.js HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Fri, 29 Sep 2023 10:51:32 GMT
Content-Type: application/javascript
Last-Modified: Wed, 02 Feb 2022 23:36:22 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1387
Date: Fri, 22 Sep 2023 10:51:32 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/jquery-lang.js

93.89.224.165

200 OK

7.0 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/jquery-lang.js
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
ASCII text
Size
7.0 kB (7000 bytes)
Hash
1062fb1e2ffb1b8b6c596da423b9aef6
e0f54f2cdfce6d3861506744d6c52fbc23f612e9
67829a15eafd08a53376a78dc3574724e4bf87455bdc7b52c9b01828df272ca2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/jquery-lang.js HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Fri, 29 Sep 2023 10:51:32 GMT
Content-Type: application/javascript
Last-Modified: Wed, 02 Feb 2022 23:36:22 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 7000
Date: Fri, 22 Sep 2023 10:51:32 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/dhl.css

93.89.224.165

200 OK

313 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/dhl.css
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
Unicode text, UTF-8 text, with very long lines (1148), with CRLF line terminators
Size
313 kB (313211 bytes)
Hash
edc1d740fd431bde301167129b27c429
8bc3af8787353af01e3c435588cb0a3fb4484ee6
6b452c628f8e71255d2f8fdbabe178594bf915b2ff15ada033e94f13a8e7b6a5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/dhl.css HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Fri, 29 Sep 2023 10:51:32 GMT
Content-Type: text/css
Last-Modified: Wed, 02 Feb 2022 23:36:22 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 313211
Date: Fri, 22 Sep 2023 10:51:32 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/favicon.ico

93.89.224.165

200 OK

1.2 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/favicon.ico
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/favicon.ico HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Fri, 29 Sep 2023 10:51:33 GMT
Content-Type: image/x-icon
Last-Modified: Wed, 02 Feb 2022 23:36:22 GMT
Accept-Ranges: bytes
Content-Length: 1150
Date: Fri, 22 Sep 2023 10:51:33 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff

93.89.224.165

200 OK

41 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Size
41 kB (41084 bytes)
Hash
03f859bf58e4d37841070de34be7d978
3436d4fa17e7ee470c3d62b08787cfa7de408408
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/dist/dhl.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Fri, 29 Sep 2023 10:51:33 GMT
Content-Type: font/woff
Last-Modified: Wed, 02 Feb 2022 23:36:22 GMT
Accept-Ranges: bytes
Content-Length: 41084
Date: Fri, 22 Sep 2023 10:51:33 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/load.php

93.89.224.165

200 OK

1.2 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/load.php
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
HTML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1206 bytes)
Hash
a2fb3bf316cedcf86157ba3b718e34aa
dba222a89ce89e2f6e4548ab53de2a548b970983
b332366c284ca97fc1e69f7b66810942e1623373de507ab574405a86a3079d97

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/load.php HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Length: 1206
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 22 Sep 2023 10:51:33 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/DHL_head.html

93.89.224.165

200 OK

3.1 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/DHL_head.html
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1836)
Size
3.1 kB (3110 bytes)
Hash
87b9165921360076b18c81132d880492
22015dfa0d466f9d31d4d735067c947de02f7da9
24ab0bd6b5eaa08836e1c9283423627df4247bdbcdff4c06976e903724409b7e

HTTP Headers

GET /wp-content/-/dist/DHL_head.html HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
Last-Modified: Tue, 26 Jul 2022 15:48:30 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3110
Date: Fri, 22 Sep 2023 10:51:33 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/DHL_footer.html

93.89.224.165

200 OK

6.1 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/DHL_footer.html
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2591)
Size
6.1 kB (6053 bytes)
Hash
616cb00095c7ce1b07cb428677e5b3cc
58bd9999faf2e7561963cb5c99660e3083cf57fd
d0290a06b08708aeb8c06745c6914c98668286c3f87df270ba28df97a5c433fb

HTTP Headers

GET /wp-content/-/dist/DHL_footer.html HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
Last-Modified: Tue, 26 Jul 2022 15:48:30 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6053
Date: Fri, 22 Sep 2023 10:51:33 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff

93.89.224.165

200 OK

9.3 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
Web Open Font Format, TrueType, length 9316, version 1.0\012- data
Size
9.3 kB (9316 bytes)
Hash
9355df62a665ef9249036bbccad8c54c
6b7779a10187a1a7473f604fbe3db96350868c6a
6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/dist/dhl.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Fri, 29 Sep 2023 10:51:33 GMT
Content-Type: font/woff
Last-Modified: Wed, 02 Feb 2022 23:36:22 GMT
Accept-Ranges: bytes
Content-Length: 9316
Date: Fri, 22 Sep 2023 10:51:33 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff

93.89.224.165

200 OK

44 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
Web Open Font Format, TrueType, length 44260, version 1.66\012- data
Size
44 kB (44260 bytes)
Hash
4a350e02a03ac62e72e9ea575b31ce84
d47b03b96b6e7034a1473a293bb594e597a41dc2
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/dist/dhl.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Fri, 29 Sep 2023 10:51:33 GMT
Content-Type: font/woff
Last-Modified: Wed, 02 Feb 2022 23:36:22 GMT
Accept-Ranges: bytes
Content-Length: 44260
Date: Fri, 22 Sep 2023 10:51:33 GMT
Server: LiteSpeed

ipinfo.io/country

34.117.59.81

302 Found

72 B

URL GET HTTP/1.1
ipinfo.io/country
IP
34.117.59.81:80
ASN
#15169 GOOGLE

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
d07977596ea811ebbd3e38f2456cfcd4
056db8bd63dd36eaaea67a145068dd2d958b4349
59fc96d55ce791c77200358b9c8031f016f1ee6fcc93f5edb086d624dee49f23

HTTP Headers

GET /country HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://anadolutelekom.org/
Origin: http://anadolutelekom.org
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
access-control-allow-origin: *
location: https://ipinfo.io/country
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
date: Fri, 22 Sep 2023 10:51:35 GMT
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: gzip
transfer-encoding: chunked
Via: 1.1 google

anadolutelekom.org/wp-content/-/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff

93.89.224.165

200 OK

41 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
Web Open Font Format, TrueType, length 41328, version 1.66\012- data
Size
41 kB (41328 bytes)
Hash
e39bd2e2657ce5dd6f9c33df18529233
6db81ebb91bfa67cef8f2f870f03046150568799
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/dist/dhl.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Fri, 29 Sep 2023 10:51:33 GMT
Content-Type: font/woff
Last-Modified: Wed, 02 Feb 2022 23:36:22 GMT
Accept-Ranges: bytes
Content-Length: 41328
Date: Fri, 22 Sep 2023 10:51:33 GMT
Server: LiteSpeed

ipinfo.io/country

34.117.59.81

302 Found

3 B

URL GET HTTP/1.1
ipinfo.io/country
IP
34.117.59.81:80
ASN
#15169 GOOGLE

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
ASCII text
Size
3 B (3 bytes)
Hash
19541a2746e08a6b8f5145bdbaa23e45
00b970928589b6bdb02743a4bb8400e429e26abe
cfe72034a9f298fb79a6c1f2302673bb449c826d446b3efafdde95e6c48dc3ca

HTTP Headers

GET /country HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://anadolutelekom.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: text/html; charset=utf-8
content-length: 3
date: Fri, 22 Sep 2023 10:51:35 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

anadolutelekom.org/wp-content/-/dist/DHL_track.html

93.89.224.165

200 OK

2.4 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/DHL_track.html
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (356)
Size
2.4 kB (2377 bytes)
Hash
a874dcf948cbaca2e60016fdc6051240
2c507b6b998fc6566c6826041a6b53cade4d01b3
2ead38bc2564e385ca3a8bf748e164efa04d1eeca68876613c5f3b291226b1e5

HTTP Headers

GET /wp-content/-/dist/DHL_track.html HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
Last-Modified: Thu, 10 Feb 2022 02:45:44 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2377
Date: Fri, 22 Sep 2023 10:51:35 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/jquery.validate.min.js

93.89.224.165

200 OK

7.8 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/jquery.validate.min.js
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
Unicode text, UTF-8 text, with very long lines (24237)
Size
7.8 kB (7815 bytes)
Hash
8a25965d822705f957a243443d219787
0da4c535b50bdb4dffa3b5fae3e999aeee137cb5
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/jquery.validate.min.js HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Fri, 29 Sep 2023 10:51:35 GMT
Content-Type: application/javascript
Last-Modified: Wed, 02 Feb 2022 23:36:22 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 7815
Date: Fri, 22 Sep 2023 10:51:35 GMT
Server: LiteSpeed

cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

151.101.193.229

301 Moved Permanently

0 B

URL GET HTTP/1.1
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP
151.101.193.229:80
ASN
#54113 FASTLY

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Accept-Ranges: bytes
Date: Fri, 22 Sep 2023 10:51:37 GMT
X-Served-By: cache-bma1651-BMA
X-Cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

151.101.193.229

301 Moved Permanently

7.8 kB

URL GET HTTP/1.1
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP
151.101.193.229:80
ASN
#54113 FASTLY

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
ASCII text, with very long lines (21060)
Size
7.8 kB (7831 bytes)
Hash
1022eaf388cc780bcfeb6456157adb7d
313789ca0e31b654784dbba8b0f83f364f8683b4
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

HTTP Headers

GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://anadolutelekom.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.1
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
content-encoding: br
accept-ranges: bytes
date: Fri, 22 Sep 2023 10:51:37 GMT
age: 1210103
x-served-by: cache-fra-eddf8230124-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
X-Firefox-Spdy: h2

anadolutelekom.org/wp-content/-/dist/langpack/en.json

93.89.224.165

200 OK

514 B

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/langpack/en.json
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
JSON data\012- , ASCII text
Size
514 B (514 bytes)
Hash
e5111c3d242107acc93f71f9c9182079
c648da6b0a6c4f9b89dbee1027cf9a7be36217ca
86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/langpack/en.json HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: application/json
Last-Modified: Tue, 03 Aug 2021 04:58:58 GMT
Accept-Ranges: bytes
Content-Length: 514
Date: Fri, 22 Sep 2023 10:51:35 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/langpack/en.json

93.89.224.165

200 OK

514 B

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/langpack/en.json
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
JSON data\012- , ASCII text
Size
514 B (514 bytes)
Hash
e5111c3d242107acc93f71f9c9182079
c648da6b0a6c4f9b89dbee1027cf9a7be36217ca
86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/langpack/en.json HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: application/json
Last-Modified: Tue, 03 Aug 2021 04:58:58 GMT
Accept-Ranges: bytes
Content-Length: 514
Date: Fri, 22 Sep 2023 10:51:35 GMT
Server: LiteSpeed

anadolutelekom.org/wp-content/-/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff

93.89.224.165

200 OK

41 kB

URL GET HTTP/1.1
anadolutelekom.org/wp-content/-/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff
IP
93.89.224.165:80
ASN
#51557 Isimtescil Bilisim A.S.

Requested by
http://anadolutelekom.org/wp-content/-/2038f5c34b98649733e764bd106f2a67/execution.html?validation=e1s1

File type
Web Open Font Format, TrueType, length 41352, version 1.66\012- data
Size
41 kB (41352 bytes)
Hash
4e23ecf085132857bdb54b4da7373151
a50215c22a591536b21e509100d1707c6886ffd6
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /wp-content/-/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff HTTP/1.1
Host: anadolutelekom.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://anadolutelekom.org/wp-content/-/dist/dhl.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Fri, 29 Sep 2023 10:51:35 GMT
Content-Type: font/woff
Last-Modified: Wed, 02 Feb 2022 23:36:22 GMT
Accept-Ranges: bytes
Content-Length: 41352
Date: Fri, 22 Sep 2023 10:51:35 GMT
Server: LiteSpeed

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations