{"report_id":"43c49677-0172-4853-98ad-a41bffab3827","version":6,"status":"done","tags":[],"date":"2026-03-24T01:56:05Z","url":{"schema":"http","addr":"pay-heleket.click","fqdn":"pay-heleket.click","domain":"pay-heleket.click","tld":"click"},"ip":{"addr":"104.21.84.74","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"new-pay.heleket.com/","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"title":"Heleket Pay","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"pay-heleket.click","fqdn":"pay-heleket.click","domain":"pay-heleket.click","tld":"click"},"ip":{"addr":"104.21.84.74","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-28T01:56:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"ekr.zdassets.com","ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"domain_registered":"2013-01-28","domain_rank":18657,"first_seen":"2018-06-13T23:52:57Z","last_seen":"2026-03-18T18:11:37.949523Z","alert_count":0,"request_count":2,"received_data":6018,"sent_data":972,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"172.217.20.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-03-22T22:23:33.61086Z","alert_count":0,"request_count":3,"received_data":1376787,"sent_data":1353,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pay-heleket.click","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-16","domain_rank":0,"first_seen":"2026-03-24T01:56:11.770742Z","last_seen":"2026-03-24T01:56:11.770743Z","alert_count":0,"request_count":2,"received_data":94885,"sent_data":951,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"new-pay.heleket.com","ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-02-08","domain_rank":0,"first_seen":"2026-03-24T01:55:28.30893Z","last_seen":"2026-03-24T01:55:28.30893Z","alert_count":0,"request_count":22,"received_data":1591928,"sent_data":10762,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.google.com","ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-03-22T22:38:17.64832Z","alert_count":0,"request_count":4,"received_data":1956,"sent_data":3620,"comment":"","tags":null,"fingerprints":null},{"fqdn":"backend.heleket.com","ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-02-08","domain_rank":0,"first_seen":"2026-03-18T10:51:38.550918Z","last_seen":"2026-03-18T10:51:38.550918Z","alert_count":0,"request_count":6,"received_data":2459,"sent_data":3431,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"static.zdassets.com","ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"domain_registered":"2013-01-28","domain_rank":16846,"first_seen":"2018-06-23T22:11:55Z","last_seen":"2026-03-23T12:48:03.293376Z","alert_count":0,"request_count":6,"received_data":1608278,"sent_data":2690,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"static.zdassets.com/ekr/snippet.js?key=20c31533-77df-44dd-86a7-98733f5382e3","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ac92d3816200cade726460d171a85d80","sha1":"1a6ac5a4a7bbab040da06a0fe2e299129c235a60","sha256":"4553b16cc30c0c037aa88f6b7b5f44285872bdb09c63e618804daf29da09cf7f","sha512":"c091339ea06ea654482014778ce93e7b997629e5cd5aa623997e90254811130021af13d2340e67cf600f2ed150d086e239d11445ca2fa414fa4fa356965146fd","ssdeep":"192:4TF0ROzrDkD6B1c4QSZBxtjKkF2P5lQBbUMamqif8Ty1hynl8klCtsdHcHC:0FYOzHk+u4QSZYkIPnpcC+0nl8kotsqi","tlshash":"f012e9c1b1b2e47603a600e1603e9690f765191a360dc478f97cece6fd66dd1863beb8","size":9860,"data":"","first_seen":"2026-03-09T15:20:10.35684Z","last_seen":"2026-03-31T13:30:46.078244Z","times_seen":1500,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.zdassets.com/web_widget/messenger/latest/web-widget-main-9ad3e02.js","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"723b58a79a5a83b39a6a77f5fec6d323","sha1":"0b0e951912df85fbce67cb0630a1d912218980b8","sha256":"d4e9c3da457060854d26f4d5910448fd7247787fc765804d2b39719305baa036","sha512":"85cf6c327848c83f881502fb5315c468e06516b63e7c7dcfed9595a7fc2a458c0037df0f6d54a70e49c2c5aab1da2ccef36eaf0e749426b6a87c600806da8cfb","ssdeep":"12288:vF8HglD4qJ1Z55kMYDIODrKsP9Mva6CzFC2pAzRfHHgLWU:vFBlD401Z55kMYDIOasPEa6CzFC2ahgV","tlshash":"2ff44ac970d2b02647f755a6507f1007f33a2a19780d8450f268ecda7eb988da2b7f6d","size":759669,"data":"","first_seen":"2026-03-19T19:31:41.560188Z","last_seen":"2026-03-24T14:33:06.200676Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"domennc.com/static/tron/bundle.js","fqdn":"domennc.com","domain":"domennc.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"86d4567851415c72bcb6b5f0cee5f7b0","sha1":"31201a3365d34f88cfd2d40f25c85dcddeec6b28","sha256":"932aa5cff2ce63eb888c77998d09c4571f5dba61c79c626b9042d608c500199d","sha512":"b30a691eaca6d6bcf9c6a2e869a2ab934edbacf0250f7b1fbb4f47f40d6dbe6d8f7f7f3fd3c594ecd80bf2df036781c518679325a052dcd01abf35f4687714bb","ssdeep":"6144:7//PRxd02vLVNughJdwlVCZXZgzCN4JyYtKPfz8m:TPRxXDVNughJdwlVCZXZP2sfl","tlshash":"83645c51b7a53129076b0bd2407b1117f2376d9cb10a80acb3acecd66a7c589e46ff78","size":325879,"data":"","first_seen":"2026-03-14T17:37:57.696061Z","last_seen":"2026-03-26T21:18:53.108247Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pay-heleket.click/assets/js/app.js?v=1739450400","fqdn":"pay-heleket.click","domain":"pay-heleket.click","tld":"click"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb8082a88eb6e73f69f611ccb3b5a804","sha1":"9713c049ce2a8b4fe7db62e25e2a138fc8ba3ab3","sha256":"cf9d608a400fa51c99b489187513814d4f7ed2a5ec9bb1b1b22ed6e50113a674","sha512":"315c69a2d38839b45db101d50d41fee6f0fc631e6c1b97276dade1512872d9d8d4840e6faaca0da6704a354e38c4fb50d0e111c31a58b6b3d7cb3dc8c144560f","ssdeep":"384:SoA6cj1XjRrPYxjzsuFT7jpllWj/hokGK8Svmf5iv08BhhUnUcXkCgIsax/PMld5:0Dl+oThODkUnUBinQ","tlshash":"f903d578647311324013519f9bcf3045366460ef6a41d9b83ead8b9d2fcac6885b7fae","size":40693,"data":"","first_seen":"2026-03-24T01:55:34.301173Z","last_seen":"2026-05-04T09:13:47.12258Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"34578e4347322b0df40bfdcd19a7d20c","sha1":"d9dbb030afe090e10d12ca75f5136e9257f7f631","sha256":"6afec017b193ec01721638732769a336fde58d08a356096e66760d8180d3a0f6","sha512":"6688c7d4f29586b3bdc6035e0136cf3fd0f84a49106c37c4a6949c0cafeb5a4f04815a1ab76bd2b309d04493435f831ba886b56a2a45b31c17fe57b7da7a47f1","ssdeep":"","tlshash":"07f0ab8b3adb14302d5b913d573a8e142092311ba184c433bcfcc8162f0879a4a60aec","size":475,"data":"","first_seen":"2026-03-24T01:55:34.29934Z","last_seen":"2026-05-28T04:59:36.578041Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/react-toastify-BawdQ0yE.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"introduction_type":"importedModule","is_inline":false,"md5":"f2b8b798a77e8ce709e3f0ea6c70d037","sha1":"1fb973ce6f0c4426aae9a1fae4462f4ce6f6fa2a","sha256":"d3a3076f0dc92ae4c9708772b0c1c4bbb6df5495d042334d373c870575229b91","sha512":"ebbbd7da5836b9a01920ff711bd80a5e399cb3d542047591c2593d0600bd7d69e76fdf7683b236018213ba3d705aae7aecf1e453a1c21760371a497c7047568e","ssdeep":"384:lGtOgrCTQzbeKylFsRXgiAeVSKbgD5s3aNFp51:ktOHQXB0s5nhbk63Y1","tlshash":"41d2d680b9606e392da77d6643deca0dd12b60c288ef095d7def444d22c17c90fb2b5a","size":30749,"data":"","first_seen":"2026-03-24T01:55:34.278618Z","last_seen":"2026-03-24T01:56:15.161646Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/motion-Cu1gYSCb.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"introduction_type":"importedModule","is_inline":false,"md5":"33ee5745b97fcf354f63765aa9f57291","sha1":"de342179eea7f6d03b646006f47fa00bcdc68400","sha256":"62e909e666fec89dad8604fc61c37052945d57b07b0404b8384f02b2ab7c1141","sha512":"88fe4678db9bc21dcc64fd16ca8e5580fb09b0e5240e45769e6812c719ae3de017345eaf57dc73b458e76fd75c76ab6741db5a0596d439c61d63102ca6d72071","ssdeep":"3072:77gYamnA4PCOH3oOnj9ThnMTMoVARX/pLSU5EDEC7ngkPGu9vHK:4Yab4xXf91MMoORMK","tlshash":"63d328d8b291752283d784e580af0741b73a2c843009c4bcba7deddb7d6150a66bbb7d","size":142198,"data":"","first_seen":"2026-03-24T01:55:34.273513Z","last_seen":"2026-03-24T01:56:15.200662Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a7fbad248eef0354476e480db7b234","sha1":"d2ccb4fa0770558b914f0e38a9ea1f4383ae80cc","sha256":"481aa907df15c6b2f72c090969db7bf3623a3de12d812aeb337a810ee6e411c9","sha512":"9f5d9024ad2b67020fc2caeed4d2f91bf60591da37082d723e41515e6cde634b27b4fb52b747d05a78b6ce37c90e79ca6d825c3ea389ba917aa1f722b3ee13c8","ssdeep":"","tlshash":"e2e023e92c80803945781591a373c61470110e083c4af9e0d08d88816d70fe8188e54c","size":433,"data":"","first_seen":"2025-06-23T12:34:12.472132Z","last_seen":"2026-05-28T06:00:40.455751Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/button-DBFtGnxa.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"introduction_type":"importedModule","is_inline":false,"md5":"b9c4aeb1bb691789bd01ed7045e20995","sha1":"75310d54e173a5483326d119e28e2608e68d2c00","sha256":"75e3620cda0ebb5079c35e589ed07453e84f5e74352464d547cabfd92c456420","sha512":"dcbf194b867701844b38ee5978739bf4f572280d165d9793d2aaeeca2cffc4bc2de9272687900a58066d3f91a44d653d6fd1a38dcf5bc718dd962a7c34648b54","ssdeep":"192:mkXcIRcmTjIc+ucHjmburcVH0cMrBHvpfDPbm6MvD:mEcscVc5cDdrcicKBHvpfDPZMr","tlshash":"88d13088ef1c6138beb3401ba2763446f26a25bf5c75d8b8d41c4ebd528b1863a176d3","size":6401,"data":"","first_seen":"2026-03-24T01:55:34.25938Z","last_seen":"2026-03-24T01:56:15.163293Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-9ad3e02.js","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"387d6cb1295a2b76c77e1fb4c38ccd12","sha1":"bcf70d7493fc7ad060c963dde1910eb1f1b049b9","sha256":"f2a2bcf0bd56a731add1a18da2e8a2ae71d07ecaf3367e2559d7ed6100bc4b59","sha512":"ab0e90a8c94adc4b8b3c36d4fcf42f0994cdc883cf811f32cb6f4cd69a18d4765a87f6172275beecb8ce67c5330c0282983e8f455d8b253c18bde11c4722c07d","ssdeep":"768:JEVoMZVXq2LHAmhmksmQm9YMRtM8bHIZAZsy10TvYJI+rTC6ndno0K5u:JtAZsyMw7","tlshash":"06d24b3b449ca91e3f75a6817c45b24eb7ab9500bd8c4778f4869c0e93ecd1026fbb49","size":31071,"data":"","first_seen":"2026-03-18T19:00:49.085409Z","last_seen":"2026-03-26T17:34:52.73417Z","times_seen":184,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/@tanstack/react-query-CtcBY65R.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"introduction_type":"importedModule","is_inline":false,"md5":"9919589bfe448bfef02c3762303e7466","sha1":"10d00579850b62947c40a37295b1f7af4d9fd25c","sha256":"f3ed4769e3e53f4a477e5eb452d148a16b40acad7e6091ca63b9c8eaf34e3c9f","sha512":"2cb6e088ab715e633ceb6dfb0f92e09c9172347690cd2f915393f86c993971897690888219ba503717ef4ef953c5f55786dec8313fc671af9c8217b753276382","ssdeep":"768:NmVfahInecirvdh9sdRr1c02RIvtGT7w+qStvSLvtivfGHNpd6cQRC9+9Pmm76kO:YSVk2Ng+Im9Zx8BX","tlshash":"9f13d9d53142b2232ae2c491983f4115e2346c15340a906cb6ad9debf9a39cef4bff35","size":42690,"data":"","first_seen":"2026-03-24T01:55:34.255023Z","last_seen":"2026-03-24T01:56:15.15994Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/index-Cf0HqUWq.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"3435a76d779f625634fdc60024bc4eeb","sha1":"92d928ca24f5c56cf41b33a6481b267f94bc51b5","sha256":"2da75ef64485adcbe3d5f80b72cad53d1ed9479b8dfdc9d9ba32a0f97b328e9b","sha512":"5165ebbf5b51a21d1f610c59a7a152e573072f4d7dd508ceae5c374a910c3a86acaad9878bf0cc3916a9508463ac99b97943c429aff70b598efda748ed4988c8","ssdeep":"12288:suCuPMXAQThit44HN+LIhipN6xicUVyDkbG1wkOVQKSy:suCkMXA+iXHN+LIhiz6xzkbG1wm2","tlshash":"3bc439dc71a6b17247e345a4407f0107b3396926744c8464f528edee3eb980aa2bbf7d","size":593582,"data":"","first_seen":"2026-03-24T01:55:34.287372Z","last_seen":"2026-03-24T01:56:15.175464Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/not-found-CxENDkzJ.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"78c980acb8b244088d41eee10fa375dd","sha1":"48b0107b3fb95614dc450b396da3e9c449f1de68","sha256":"04f301ec75a3cb5845f8b4a1acc343d5c16db9d77ca36884f90e73c7fe5e3478","sha512":"17cf6df032b436b5362a2fdf1ea4614179e1466c5a840cd58f572b197d615824ea4318c121f905d2fcc4ce0f306f8e45ea4b1abfe0bfad8afd8fea66ddf90657","ssdeep":"96:jlSvxDr7C+Bkm6xs8nU8hUuD9qWOIwzbtlXhF7GCn20ny42nJ4:jl8f7C+BktxnnUhgqWmbtBL7Gi20nWn6","tlshash":"fa9185c2967dd3fc78096bec66b284153c2f1def5641e81582d91cb1e61118c2deac8b","size":4542,"data":"","first_seen":"2026-03-24T01:55:34.280388Z","last_seen":"2026-03-24T01:56:15.201519Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-1KK6CSP6GX\u0026cx=c\u0026gtm=4e63k1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.20.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a225afeea0872278b0d45c5b3691ffe","sha1":"7c90efa37d7c9adb7c27ebc9469950c427909b6e","sha256":"0591ded908502e164cbb20ecde13f35499e7448f96f4c28ced0e209130274a2f","sha512":"2ed09148516489d0ef9c7f82b6c6a354593152bfeb4329ed251e7b1374f6c35bf7a15575e559ad3e6f6053e48ffe8c8c626e5efca63852842e61437b896623f7","ssdeep":"6144:PdaG6hIFyKh+23cwxKH4V8qC+kur5nwPPASF8tiBM4QuA7VsVvOVmJ:POayg3uH28p2H4GbM","tlshash":"eeb40aceb3d674225296f478903f01cba97b28a2b45cc8aaf1d9cce02d7454a4177f78","size":536468,"data":"","first_seen":"2026-03-24T01:55:34.292137Z","last_seen":"2026-03-24T01:56:15.196926Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.zdassets.com/ekr/snippet.js?key=20c31533-77df-44dd-86a7-98733f5382e3","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ac92d3816200cade726460d171a85d80","sha1":"1a6ac5a4a7bbab040da06a0fe2e299129c235a60","sha256":"4553b16cc30c0c037aa88f6b7b5f44285872bdb09c63e618804daf29da09cf7f","sha512":"c091339ea06ea654482014778ce93e7b997629e5cd5aa623997e90254811130021af13d2340e67cf600f2ed150d086e239d11445ca2fa414fa4fa356965146fd","ssdeep":"192:4TF0ROzrDkD6B1c4QSZBxtjKkF2P5lQBbUMamqif8Ty1hynl8klCtsdHcHC:0FYOzHk+u4QSZYkIPnpcC+0nl8kotsqi","tlshash":"f012e9c1b1b2e47603a600e1603e9690f765191a360dc478f97cece6fd66dd1863beb8","size":9860,"data":"","first_seen":"2026-03-09T15:20:10.35684Z","last_seen":"2026-03-31T13:30:46.078244Z","times_seen":1500,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.zdassets.com/web_widget/messenger/latest/web-widget-main-9ad3e02.js","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"723b58a79a5a83b39a6a77f5fec6d323","sha1":"0b0e951912df85fbce67cb0630a1d912218980b8","sha256":"d4e9c3da457060854d26f4d5910448fd7247787fc765804d2b39719305baa036","sha512":"85cf6c327848c83f881502fb5315c468e06516b63e7c7dcfed9595a7fc2a458c0037df0f6d54a70e49c2c5aab1da2ccef36eaf0e749426b6a87c600806da8cfb","ssdeep":"12288:vF8HglD4qJ1Z55kMYDIODrKsP9Mva6CzFC2pAzRfHHgLWU:vFBlD401Z55kMYDIOasPEa6CzFC2ahgV","tlshash":"2ff44ac970d2b02647f755a6507f1007f33a2a19780d8450f268ecda7eb988da2b7f6d","size":759669,"data":"","first_seen":"2026-03-19T19:31:41.560188Z","last_seen":"2026-03-24T14:33:06.200676Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-9ad3e02.js","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"387d6cb1295a2b76c77e1fb4c38ccd12","sha1":"bcf70d7493fc7ad060c963dde1910eb1f1b049b9","sha256":"f2a2bcf0bd56a731add1a18da2e8a2ae71d07ecaf3367e2559d7ed6100bc4b59","sha512":"ab0e90a8c94adc4b8b3c36d4fcf42f0994cdc883cf811f32cb6f4cd69a18d4765a87f6172275beecb8ce67c5330c0282983e8f455d8b253c18bde11c4722c07d","ssdeep":"768:JEVoMZVXq2LHAmhmksmQm9YMRtM8bHIZAZsy10TvYJI+rTC6ndno0K5u:JtAZsyMw7","tlshash":"06d24b3b449ca91e3f75a6817c45b24eb7ab9500bd8c4778f4869c0e93ecd1026fbb49","size":31071,"data":"","first_seen":"2026-03-18T19:00:49.085409Z","last_seen":"2026-03-26T17:34:52.73417Z","times_seen":184,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WZ85S256","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.20.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f39e89daa162f293a690467e252c818","sha1":"fb0da6ed0df92df5a3942896ee0c06f2adea8531","sha256":"131004b73c85b2d9277e1ea94eb05e6b2b2c5ab17bc5ab058bca8c006e6bb05a","sha512":"58665cc604fbbfa011654ec3681dbee4563b9a043b2bb7ba4250324c89d012c5ad92ab8061ce9219f752eee7943c0c89e0a259bef9dd57ea1e1af2160cabb3c7","ssdeep":"6144:GG6hIFF+2RcwjKH4V8qC+kur5nwPPAygtbBPuA7V+22:oaFR8H28LUTk","tlshash":"ba9407cdb3da70665392b478903f018be17a69a2f44cc899f086d8d43e7469a4277f7c","size":420552,"data":"","first_seen":"2026-03-24T01:56:15.203237Z","last_seen":"2026-03-24T01:56:15.203237Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17102470621\u0026cx=c\u0026gtm=4e63k1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.20.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d9ea6f26810c651961e1cc8ce37c5ee","sha1":"df2d08b5c7833dca2694bb236b1d5f2d60548135","sha256":"d667a67f4343a2875840676680b0834d20e157a222e181b20d5173c62328510e","sha512":"2c720c7f196a89d61b09d981719dbc99565024544fbbcf525571dddaee2ca01a2d9c15e6cd1f07d4ec04bb95e04b2f2ebd13dcce13cb908df15c4d7cd6d88085","ssdeep":"6144:aG6hIF/+2RcwjKH4V8qC+kur5nwPPAwH8tEBBuA7V+O4Ux:Ua/R8H28Roa08","tlshash":"ea9407cdb3da70265392a478903f018be57a69a2f44ccc99f189ccd42e7469a4277f7c","size":417901,"data":"","first_seen":"2026-03-24T01:56:15.182248Z","last_seen":"2026-03-24T01:56:15.182248Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/@tanstack/react-query-CtcBY65R.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/@tanstack/react-query-CtcBY65R.js HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/assets/index-Cf0HqUWq.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-a6c2\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42690,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (34572)","md5":"9919589bfe448bfef02c3762303e7466","sha1":"10d00579850b62947c40a37295b1f7af4d9fd25c","sha256":"f3ed4769e3e53f4a477e5eb452d148a16b40acad7e6091ca63b9c8eaf34e3c9f","sha512":"2cb6e088ab715e633ceb6dfb0f92e09c9172347690cd2f915393f86c993971897690888219ba503717ef4ef953c5f55786dec8313fc671af9c8217b753276382","ssdeep":"768:NmVfahInecirvdh9sdRr1c02RIvtGT7w+qStvSLvtivfGHNpd6cQRC9+9Pmm76kO:YSVk2Ng+Im9Zx8BX","tlshash":"9f13d9d53142b2232ae2c491983f4115e2346c15340a906cb6ad9debf9a39cef4bff35","first_seen":"2026-03-24T01:55:34.255023Z","last_seen":"2026-03-24T01:56:15.15994Z","times_seen":2,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/fonts/Inter/Inter_Medium.woff2","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:41.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /fonts/Inter/Inter_Medium.woff2 HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:41 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 118976\r\nlast-modified: Wed, 18 Mar 2026 14:35:18 GMT\r\netag: \"69bab826-1d0c0\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":118976,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 118976, version 1.0","md5":"f692b89fdfa1b7c91b4fe77fd9c389cf","sha1":"a11c6d6db04eea9f2a16dedfcbebd72e2703455b","sha256":"374be1a97881d4a7875bb12fdb82e690c0bd044f58680043f40069541c01bdb9","sha512":"298cfd2e7bd0c16d846f71934c9c1008bc4f7256cbfcdc4641025dad6d396c2f26ee0bb279d785cb07bb5ba5b9dc9454b3a7130754daec88b12dce9db3113fb5","ssdeep":"3072:8tKaJSQslpF0a49TpCnS+k+LAcczbmkZ9M:aKSS5414S+k+8cczbM","tlshash":"1ec312eafcadc1d5fa0e9fbb0e42e6078801f5268790192c263e45637a9ffd0448d975","first_seen":"2025-03-07T09:32:42.676155Z","last_seen":"2026-06-08T11:25:57.930483Z","times_seen":219,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/react-toastify-BawdQ0yE.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/react-toastify-BawdQ0yE.js HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-781d\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30749,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (15870)","md5":"f2b8b798a77e8ce709e3f0ea6c70d037","sha1":"1fb973ce6f0c4426aae9a1fae4462f4ce6f6fa2a","sha256":"d3a3076f0dc92ae4c9708772b0c1c4bbb6df5495d042334d373c870575229b91","sha512":"ebbbd7da5836b9a01920ff711bd80a5e399cb3d542047591c2593d0600bd7d69e76fdf7683b236018213ba3d705aae7aecf1e453a1c21760371a497c7047568e","ssdeep":"384:lGtOgrCTQzbeKylFsRXgiAeVSKbgD5s3aNFp51:ktOHQXB0s5nhbk63Y1","tlshash":"41d2d680b9606e392da77d6643deca0dd12b60c288ef095d7def444d22c17c90fb2b5a","first_seen":"2026-03-24T01:55:34.278618Z","last_seen":"2026-03-24T01:56:15.161646Z","times_seen":2,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/locales/en/default.json","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /locales/en/default.json HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nsentry-trace: 8eb35db3da354e89b10c9f2e47e0e785-93381c2d5ba17119-0\r\nbaggage: sentry-environment=production,sentry-public_key=e9c7b14eb319495cbc9a47a78316b752,sentry-trace_id=8eb35db3da354e89b10c9f2e47e0e785,sentry-sample_rate=0.5,sentry-sampled=false\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:18 GMT\r\netag: W/\"69bab826-7188\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29064,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e4093accbb8bd8060b9e46728c885b5c","sha1":"cdf449d5b2fb8a8af26a1ab241530cead010b2a2","sha256":"5035aa9d1cce5cff897e9dd90cb450570f422d4faa92706e6cfc187423ba025d","sha512":"3ab1ab3d0298c62a13515db720e197adb6ffd43119173c40a2cdfb048f3d68e43fe699453fd6836bf8842dde7fdbef17e49ebad4a04cf885503a55574eca84da","ssdeep":"384:ma5gCqxAMsn0PUxGSDMbttN4scyKCmIvkSW5V+p+Ns2BX7u1sizTylIrwul/xlfi:maQxcn08DYi2hW5VTi1DfrVRbe+MwW","tlshash":"85d2410ef244167305c10202749fa5e7ab1a89ab0721717a5baf811d17eeebf8d7b4cd","first_seen":"2026-03-24T01:55:34.2581Z","last_seen":"2026-03-24T01:56:15.162474Z","times_seen":2,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/button-DBFtGnxa.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/button-DBFtGnxa.js HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-1901\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6401,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (6400)","md5":"b9c4aeb1bb691789bd01ed7045e20995","sha1":"75310d54e173a5483326d119e28e2608e68d2c00","sha256":"75e3620cda0ebb5079c35e589ed07453e84f5e74352464d547cabfd92c456420","sha512":"dcbf194b867701844b38ee5978739bf4f572280d165d9793d2aaeeca2cffc4bc2de9272687900a58066d3f91a44d653d6fd1a38dcf5bc718dd962a7c34648b54","ssdeep":"192:mkXcIRcmTjIc+ucHjmburcVH0cMrBHvpfDPbm6MvD:mEcscVc5cDdrcicKBHvpfDPZMr","tlshash":"88d13088ef1c6138beb3401ba2763446f26a25bf5c75d8b8d41c4ebd528b1863a176d3","first_seen":"2026-03-24T01:55:34.25938Z","last_seen":"2026-03-24T01:56:15.163293Z","times_seen":2,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026en=page_view\u0026dr=pay-heleket.click\u0026dl=https%3A%2F%2Fnew-pay.heleket.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1478726106.1774317342\u0026dt=Heleket%20Pay\u0026auid=1365506999.1774317342\u0026navt=n\u0026npa=1\u0026gtm=45be63k1v9223905714z89206022683za20gzb9206022683zd9206022683xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=103116026~103200004~115938466~115938468~116024733~117484252~117884344\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17102470621\u0026tid=AW-17102470621\u0026tft=1774317342926\u0026tfd=1231","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:19:44 GMT","end":"Mon, 18 May 2026 18:19:43 GMT"},"fingerprint":{"sha1":"F8:90:A0:F9:74:3F:20:44:F3:3A:FB:A7:89:DC:37:89:3C:83:4D:03","sha256":"BE:A4:BF:EB:A3:08:0B:22:38:7C:32:95:9D:25:3C:CB:F8:42:AD:54:32:60:4C:1D:43:C5:81:2C:4E:AF:DE:AE"}}},"request":{"raw":"GET /ccm/collect?frm=0\u0026en=page_view\u0026dr=pay-heleket.click\u0026dl=https%3A%2F%2Fnew-pay.heleket.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1478726106.1774317342\u0026dt=Heleket%20Pay\u0026auid=1365506999.1774317342\u0026navt=n\u0026npa=1\u0026gtm=45be63k1v9223905714z89206022683za20gzb9206022683zd9206022683xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=103116026~103200004~115938466~115938468~116024733~117484252~117884344\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17102470621\u0026tid=AW-17102470621\u0026tft=1774317342926\u0026tfd=1231 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T15:34:22.145557Z","times_seen":16243359,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/@tanstack/react-query-CtcBY65R.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/@tanstack/react-query-CtcBY65R.js HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-a6c2\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42690,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (34572)","md5":"9919589bfe448bfef02c3762303e7466","sha1":"10d00579850b62947c40a37295b1f7af4d9fd25c","sha256":"f3ed4769e3e53f4a477e5eb452d148a16b40acad7e6091ca63b9c8eaf34e3c9f","sha512":"2cb6e088ab715e633ceb6dfb0f92e09c9172347690cd2f915393f86c993971897690888219ba503717ef4ef953c5f55786dec8313fc671af9c8217b753276382","ssdeep":"768:NmVfahInecirvdh9sdRr1c02RIvtGT7w+qStvSLvtivfGHNpd6cQRC9+9Pmm76kO:YSVk2Ng+Im9Zx8BX","tlshash":"9f13d9d53142b2232ae2c491983f4115e2346c15340a906cb6ad9debf9a39cef4bff35","first_seen":"2026-03-24T01:55:34.255023Z","last_seen":"2026-03-24T01:56:15.15994Z","times_seen":2,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"backend.heleket.com/v1/fingerprint/geo","fqdn":"backend.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"backend.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 03:02:23 GMT","end":"Fri, 08 May 2026 03:02:22 GMT"},"fingerprint":{"sha1":"A0:D4:9C:03:DC:3A:8C:6C:87:7A:8F:6F:26:A0:7F:B0:6E:A3:0E:C1","sha256":"51:CC:19:46:D9:57:B0:14:8E:9A:90:6A:56:5D:3D:9E:2E:EE:02:7A:E1:C7:66:E7:8F:F9:5F:54:52:5B:62:CD"}}},"request":{"raw":"OPTIONS /v1/fingerprint/geo HTTP/1.1\r\nHost: backend.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: language\r\nReferer: https://new-pay.heleket.com/\r\nOrigin: https://new-pay.heleket.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method,Access-Control-Request-Headers\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: language\r\naccess-control-max-age: 0\r\nx-request-id: a6900325e72332bd0b760985ff17e07a\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T15:34:22.145557Z","times_seen":16243359,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":92,"dns":6,"connect":24,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-24T01:55:41.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pay-heleket.click/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:41 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-8ab\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2219,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"bb796a627635d65b0250754a4e8adfbb","sha1":"a5d2b00cea36d5b7cf077a4b282a77ee2bcf06aa","sha256":"02d9ad08b9f2a11d0c5edfa71595c0308de9705c0effd0e6fe1fd2fe117b639f","sha512":"f5245ec12882be8a704f7e9bc36e588121f6e2b52a1c84c22073c99ed1fb7a436a90ef9a4866cd15477dd2a6498813e1ecc20f759e8a9555999b83c5eaff6b77","ssdeep":"","tlshash":"3b41ed023de5c94556305227baf1e4289c83724f9648dca4b4ee507e1fc6bd24e53bba","first_seen":"2026-03-24T01:55:34.256285Z","last_seen":"2026-03-24T01:56:15.170006Z","times_seen":2,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":83,"dns":1,"connect":25,"send":0,"wait":26,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/fonts/Inter/Inter_Regular.woff2","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:41.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /fonts/Inter/Inter_Regular.woff2 HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:41 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 116968\r\nlast-modified: Wed, 18 Mar 2026 14:35:18 GMT\r\netag: \"69bab826-1c8e8\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":116968,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 116968, version 1.0","md5":"b1376a34ab286e2382cd1a5f8af75537","sha1":"8abdb806484fc4302000105048cc3ea60db94d53","sha256":"d2edfede04b854c438c5ec1e1161207d389e7bef0b9ecb96ddc8ded6781a8423","sha512":"4bcc65b2d39946c8dae008206d0262673bb4d53b39d7c31602edb2137f6536a9c22f445b71c68da6a8360436ccd18a221201b9d3560653e9f0c511702a02d058","ssdeep":"1536:rM3EgwlRIICqa1krsCq5HwDg6FZg92n0UF2NgHW6rIq7ZvHL6cDUfclu9:5plRjCqaCRlvLbFin6rI4hmRL","tlshash":"02b312c5c153e966c6040ef7b37a8a1f1de54a63839878dc730520a44f2c6fee1da74a","first_seen":"2025-02-03T15:00:19.375313Z","last_seen":"2026-06-08T11:25:57.962121Z","times_seen":279,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/index-Cf0HqUWq.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:41.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/index-Cf0HqUWq.js HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:41 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-90eae\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":593582,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37703)","md5":"3435a76d779f625634fdc60024bc4eeb","sha1":"92d928ca24f5c56cf41b33a6481b267f94bc51b5","sha256":"2da75ef64485adcbe3d5f80b72cad53d1ed9479b8dfdc9d9ba32a0f97b328e9b","sha512":"5165ebbf5b51a21d1f610c59a7a152e573072f4d7dd508ceae5c374a910c3a86acaad9878bf0cc3916a9508463ac99b97943c429aff70b598efda748ed4988c8","ssdeep":"12288:suCuPMXAQThit44HN+LIhipN6xicUVyDkbG1wkOVQKSy:suCkMXA+iXHN+LIhiz6xzkbG1wm2","tlshash":"3bc439dc71a6b17247e345a4407f0107b3396926744c8464f528edee3eb980aa2bbf7d","first_seen":"2026-03-24T01:55:34.287372Z","last_seen":"2026-03-24T01:56:15.175464Z","times_seen":2,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.zdassets.com/ekr/snippet.js?key=20c31533-77df-44dd-86a7-98733f5382e3","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zdassets.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 17:00:34 GMT","end":"Tue, 19 May 2026 18:00:30 GMT"},"fingerprint":{"sha1":"14:9A:89:D7:CB:70:A3:11:58:FE:26:A0:14:7E:0E:40:5A:6E:0A:D3","sha256":"F7:5B:93:5D:37:70:AA:1F:CE:DB:DF:AF:12:84:79:9D:67:51:14:E9:D7:D9:AB:0C:32:4E:65:FD:74:64:C5:23"}}},"request":{"raw":"GET /ekr/snippet.js?key=20c31533-77df-44dd-86a7-98733f5382e3 HTTP/1.1\r\nHost: static.zdassets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nx-amz-id-2: lUNgwIp6RP2H2H8z6j5+ZaNHxwsLxCO9bEQzc55Sy8orL7ce03gDL4khDNa87s/WcMASb+f90dM=\r\nx-amz-request-id: SJHFYVNKGYA6ESBV\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Mon, 09 Mar 2026 15:16:18 GMT\r\netag: W/\"ac92d3816200cade726460d171a85d80\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=3600, s-maxage=60\r\nx-amz-version-id: gL9p1E1lXI9.wviR8d3JxmxfAjCB6.KA\r\nage: 36\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=YM5exw1PX47cjCuNzB30WgdWU870Iqz9ZQq9GDv8qSgT0VCCmDbncE1u5v93XZYakkHG2v9t2FkhfsNzqu1ptZwqMiUZBvlgTLOMzZgn2hO9YxBed7sRwNNe%2FagCEpMqtLBLC%2F4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=0\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 0\r\nserver: cloudflare\r\ncf-ray: 9e120e204e6c35a6-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9860,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9860), with no line terminators","md5":"ac92d3816200cade726460d171a85d80","sha1":"1a6ac5a4a7bbab040da06a0fe2e299129c235a60","sha256":"4553b16cc30c0c037aa88f6b7b5f44285872bdb09c63e618804daf29da09cf7f","sha512":"c091339ea06ea654482014778ce93e7b997629e5cd5aa623997e90254811130021af13d2340e67cf600f2ed150d086e239d11445ca2fa414fa4fa356965146fd","ssdeep":"192:4TF0ROzrDkD6B1c4QSZBxtjKkF2P5lQBbUMamqif8Ty1hynl8klCtsdHcHC:0FYOzHk+u4QSZYkIPnpcC+0nl8kotsqi","tlshash":"f012e9c1b1b2e47603a600e1603e9690f765191a360dc478f97cece6fd66dd1863beb8","first_seen":"2026-03-09T15:20:10.35684Z","last_seen":"2026-03-31T13:30:46.078244Z","times_seen":1500,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":51,"dns":7,"connect":1,"send":0,"wait":17,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.zdassets.com/web_widget/messenger/latest/web-widget-main-9ad3e02.js","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zdassets.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 17:00:34 GMT","end":"Tue, 19 May 2026 18:00:30 GMT"},"fingerprint":{"sha1":"14:9A:89:D7:CB:70:A3:11:58:FE:26:A0:14:7E:0E:40:5A:6E:0A:D3","sha256":"F7:5B:93:5D:37:70:AA:1F:CE:DB:DF:AF:12:84:79:9D:67:51:14:E9:D7:D9:AB:0C:32:4E:65:FD:74:64:C5:23"}}},"request":{"raw":"GET /web_widget/messenger/latest/web-widget-main-9ad3e02.js HTTP/1.1\r\nHost: static.zdassets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nx-amz-id-2: e3MumUu7RVFtgG/gECHuQfm/DNZPcVxfrtSAPHX7GmVI1b2WYDEgC3jBpLh37g+0CoN92UPQuXIhRQuD7/DAZRRQcaXQcxDn\r\nx-amz-request-id: D7Z7NZJ01123QPBC\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 19 Mar 2026 15:37:56 GMT\r\netag: W/\"723b58a79a5a83b39a6a77f5fec6d323\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 19 Mar 2027 15:37:55 GMT\r\nx-amz-version-id: AVT0eVg8lUMBzaXafV6_BXTDWheLxrHk\r\ncf-cache-status: HIT\r\nage: 382501\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=9rBw4bQH4cI5A%2FnNB%2BHmWyFw8XC5FcZXuBXA3dzI66tqer7jdIjYO8LdcEwmcVJFJ3Qv9hxJRKFhq0Z8Y%2FJp0OZBqx6n7qR5%2B77MPGvV9VBdAo%2F1u6cZtNeYDBrbQtaXMF%2FofUQ%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=0\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 0\r\nserver: cloudflare\r\ncf-ray: 9e120e235a9d35a6-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":759669,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65307)","md5":"723b58a79a5a83b39a6a77f5fec6d323","sha1":"0b0e951912df85fbce67cb0630a1d912218980b8","sha256":"d4e9c3da457060854d26f4d5910448fd7247787fc765804d2b39719305baa036","sha512":"85cf6c327848c83f881502fb5315c468e06516b63e7c7dcfed9595a7fc2a458c0037df0f6d54a70e49c2c5aab1da2ccef36eaf0e749426b6a87c600806da8cfb","ssdeep":"12288:vF8HglD4qJ1Z55kMYDIODrKsP9Mva6CzFC2pAzRfHHgLWU:vFBlD401Z55kMYDIOasPEa6CzFC2ahgV","tlshash":"2ff44ac970d2b02647f755a6507f1007f33a2a19780d8450f268ecda7eb988da2b7f6d","first_seen":"2026-03-19T19:31:41.560188Z","last_seen":"2026-03-24T14:33:06.200676Z","times_seen":80,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-9ad3e02.js","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zdassets.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 17:00:34 GMT","end":"Tue, 19 May 2026 18:00:30 GMT"},"fingerprint":{"sha1":"14:9A:89:D7:CB:70:A3:11:58:FE:26:A0:14:7E:0E:40:5A:6E:0A:D3","sha256":"F7:5B:93:5D:37:70:AA:1F:CE:DB:DF:AF:12:84:79:9D:67:51:14:E9:D7:D9:AB:0C:32:4E:65:FD:74:64:C5:23"}}},"request":{"raw":"GET /web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-9ad3e02.js HTTP/1.1\r\nHost: static.zdassets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nx-amz-id-2: jCgZJ23cqaKZV7pUC85ZajzHjt2OiPrEaoAizGBXVRw225focyxYLbsS7CSTAnGvjAbFRkkMVCfFdgqb3qBCCc1Y/gz23sDk\r\nx-amz-request-id: 9PGFS7XNETH2XWSC\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 19 Mar 2026 15:37:58 GMT\r\netag: W/\"387d6cb1295a2b76c77e1fb4c38ccd12\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 19 Mar 2027 15:37:57 GMT\r\nx-amz-version-id: bnjIuA09qZyE6tC4heURnkyeNc6T8VLm\r\ncf-cache-status: HIT\r\nage: 382501\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=zF33UIswowFtXUeVAfBOGGWFBXiKYhjcAjrJpRTDCuYiBhHCOCBYR0MtclEW5N8sYYbjUg0jqhEC%2FfvxuIM3Fh%2B1YrlIvNhoTmWdcgILCTQXJEX6YyxNb44IcPHsbPTqdVCQdk4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=0\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 0\r\nserver: cloudflare\r\ncf-ray: 9e120e259d7b35a6-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":31071,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31055), with no line terminators","md5":"387d6cb1295a2b76c77e1fb4c38ccd12","sha1":"bcf70d7493fc7ad060c963dde1910eb1f1b049b9","sha256":"f2a2bcf0bd56a731add1a18da2e8a2ae71d07ecaf3367e2559d7ed6100bc4b59","sha512":"ab0e90a8c94adc4b8b3c36d4fcf42f0994cdc883cf811f32cb6f4cd69a18d4765a87f6172275beecb8ce67c5330c0282983e8f455d8b253c18bde11c4722c07d","ssdeep":"768:JEVoMZVXq2LHAmhmksmQm9YMRtM8bHIZAZsy10TvYJI+rTC6ndno0K5u:JtAZsyMw7","tlshash":"06d24b3b449ca91e3f75a6817c45b24eb7ab9500bd8c4778f4869c0e93ecd1026fbb49","first_seen":"2026-03-18T19:00:49.085409Z","last_seen":"2026-03-26T17:34:52.73417Z","times_seen":184,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.zdassets.com/ekr/snippet.js?key=20c31533-77df-44dd-86a7-98733f5382e3","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zdassets.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 17:00:34 GMT","end":"Tue, 19 May 2026 18:00:30 GMT"},"fingerprint":{"sha1":"14:9A:89:D7:CB:70:A3:11:58:FE:26:A0:14:7E:0E:40:5A:6E:0A:D3","sha256":"F7:5B:93:5D:37:70:AA:1F:CE:DB:DF:AF:12:84:79:9D:67:51:14:E9:D7:D9:AB:0C:32:4E:65:FD:74:64:C5:23"}}},"request":{"raw":"GET /ekr/snippet.js?key=20c31533-77df-44dd-86a7-98733f5382e3 HTTP/1.1\r\nHost: static.zdassets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nx-amz-id-2: lUNgwIp6RP2H2H8z6j5+ZaNHxwsLxCO9bEQzc55Sy8orL7ce03gDL4khDNa87s/WcMASb+f90dM=\r\nx-amz-request-id: SJHFYVNKGYA6ESBV\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Mon, 09 Mar 2026 15:16:18 GMT\r\netag: W/\"ac92d3816200cade726460d171a85d80\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=3600, s-maxage=60\r\nx-amz-version-id: gL9p1E1lXI9.wviR8d3JxmxfAjCB6.KA\r\nage: 36\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=xxUM8IzesO7Y%2Fx9KC5uLfC2b7SI8C%2F1K3zL7DoU3QbIYR%2Bz4cM96Y5S09UkaQqtGeUrqkm0Sa%2BcJ4RxRVLbWDPfE74tHEhLuqNBlTuIubNojLcs2kACkFEjbDRTQ8iRM0ospVL0%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=0\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 0\r\nserver: cloudflare\r\ncf-ray: 9e120e202e4c35a6-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":9860,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9860), with no line terminators","md5":"ac92d3816200cade726460d171a85d80","sha1":"1a6ac5a4a7bbab040da06a0fe2e299129c235a60","sha256":"4553b16cc30c0c037aa88f6b7b5f44285872bdb09c63e618804daf29da09cf7f","sha512":"c091339ea06ea654482014778ce93e7b997629e5cd5aa623997e90254811130021af13d2340e67cf600f2ed150d086e239d11445ca2fa414fa4fa356965146fd","ssdeep":"192:4TF0ROzrDkD6B1c4QSZBxtjKkF2P5lQBbUMamqif8Ty1hynl8klCtsdHcHC:0FYOzHk+u4QSZYkIPnpcC+0nl8kotsqi","tlshash":"f012e9c1b1b2e47603a600e1603e9690f765191a360dc478f97cece6fd66dd1863beb8","first_seen":"2026-03-09T15:20:10.35684Z","last_seen":"2026-03-31T13:30:46.078244Z","times_seen":1500,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":37,"dns":1,"connect":1,"send":0,"wait":15,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026ae=g\u0026en=page_view\u0026dr=pay-heleket.click\u0026dl=https%3A%2F%2Fnew-pay.heleket.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1478726106.1774317342\u0026dt=Heleket%20Pay\u0026auid=1365506999.1774317342\u0026navt=n\u0026npa=1\u0026ep.ads_data_redaction=0\u0026gtm=45He63k1v9206022683za200zd9206022683xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=103116026~103200004~115616986~115938466~115938469~116024733~117484252~118104771\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tft=1774317342474\u0026tfd=778","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 20:01:53 GMT","end":"Mon, 25 May 2026 20:01:52 GMT"},"fingerprint":{"sha1":"5E:AF:F5:A2:0D:10:96:B8:BE:F7:81:B3:49:38:99:FB:0A:DD:B8:35","sha256":"D0:03:97:89:D3:93:09:AF:4F:E0:65:BF:37:01:3B:52:FB:83:4D:0D:B1:E6:01:AD:61:91:2D:A6:08:A8:D1:BF"}}},"request":{"raw":"POST /ccm/collect?frm=0\u0026ae=g\u0026en=page_view\u0026dr=pay-heleket.click\u0026dl=https%3A%2F%2Fnew-pay.heleket.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1478726106.1774317342\u0026dt=Heleket%20Pay\u0026auid=1365506999.1774317342\u0026navt=n\u0026npa=1\u0026ep.ads_data_redaction=0\u0026gtm=45He63k1v9206022683za200zd9206022683xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=103116026~103200004~115616986~115938466~115938469~116024733~117484252~118104771\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tft=1774317342474\u0026tfd=778 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nOrigin: https://new-pay.heleket.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\npragma: no-cache\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncontent-type: text/plain\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://new-pay.heleket.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T15:34:22.145557Z","times_seen":16243359,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":111,"dns":0,"connect":7,"send":0,"wait":25,"receive":0,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/fonts/Inter/Inter_SemiBold.woff2","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:41.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /fonts/Inter/Inter_SemiBold.woff2 HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:41 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 119508\r\nlast-modified: Wed, 18 Mar 2026 14:35:18 GMT\r\netag: \"69bab826-1d2d4\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":119508,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 119508, version 1.0","md5":"c37cb8fe20e436fd3246c24aa23da4d9","sha1":"7e971e2f77fde259d9b4895c04945d3083a2f477","sha256":"654d24db683a1732d18b708246b63541ad6794c367c6acd044a543b3c2e3f2cb","sha512":"ea3743490368c5385f36dbafff1b1c331782403a07f14fc50ef88e942d58e68575bf700e8edb35e5ff249dee5dc513f2ad900478858d2b033d6d3d51f8b7dbcd","ssdeep":"3072:/u0qI3Yplb3nHTukL11ReTgNk1Pkswg7UsTut1mU1zkrc5rARoTW:13g3X4qswg7Egra8oi","tlshash":"31c312955d06c85de075172268b587af0a6bdf308e7cb7e7aafc402d742b887c1891dc","first_seen":"2025-02-10T22:08:58.898266Z","last_seen":"2026-06-02T05:48:50.525736Z","times_seen":145,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ekr.zdassets.com/compose/20c31533-77df-44dd-86a7-98733f5382e3","fqdn":"ekr.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zdassets.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 17:00:34 GMT","end":"Tue, 19 May 2026 18:00:30 GMT"},"fingerprint":{"sha1":"14:9A:89:D7:CB:70:A3:11:58:FE:26:A0:14:7E:0E:40:5A:6E:0A:D3","sha256":"F7:5B:93:5D:37:70:AA:1F:CE:DB:DF:AF:12:84:79:9D:67:51:14:E9:D7:D9:AB:0C:32:4E:65:FD:74:64:C5:23"}}},"request":{"raw":"GET /compose/20c31533-77df-44dd-86a7-98733f5382e3 HTTP/1.1\r\nHost: ekr.zdassets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nOrigin: https://new-pay.heleket.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-expose-headers: \r\naccess-control-max-age: 7200\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncdn-cache-control: max-age=60\r\nvary: Accept,Origin, Accept-Encoding\r\ncache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600\r\netag: W/\"851f33f7ed3acfccb33f47c8087cfe32\"\r\nx-request-id: 9df4a0b19b8d6654-ORD\r\nx-runtime: 0.009684\r\nx-envoy-upstream-service-time: 12\r\nzendesk-service: embed-key-registry\r\nx-zendesk-zorg: yes\r\ncontent-encoding: br\r\nvia: zorg\r\nx-envoy-decorator-operation: /\r\nage: 56\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=EfyWYs%2BQZVb%2BxfPh0vSS3KzkoZw9u04xHHRaz2%2FAtwHWzS0qCU%2FTltzYBYOSsPvRFJXB4Ig6F2Ag%2BMlMEpoEzZN6yNYQzpGkSSfhsTaBk07Up3nB%2Bftt5C2aLlTetowJPbg%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=0\r\nserver: cloudflare\r\ncf-ray: 9e120e228940120a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1669,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"21d824a3b84a82b4f847b85a8361fb05","sha1":"0ce9feaf2085a9242d32e8998a2d24d6e7a62cef","sha256":"851f33f7ed3acfccb33f47c8087cfe328d83054e3d7e16368c87dc45ebc654bf","sha512":"c0070b02f7c91fea341d7c648693461818aa80dda020e2c6676133e50f861b937f3bb219852bb2ee00f8a472c5c4596a43059db37e69b4076da72f91de592043","ssdeep":"","tlshash":"a331306ede4e3079c512c322d538ba0367b58e7b1388745cf88c980c91db6ee1596f8b","first_seen":"2026-03-24T01:55:34.281785Z","last_seen":"2026-03-24T01:56:15.181617Z","times_seen":2,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":28,"dns":1,"connect":1,"send":0,"wait":18,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ekr.zdassets.com/compose/20c31533-77df-44dd-86a7-98733f5382e3","fqdn":"ekr.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.095Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zdassets.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 17:00:34 GMT","end":"Tue, 19 May 2026 18:00:30 GMT"},"fingerprint":{"sha1":"14:9A:89:D7:CB:70:A3:11:58:FE:26:A0:14:7E:0E:40:5A:6E:0A:D3","sha256":"F7:5B:93:5D:37:70:AA:1F:CE:DB:DF:AF:12:84:79:9D:67:51:14:E9:D7:D9:AB:0C:32:4E:65:FD:74:64:C5:23"}}},"request":{"raw":"GET /compose/20c31533-77df-44dd-86a7-98733f5382e3 HTTP/1.1\r\nHost: ekr.zdassets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nOrigin: https://new-pay.heleket.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-expose-headers: \r\naccess-control-max-age: 7200\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncdn-cache-control: max-age=60\r\nvary: Accept,Origin, Accept-Encoding\r\ncache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600\r\netag: W/\"851f33f7ed3acfccb33f47c8087cfe32\"\r\nx-request-id: 9df4a0b19b8d6654-ORD\r\nx-runtime: 0.009684\r\nx-envoy-upstream-service-time: 12\r\nzendesk-service: embed-key-registry\r\nx-zendesk-zorg: yes\r\ncontent-encoding: br\r\nvia: zorg\r\nx-envoy-decorator-operation: /\r\nage: 56\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=4XeQ8Ns5%2FEoHYApdEL35KEFh6Xn7nIsa33411a9dnJbtNj8KDdLSQlhd%2BY0shKqw5qiEcg8PIxNri9bQfWxi7Q0fBJXEwIh98RcwaNhw5QhJn0HAFD3hmgxB5Z4FMNtd7uI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=0\r\nserver: cloudflare\r\ncf-ray: 9e120e228946120a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1669,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"21d824a3b84a82b4f847b85a8361fb05","sha1":"0ce9feaf2085a9242d32e8998a2d24d6e7a62cef","sha256":"851f33f7ed3acfccb33f47c8087cfe328d83054e3d7e16368c87dc45ebc654bf","sha512":"c0070b02f7c91fea341d7c648693461818aa80dda020e2c6676133e50f861b937f3bb219852bb2ee00f8a472c5c4596a43059db37e69b4076da72f91de592043","ssdeep":"","tlshash":"a331306ede4e3079c512c322d538ba0367b58e7b1388745cf88c980c91db6ee1596f8b","first_seen":"2026-03-24T01:55:34.281785Z","last_seen":"2026-03-24T01:56:15.181617Z","times_seen":2,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":28,"dns":1,"connect":4,"send":0,"wait":17,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"backend.heleket.com/api/v4/fingerprint/sessions/ba34ef89-f99d-4d68-b06f-99bbad0888b4/check","fqdn":"backend.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"backend.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 03:02:23 GMT","end":"Fri, 08 May 2026 03:02:22 GMT"},"fingerprint":{"sha1":"A0:D4:9C:03:DC:3A:8C:6C:87:7A:8F:6F:26:A0:7F:B0:6E:A3:0E:C1","sha256":"51:CC:19:46:D9:57:B0:14:8E:9A:90:6A:56:5D:3D:9E:2E:EE:02:7A:E1:C7:66:E7:8F:F9:5F:54:52:5B:62:CD"}}},"request":{"raw":"OPTIONS /api/v4/fingerprint/sessions/ba34ef89-f99d-4d68-b06f-99bbad0888b4/check HTTP/1.1\r\nHost: backend.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,language\r\nReferer: https://new-pay.heleket.com/\r\nOrigin: https://new-pay.heleket.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type,language\r\naccess-control-max-age: 0\r\nx-request-id: 13955cb83074a47d8e4412eee91e8411, 2307efe263a7297dafba09c07fa18284\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T15:34:22.145557Z","times_seen":16243359,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17102470621\u0026cx=c\u0026gtm=4e63k1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.20.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:19:44 GMT","end":"Mon, 18 May 2026 18:19:43 GMT"},"fingerprint":{"sha1":"5D:21:36:26:B5:1D:67:14:0D:6A:68:D3:7C:EB:39:6E:A1:45:8C:29","sha256":"BC:A5:DD:5A:08:3A:33:49:76:BB:EB:18:9C:45:17:80:A1:3E:31:5F:BA:F9:93:28:C7:76:A0:97:FF:E9:3F:1C"}}},"request":{"raw":"GET /gtag/js?id=AW-17102470621\u0026cx=c\u0026gtm=4e63k1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\nexpires: Tue, 24 Mar 2026 01:55:42 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 24 Mar 2026 01:29:44 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 141623\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":417901,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5882)","md5":"1d9ea6f26810c651961e1cc8ce37c5ee","sha1":"df2d08b5c7833dca2694bb236b1d5f2d60548135","sha256":"d667a67f4343a2875840676680b0834d20e157a222e181b20d5173c62328510e","sha512":"2c720c7f196a89d61b09d981719dbc99565024544fbbcf525571dddaee2ca01a2d9c15e6cd1f07d4ec04bb95e04b2f2ebd13dcce13cb908df15c4d7cd6d88085","ssdeep":"6144:aG6hIF/+2RcwjKH4V8qC+kur5nwPPAwH8tEBBuA7V+O4Ux:Ua/R8H28Roa08","tlshash":"ea9407cdb3da70265392a478903f018be57a69a2f44ccc99f189ccd42e7469a4277f7c","first_seen":"2026-03-24T01:56:15.182248Z","last_seen":"2026-03-24T01:56:15.182248Z","times_seen":1,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"backend.heleket.com/api/v4/fingerprint/sessions/create","fqdn":"backend.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"backend.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 03:02:23 GMT","end":"Fri, 08 May 2026 03:02:22 GMT"},"fingerprint":{"sha1":"A0:D4:9C:03:DC:3A:8C:6C:87:7A:8F:6F:26:A0:7F:B0:6E:A3:0E:C1","sha256":"51:CC:19:46:D9:57:B0:14:8E:9A:90:6A:56:5D:3D:9E:2E:EE:02:7A:E1:C7:66:E7:8F:F9:5F:54:52:5B:62:CD"}}},"request":{"raw":"POST /api/v4/fingerprint/sessions/create HTTP/1.1\r\nHost: backend.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nLanguage: en-US\r\nContent-Length: 575\r\nOrigin: https://new-pay.heleket.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":575,"data":"{\"fingerprint\":{\"available_screen_resolution\":\"1280x1024\",\"color_depth\":24,\"device_memory\":null,\"hardware_concurrency\":48,\"os\":\"Windows 10\",\"platform\":\"Win32\",\"screen_resolution\":\"1280x1024\",\"touch_support\":false,\"video_card_render\":\"llvmpipe\",\"video_card_vendor\":\"Mesa\",\"canvas_hash\":\"949c557074a26ce5c643bd74e5472f0def88beef91d1e39d0d93752b2c73c6c7\",\"timezone_offset\":0,\"language\":\"en-US\",\"languages\":[\"en-US\",\"en\"]},\"session\":{\"user_agent\":null,\"browser_major_version\":134,\"browser_name\":\"Firefox 134.0\",\"referrer\":\"https://pay-heleket.click/\",\"timezone\":\"UTC\",\"ip\":null}}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\ncontent-type: application/json\r\ncontent-length: 72\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nx-request-id: 476a4aa0943de10a5225fd2bd6a90149, 078ce309688bc4ad1366df4670ff0ade\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9e6c5d1c766ae4869c142e1d713a934c","sha1":"3ebd05351f98f35ecdfb12bec4f7a2b5580e21a3","sha256":"3bba5ecc2073d5113caa82e935d1d8d05cd170c2914dcac30322e291ddcce8d8","sha512":"3a022d9a2b6537d1790abd4dcb60e2f1aaf8982b2ecb80026f70c319f3b40f12bbe6934fbc9593ce5f7ac11d2f55e73c00487a830a633473b00912230ff1c754","ssdeep":"","tlshash":"70a022b83c30c2ca0882c30e00000bb08883008a0b282cbc00e8c8280820c2b23eea32","first_seen":"2026-03-24T01:55:34.285498Z","last_seen":"2026-05-28T04:59:36.562036Z","times_seen":9,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pay-heleket.click/","fqdn":"pay-heleket.click","domain":"pay-heleket.click","tld":"click"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-24T01:55:41.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"pay-heleket.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 19:39:42 GMT","end":"Sun, 14 Jun 2026 19:39:41 GMT"},"fingerprint":{"sha1":"6B:8C:84:75:A3:CA:A4:19:BE:97:76:B7:3C:51:43:54:34:EA:7A:6E","sha256":"EC:90:49:06:B2:E4:28:45:DD:10:4C:1E:DC:A4:5E:46:38:D1:CB:E6:70:6A:B5:50:3A:35:A8:2B:60:53:B3:C6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pay-heleket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:41 GMT\r\ncontent-type: text/html\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gDcV3VUFoPyqNcmFroVGYfFgs1l0GpxGBwuakRmrk6w8cGzZotxEiDJX3Q2spWvaBtfzFLHQdcIIxR16AHlGC3sFpVxim8aBd%2BLepaRFfuXm\"}]}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e120e160f438deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81716,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (45294)","md5":"e6ff0a0cdec3d01a5eac2c43a5b37a43","sha1":"8a9e8bcd58fdf0f32f2e5e4a6567fcd86520a7d3","sha256":"4088f9372c53c072492db0c49e51604f84908d222fda3ad779bff8fcbe5019e3","sha512":"e93fdb58a6c232777ca01962dfd7119f3464337e319bb205356398eb96aea88b2a33164648268f3eb7a2f16bc0f7a7824ee42b9bd44b4adbec7b9e44b6b80d82","ssdeep":"1536:W2EtYhwtIw8mbY2EbJPEs77MSK2ST0/tYhwtIw8mV:W2z2EbJPEs7A6Sw5","tlshash":"bf837e9091002a736d038fe68ee9ab1de13b70fad597048dbedd425843c1fe94e76ac5","first_seen":"2026-03-24T01:55:34.263385Z","last_seen":"2026-03-24T01:56:15.194732Z","times_seen":2,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":136,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/favicon.ico","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nCookie: i18next=en-US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 3774\r\nlast-modified: Wed, 18 Mar 2026 14:35:18 GMT\r\netag: \"69bab826-ebe\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3774,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 28x32, 32 bits/pixel","md5":"60408ec4dff0c9bd0931fc4837a87491","sha1":"e4355818e9e03a2ae8d6fb2c4025e808bb30b091","sha256":"fd6af3ab4435c2dd7fe657debddd1345a70c76978f479a24ce9d5b05d89da7d8","sha512":"e64b8b2d3a8c86c047304694e4d2198cd9afb6439720d34b377e990e9adca2d0da7a32da5c77f1f5f5b97119e4ce80e149a7979b65b5dc6f583d69b7a3af4d8d","ssdeep":"","tlshash":"2671388b21066b2cc62b4536a62f5f42f045ebdd2ccd8f7d1c14cfa3424ba1a0a759b9","first_seen":"2025-06-23T12:34:12.370012Z","last_seen":"2026-06-04T23:20:57.221493Z","times_seen":35,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"backend.heleket.com/v1/fingerprint/geo","fqdn":"backend.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"backend.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 03:02:23 GMT","end":"Fri, 08 May 2026 03:02:22 GMT"},"fingerprint":{"sha1":"A0:D4:9C:03:DC:3A:8C:6C:87:7A:8F:6F:26:A0:7F:B0:6E:A3:0E:C1","sha256":"51:CC:19:46:D9:57:B0:14:8E:9A:90:6A:56:5D:3D:9E:2E:EE:02:7A:E1:C7:66:E7:8F:F9:5F:54:52:5B:62:CD"}}},"request":{"raw":"GET /v1/fingerprint/geo HTTP/1.1\r\nHost: backend.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nLanguage: en-US\r\nOrigin: https://new-pay.heleket.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding, Accept-Encoding\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\naccess-control-allow-origin: *\r\nx-request-id: 6a4ea30ad300688c05b18cbc0d6cb4da\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3a7331dc185c3ccfd0f132fdd4bab3f2","sha1":"fdc935059a1447745ca7e4c717c9f599074877aa","sha256":"f379dc658b05ebf2186997353179d64746d1ff77a8a5d32254e8ca7350eba026","sha512":"d35583a50865a336921874a29eb3362c905237022f56d748f16339858a1176dd5663e35bc18372ff6b118857315fc6e913f3fed29cc752dedae12e3f98325b67","ssdeep":"","tlshash":"19a0019abae88e685ea6de41582b625749af9259cbae0501cd892b60c60148d6208a98","first_seen":"2026-03-24T01:55:34.293295Z","last_seen":"2026-05-28T04:59:36.556021Z","times_seen":9,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026ae=g\u0026en=page_view\u0026dr=pay-heleket.click\u0026dl=https%3A%2F%2Fnew-pay.heleket.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1478726106.1774317342\u0026dt=Heleket%20Pay\u0026auid=1365506999.1774317342\u0026navt=n\u0026npa=1\u0026ep.ads_data_redaction=0\u0026gtm=45He63k1v9206022683za200zd9206022683xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=103116026~103200004~115616986~115938466~115938469~116024733~117484252~118104771\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tft=1774317342474\u0026tfd=778","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:19:44 GMT","end":"Mon, 18 May 2026 18:19:43 GMT"},"fingerprint":{"sha1":"F8:90:A0:F9:74:3F:20:44:F3:3A:FB:A7:89:DC:37:89:3C:83:4D:03","sha256":"BE:A4:BF:EB:A3:08:0B:22:38:7C:32:95:9D:25:3C:CB:F8:42:AD:54:32:60:4C:1D:43:C5:81:2C:4E:AF:DE:AE"}}},"request":{"raw":"GET /ccm/collect?frm=0\u0026ae=g\u0026en=page_view\u0026dr=pay-heleket.click\u0026dl=https%3A%2F%2Fnew-pay.heleket.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1478726106.1774317342\u0026dt=Heleket%20Pay\u0026auid=1365506999.1774317342\u0026navt=n\u0026npa=1\u0026ep.ads_data_redaction=0\u0026gtm=45He63k1v9206022683za200zd9206022683xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=103116026~103200004~115616986~115938466~115938469~116024733~117484252~118104771\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tft=1774317342474\u0026tfd=778 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncontent-type: text/plain\r\npragma: no-cache\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T15:34:22.145557Z","times_seen":16243359,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-9ad3e02.js","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zdassets.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 17:00:34 GMT","end":"Tue, 19 May 2026 18:00:30 GMT"},"fingerprint":{"sha1":"14:9A:89:D7:CB:70:A3:11:58:FE:26:A0:14:7E:0E:40:5A:6E:0A:D3","sha256":"F7:5B:93:5D:37:70:AA:1F:CE:DB:DF:AF:12:84:79:9D:67:51:14:E9:D7:D9:AB:0C:32:4E:65:FD:74:64:C5:23"}}},"request":{"raw":"GET /web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-9ad3e02.js HTTP/1.1\r\nHost: static.zdassets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nx-amz-id-2: jCgZJ23cqaKZV7pUC85ZajzHjt2OiPrEaoAizGBXVRw225focyxYLbsS7CSTAnGvjAbFRkkMVCfFdgqb3qBCCc1Y/gz23sDk\r\nx-amz-request-id: 9PGFS7XNETH2XWSC\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 19 Mar 2026 15:37:58 GMT\r\netag: W/\"387d6cb1295a2b76c77e1fb4c38ccd12\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 19 Mar 2027 15:37:57 GMT\r\nx-amz-version-id: bnjIuA09qZyE6tC4heURnkyeNc6T8VLm\r\ncf-cache-status: HIT\r\nage: 382501\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=L7xmtbNtRWxhpm3e44ux%2BbjCRTLsCpSe44Jdfx2tTucRWu1TvMX4auZoy%2BMoz5l41aCaILmio%2FrrBxRTH1tdgVdkt8HARVD5ZWRY5MplBbgAiOx6kqYsaaOIljpbzPUWxMlivhQ%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=0\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 0\r\nserver: cloudflare\r\ncf-ray: 9e120e251cef35a6-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31071,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31055), with no line terminators","md5":"387d6cb1295a2b76c77e1fb4c38ccd12","sha1":"bcf70d7493fc7ad060c963dde1910eb1f1b049b9","sha256":"f2a2bcf0bd56a731add1a18da2e8a2ae71d07ecaf3367e2559d7ed6100bc4b59","sha512":"ab0e90a8c94adc4b8b3c36d4fcf42f0994cdc883cf811f32cb6f4cd69a18d4765a87f6172275beecb8ce67c5330c0282983e8f455d8b253c18bde11c4722c07d","ssdeep":"768:JEVoMZVXq2LHAmhmksmQm9YMRtM8bHIZAZsy10TvYJI+rTC6ndno0K5u:JtAZsyMw7","tlshash":"06d24b3b449ca91e3f75a6817c45b24eb7ab9500bd8c4778f4869c0e93ecd1026fbb49","first_seen":"2026-03-18T19:00:49.085409Z","last_seen":"2026-03-26T17:34:52.73417Z","times_seen":184,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/react-toastify-BawdQ0yE.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/react-toastify-BawdQ0yE.js HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/assets/index-Cf0HqUWq.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-781d\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30749,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (15870)","md5":"f2b8b798a77e8ce709e3f0ea6c70d037","sha1":"1fb973ce6f0c4426aae9a1fae4462f4ce6f6fa2a","sha256":"d3a3076f0dc92ae4c9708772b0c1c4bbb6df5495d042334d373c870575229b91","sha512":"ebbbd7da5836b9a01920ff711bd80a5e399cb3d542047591c2593d0600bd7d69e76fdf7683b236018213ba3d705aae7aecf1e453a1c21760371a497c7047568e","ssdeep":"384:lGtOgrCTQzbeKylFsRXgiAeVSKbgD5s3aNFp51:ktOHQXB0s5nhbk63Y1","tlshash":"41d2d680b9606e392da77d6643deca0dd12b60c288ef095d7def444d22c17c90fb2b5a","first_seen":"2026-03-24T01:55:34.278618Z","last_seen":"2026-03-24T01:56:15.161646Z","times_seen":2,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-1KK6CSP6GX\u0026cx=c\u0026gtm=4e63k1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.20.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:19:44 GMT","end":"Mon, 18 May 2026 18:19:43 GMT"},"fingerprint":{"sha1":"5D:21:36:26:B5:1D:67:14:0D:6A:68:D3:7C:EB:39:6E:A1:45:8C:29","sha256":"BC:A5:DD:5A:08:3A:33:49:76:BB:EB:18:9C:45:17:80:A1:3E:31:5F:BA:F9:93:28:C7:76:A0:97:FF:E9:3F:1C"}}},"request":{"raw":"GET /gtag/js?id=G-1KK6CSP6GX\u0026cx=c\u0026gtm=4e63k1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\nexpires: Tue, 24 Mar 2026 01:55:42 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 174156\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":536468,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"8a225afeea0872278b0d45c5b3691ffe","sha1":"7c90efa37d7c9adb7c27ebc9469950c427909b6e","sha256":"0591ded908502e164cbb20ecde13f35499e7448f96f4c28ced0e209130274a2f","sha512":"2ed09148516489d0ef9c7f82b6c6a354593152bfeb4329ed251e7b1374f6c35bf7a15575e559ad3e6f6053e48ffe8c8c626e5efca63852842e61437b896623f7","ssdeep":"6144:PdaG6hIFyKh+23cwxKH4V8qC+kur5nwPPASF8tiBM4QuA7VsVvOVmJ:POayg3uH28p2H4GbM","tlshash":"eeb40aceb3d674225296f478903f01cba97b28a2b45cc8aaf1d9cce02d7454a4177f78","first_seen":"2026-03-24T01:55:34.292137Z","last_seen":"2026-03-24T01:56:15.196926Z","times_seen":2,"resource_available":true,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":83,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/button-BdGWBdDR.css","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/button-BdGWBdDR.css HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nCookie: i18next=en-US; _gcl_au=1.1.1365506999.1774317342\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-3a08\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14856,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14855)","md5":"5c361308746a808722e702e729e2a27d","sha1":"fda11723f8a2d83b1e2c89299cb4b6f98895b19a","sha256":"12fa35f4b4af5075c716a7d7d389317ce4aa72f62e0d93f65139b9c18abf2e61","sha512":"ff12e334272b13f23b8d568ea95eacbf4b5f9f1a059ca72485e68e0ede6d6f81faa8abf30e8eeb9aa7960c2ddba058d700dfe13abe24dd65a80e5fe21782a311","ssdeep":"384:ecc7zctcuc1cQcYcVcTcVckc7c5cqcIucQicA4ckclAck5I:ZcHctcuc1cQcYcVcTcVckc7c5cqcpcpt","tlshash":"4c628a94b330b134bc774827ea45191ab315e9da1e72ca7ac9589bdc82cf25f2d077c8","first_seen":"2026-03-24T01:55:34.297069Z","last_seen":"2026-05-28T04:59:36.576403Z","times_seen":9,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/button-DBFtGnxa.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/button-DBFtGnxa.js HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/assets/not-found-CxENDkzJ.js\r\nCookie: i18next=en-US; _gcl_au=1.1.1365506999.1774317342\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-1901\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6401,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (6400)","md5":"b9c4aeb1bb691789bd01ed7045e20995","sha1":"75310d54e173a5483326d119e28e2608e68d2c00","sha256":"75e3620cda0ebb5079c35e589ed07453e84f5e74352464d547cabfd92c456420","sha512":"dcbf194b867701844b38ee5978739bf4f572280d165d9793d2aaeeca2cffc4bc2de9272687900a58066d3f91a44d653d6fd1a38dcf5bc718dd962a7c34648b54","ssdeep":"192:mkXcIRcmTjIc+ucHjmburcVH0cMrBHvpfDPbm6MvD:mEcscVc5cDdrcicKBHvpfDPZMr","tlshash":"88d13088ef1c6138beb3401ba2763446f26a25bf5c75d8b8d41c4ebd528b1863a176d3","first_seen":"2026-03-24T01:55:34.25938Z","last_seen":"2026-03-24T01:56:15.163293Z","times_seen":2,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pay-heleket.click/assets/css/index-CWC_Z3vg.css?v=1739450300","fqdn":"pay-heleket.click","domain":"pay-heleket.click","tld":"click"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pay-heleket.click/","date":"2026-03-24T01:55:41.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pay-heleket.click","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 19:39:42 GMT","end":"Sun, 14 Jun 2026 19:39:41 GMT"},"fingerprint":{"sha1":"6B:8C:84:75:A3:CA:A4:19:BE:97:76:B7:3C:51:43:54:34:EA:7A:6E","sha256":"EC:90:49:06:B2:E4:28:45:DD:10:4C:1E:DC:A4:5E:46:38:D1:CB:E6:70:6A:B5:50:3A:35:A8:2B:60:53:B3:C6"}}},"request":{"raw":"GET /assets/css/index-CWC_Z3vg.css?v=1739450300 HTTP/1.1\r\nHost: pay-heleket.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pay-heleket.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:41 GMT\r\ncontent-type: text/css\r\nage: 40\r\nlast-modified: Tue, 24 Mar 2026 01:55:00 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dmOGnl5axKFyN839x%2FPT1%2BHXxwC9iEhvzEpgeG1GULiL50hS0G3F8U2%2FTV1QoS8URpI%2BZWw00vv9kPYTGfkC4Wb%2B8NPpgZMzlTf%2Bkn%2BXz5y1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9e120e1828d9723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12012,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12011)","md5":"c6c2ea70caeac9383a47c10e3e749023","sha1":"5fa5e5200e203850cd7f1f6e6a5bc909cbfe6762","sha256":"3aeb30526fdfa2c6619ac410fb0fd1bbab7f724f58771f9a423ee6198e44923f","sha512":"9c9bcc5eea9429ae672dc39c670e384c74920524a5684081e7870e32e830bdeba2bc491c1e92db5eb60ea5c7a0d5f37218188a2cc223a1b7505254a6ac8f7877","ssdeep":"192:J2SeVZebTrSqmtJzyJEvn2ULtlxRB0UPSJCm9IwlYrJfynaHrC/F1oH:wSeDSrJmvf1LnPSJCm9IwlYrJqngqO","tlshash":"a4422a2503177228b8328ca36dc53ab22519915dea1d27f1e02d855cfadf3e707f0b89","first_seen":"2026-03-24T01:56:15.198453Z","last_seen":"2026-05-03T03:16:08.380058Z","times_seen":3,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/index-CWC_Z3vg.css","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:41.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/index-CWC_Z3vg.css HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:41 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-2efe\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12030,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12029)","md5":"3f7cf10f0e654183d904f54f70be0ed2","sha1":"bf66759495ad0042a0fb23a84374940e6b20a07f","sha256":"9259262e7053f77100dbb032a03a79bd4fb5e651decd0f24f50d432a792f31af","sha512":"a2ebd2ea02bd78d28e6793498dca446903a7c82b4b125a954173bee97cf81627e0cb9169e90d982b3f10beebcbe584583e3bb1457a4240a137d377a45b0503d3","ssdeep":"192:J2SeVZebTrSqmtJzyJEvn2ULtlxRB0UMn2tmyYDCbrcfynaHrC/F1oH:wSeDSrJmvf1LnMn2tmyYDCbrcqngqO","tlshash":"fb421a1507277228b8329ca36dc53ab22919919dea1d17f0d02d859cfadf3d707f0b89","first_seen":"2026-03-24T01:55:34.294495Z","last_seen":"2026-05-28T04:59:36.543532Z","times_seen":9,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/motion-Cu1gYSCb.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/motion-Cu1gYSCb.js HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-22b76\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":142198,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (42455)","md5":"33ee5745b97fcf354f63765aa9f57291","sha1":"de342179eea7f6d03b646006f47fa00bcdc68400","sha256":"62e909e666fec89dad8604fc61c37052945d57b07b0404b8384f02b2ab7c1141","sha512":"88fe4678db9bc21dcc64fd16ca8e5580fb09b0e5240e45769e6812c719ae3de017345eaf57dc73b458e76fd75c76ab6741db5a0596d439c61d63102ca6d72071","ssdeep":"3072:77gYamnA4PCOH3oOnj9ThnMTMoVARX/pLSU5EDEC7ngkPGu9vHK:4Yab4xXf91MMoORMK","tlshash":"63d328d8b291752283d784e580af0741b73a2c843009c4bcba7deddb7d6150a66bbb7d","first_seen":"2026-03-24T01:55:34.273513Z","last_seen":"2026-03-24T01:56:15.200662Z","times_seen":2,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/not-found-CxENDkzJ.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/not-found-CxENDkzJ.js HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/assets/index-Cf0HqUWq.js\r\nCookie: i18next=en-US; _gcl_au=1.1.1365506999.1774317342\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-11be\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4542,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4541)","md5":"78c980acb8b244088d41eee10fa375dd","sha1":"48b0107b3fb95614dc450b396da3e9c449f1de68","sha256":"04f301ec75a3cb5845f8b4a1acc343d5c16db9d77ca36884f90e73c7fe5e3478","sha512":"17cf6df032b436b5362a2fdf1ea4614179e1466c5a840cd58f572b197d615824ea4318c121f905d2fcc4ce0f306f8e45ea4b1abfe0bfad8afd8fea66ddf90657","ssdeep":"96:jlSvxDr7C+Bkm6xs8nU8hUuD9qWOIwzbtlXhF7GCn20ny42nJ4:jl8f7C+BktxnnUhgqWmbtBL7Gi20nWn6","tlshash":"fa9185c2967dd3fc78096bec66b284153c2f1def5641e81582d91cb1e61118c2deac8b","first_seen":"2026-03-24T01:55:34.280388Z","last_seen":"2026-03-24T01:56:15.201519Z","times_seen":2,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/logo192.png","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.428Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /logo192.png HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nCookie: i18next=en-US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-8ab\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2219,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"bb796a627635d65b0250754a4e8adfbb","sha1":"a5d2b00cea36d5b7cf077a4b282a77ee2bcf06aa","sha256":"02d9ad08b9f2a11d0c5edfa71595c0308de9705c0effd0e6fe1fd2fe117b639f","sha512":"f5245ec12882be8a704f7e9bc36e588121f6e2b52a1c84c22073c99ed1fb7a436a90ef9a4866cd15477dd2a6498813e1ecc20f759e8a9555999b83c5eaff6b77","ssdeep":"","tlshash":"3b41ed023de5c94556305227baf1e4289c83724f9648dca4b4ee507e1fc6bd24e53bba","first_seen":"2026-03-24T01:55:34.256285Z","last_seen":"2026-03-24T01:56:15.170006Z","times_seen":2,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026en=page_view\u0026dr=pay-heleket.click\u0026dl=https%3A%2F%2Fnew-pay.heleket.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1478726106.1774317342\u0026dt=Heleket%20Pay\u0026auid=1365506999.1774317342\u0026navt=n\u0026npa=1\u0026gtm=45be63k1v9223905714z89206022683za20gzb9206022683zd9206022683xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=103116026~103200004~115938466~115938468~116024733~117484252~117884344\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17102470621\u0026tid=AW-17102470621\u0026tft=1774317342926\u0026tfd=1231","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:19:44 GMT","end":"Mon, 18 May 2026 18:19:43 GMT"},"fingerprint":{"sha1":"F8:90:A0:F9:74:3F:20:44:F3:3A:FB:A7:89:DC:37:89:3C:83:4D:03","sha256":"BE:A4:BF:EB:A3:08:0B:22:38:7C:32:95:9D:25:3C:CB:F8:42:AD:54:32:60:4C:1D:43:C5:81:2C:4E:AF:DE:AE"}}},"request":{"raw":"POST /ccm/collect?frm=0\u0026en=page_view\u0026dr=pay-heleket.click\u0026dl=https%3A%2F%2Fnew-pay.heleket.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1478726106.1774317342\u0026dt=Heleket%20Pay\u0026auid=1365506999.1774317342\u0026navt=n\u0026npa=1\u0026gtm=45be63k1v9223905714z89206022683za20gzb9206022683zd9206022683xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=103116026~103200004~115938466~115938468~116024733~117484252~117884344\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17102470621\u0026tid=AW-17102470621\u0026tft=1774317342926\u0026tfd=1231 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nOrigin: https://new-pay.heleket.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://new-pay.heleket.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T15:34:22.145557Z","times_seen":16243359,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"backend.heleket.com/api/v4/fingerprint/sessions/create","fqdn":"backend.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"backend.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 03:02:23 GMT","end":"Fri, 08 May 2026 03:02:22 GMT"},"fingerprint":{"sha1":"A0:D4:9C:03:DC:3A:8C:6C:87:7A:8F:6F:26:A0:7F:B0:6E:A3:0E:C1","sha256":"51:CC:19:46:D9:57:B0:14:8E:9A:90:6A:56:5D:3D:9E:2E:EE:02:7A:E1:C7:66:E7:8F:F9:5F:54:52:5B:62:CD"}}},"request":{"raw":"OPTIONS /api/v4/fingerprint/sessions/create HTTP/1.1\r\nHost: backend.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,language\r\nReferer: https://new-pay.heleket.com/\r\nOrigin: https://new-pay.heleket.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: *\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type,language\r\naccess-control-max-age: 0\r\nx-request-id: 9da2fa0166fcc1e0046730a02166dc97, d9c36ff89d7b33dfb3d4cfa4f5003fa8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T15:34:22.145557Z","times_seen":16243359,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/fonts/Inter/Inter_Bold.woff2","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /fonts/Inter/Inter_Bold.woff2 HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/assets/index-CWC_Z3vg.css\r\nCookie: i18next=en-US; _gcl_au=1.1.1365506999.1774317342\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 119580\r\nlast-modified: Wed, 18 Mar 2026 14:35:18 GMT\r\netag: \"69bab826-1d31c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":119580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 119580, version 1.0","md5":"3d4aed7e6ba6544e250d8d1c3037b240","sha1":"166b3e49324e99fa1d3ed7c944d891014f03df3f","sha256":"c3f2a8652643cc1db9debdcc2c93debc53bf3d0ad2cffb3a9330264888a61d8a","sha512":"c54cb9d0c7a8850665cd005124f48aa1fbe3990e0d947f1e188b0cc70fe9a00f943b92975591256294e02dd23c5c6ce1f9df2e3d9b6ac8ede072bd57816aad04","ssdeep":"3072:6FShHH2r5SdUiTu8zBe7y9LRM7uGB01iHhWHcz06bTxM+pLK:ZWr4dUiTuGe7MGB4iWcIAlVpu","tlshash":"6bc30282427178e1ce330068146f5878b441e534f2b3ee53aadb9a594d8b5ef80ec6b7","first_seen":"2025-02-03T15:00:19.378158Z","last_seen":"2026-06-08T09:08:24.497451Z","times_seen":121,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/not-found-CxENDkzJ.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/not-found-CxENDkzJ.js HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://new-pay.heleket.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-11be\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4542,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4541)","md5":"78c980acb8b244088d41eee10fa375dd","sha1":"48b0107b3fb95614dc450b396da3e9c449f1de68","sha256":"04f301ec75a3cb5845f8b4a1acc343d5c16db9d77ca36884f90e73c7fe5e3478","sha512":"17cf6df032b436b5362a2fdf1ea4614179e1466c5a840cd58f572b197d615824ea4318c121f905d2fcc4ce0f306f8e45ea4b1abfe0bfad8afd8fea66ddf90657","ssdeep":"96:jlSvxDr7C+Bkm6xs8nU8hUuD9qWOIwzbtlXhF7GCn20ny42nJ4:jl8f7C+BktxnnUhgqWmbtBL7Gi20nWn6","tlshash":"fa9185c2967dd3fc78096bec66b284153c2f1def5641e81582d91cb1e61118c2deac8b","first_seen":"2026-03-24T01:55:34.280388Z","last_seen":"2026-03-24T01:56:15.201519Z","times_seen":2,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WZ85S256","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.20.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:41.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:19:44 GMT","end":"Mon, 18 May 2026 18:19:43 GMT"},"fingerprint":{"sha1":"5D:21:36:26:B5:1D:67:14:0D:6A:68:D3:7C:EB:39:6E:A1:45:8C:29","sha256":"BC:A5:DD:5A:08:3A:33:49:76:BB:EB:18:9C:45:17:80:A1:3E:31:5F:BA:F9:93:28:C7:76:A0:97:FF:E9:3F:1C"}}},"request":{"raw":"GET /gtm.js?id=GTM-WZ85S256 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\nexpires: Tue, 24 Mar 2026 01:55:42 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 24 Mar 2026 00:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 142979\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":420552,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7119)","md5":"0f39e89daa162f293a690467e252c818","sha1":"fb0da6ed0df92df5a3942896ee0c06f2adea8531","sha256":"131004b73c85b2d9277e1ea94eb05e6b2b2c5ab17bc5ab058bca8c006e6bb05a","sha512":"58665cc604fbbfa011654ec3681dbee4563b9a043b2bb7ba4250324c89d012c5ad92ab8061ce9219f752eee7943c0c89e0a259bef9dd57ea1e1af2160cabb3c7","ssdeep":"6144:GG6hIFF+2RcwjKH4V8qC+kur5nwPPAygtbBPuA7V+22:oaFR8H28LUTk","tlshash":"ba9407cdb3da70665392b478903f018be17a69a2f44cc899f086d8d43e7469a4277f7c","first_seen":"2026-03-24T01:56:15.203237Z","last_seen":"2026-03-24T01:56:15.203237Z","times_seen":1,"resource_available":true,"data":null}},"time_used":392,"timings":{"blocked":136,"dns":8,"connect":21,"send":0,"wait":51,"receive":61,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/motion-Cu1gYSCb.js","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/motion-Cu1gYSCb.js HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/assets/index-Cf0HqUWq.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-22b76\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":142198,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (42455)","md5":"33ee5745b97fcf354f63765aa9f57291","sha1":"de342179eea7f6d03b646006f47fa00bcdc68400","sha256":"62e909e666fec89dad8604fc61c37052945d57b07b0404b8384f02b2ab7c1141","sha512":"88fe4678db9bc21dcc64fd16ca8e5580fb09b0e5240e45769e6812c719ae3de017345eaf57dc73b458e76fd75c76ab6741db5a0596d439c61d63102ca6d72071","ssdeep":"3072:77gYamnA4PCOH3oOnj9ThnMTMoVARX/pLSU5EDEC7ngkPGu9vHK:4Yab4xXf91MMoORMK","tlshash":"63d328d8b291752283d784e580af0741b73a2c843009c4bcba7deddb7d6150a66bbb7d","first_seen":"2026-03-24T01:55:34.273513Z","last_seen":"2026-03-24T01:56:15.200662Z","times_seen":2,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"new-pay.heleket.com/assets/not-found-BCdP_OOH.css","fqdn":"new-pay.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:42.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"new-pay.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Mar 2026 03:08:11 GMT","end":"Tue, 02 Jun 2026 03:08:10 GMT"},"fingerprint":{"sha1":"03:19:AB:11:EB:90:E9:30:D5:F2:1F:B3:32:37:CE:BC:E8:F8:9F:95","sha256":"69:37:77:61:4C:20:D3:21:E5:61:48:26:5D:80:12:76:BD:C2:AC:A7:58:F2:38:3A:A0:13:15:0F:18:8E:50:96"}}},"request":{"raw":"GET /assets/not-found-BCdP_OOH.css HTTP/1.1\r\nHost: new-pay.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nCookie: i18next=en-US; _gcl_au=1.1.1365506999.1774317342\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:42 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 18 Mar 2026 14:35:21 GMT\r\netag: W/\"69bab829-1cb\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":459,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (458)","md5":"16134ee03c585409d4acf5abd6d66196","sha1":"0d31668458af632c02b37f73a6eb0f81be7830f7","sha256":"19676319779b9883c602b00bf587df4afdc29b6f34662348e95b34c3e79b9e3b","sha512":"899d474facd4a48bdb9a4eca068f428353f57b458c53cbe20b48a3824a4e204e784f983b9d60f318e78bdde1ce55f198c7d721a44d9686bd73eeeab12cd2e225","ssdeep":"","tlshash":"2ef0dc16ca0262bcf62fe01c49908985f00bc84bc90b769ddf42b32ac6c52c697b018c","first_seen":"2026-03-24T01:55:34.298228Z","last_seen":"2026-05-09T03:36:52.039466Z","times_seen":8,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.zdassets.com/web_widget/messenger/latest/web-widget-main-9ad3e02.js","fqdn":"static.zdassets.com","domain":"zdassets.com","tld":"com"},"ip":{"addr":"216.198.53.3","port":443,"asn":209242,"as":"Cloudflare London, LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zdassets.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 18 Feb 2026 17:00:34 GMT","end":"Tue, 19 May 2026 18:00:30 GMT"},"fingerprint":{"sha1":"14:9A:89:D7:CB:70:A3:11:58:FE:26:A0:14:7E:0E:40:5A:6E:0A:D3","sha256":"F7:5B:93:5D:37:70:AA:1F:CE:DB:DF:AF:12:84:79:9D:67:51:14:E9:D7:D9:AB:0C:32:4E:65:FD:74:64:C5:23"}}},"request":{"raw":"GET /web_widget/messenger/latest/web-widget-main-9ad3e02.js HTTP/1.1\r\nHost: static.zdassets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nx-amz-id-2: e3MumUu7RVFtgG/gECHuQfm/DNZPcVxfrtSAPHX7GmVI1b2WYDEgC3jBpLh37g+0CoN92UPQuXIhRQuD7/DAZRRQcaXQcxDn\r\nx-amz-request-id: D7Z7NZJ01123QPBC\r\nx-amz-replication-status: COMPLETED\r\nlast-modified: Thu, 19 Mar 2026 15:37:56 GMT\r\netag: W/\"723b58a79a5a83b39a6a77f5fec6d323\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 19 Mar 2027 15:37:55 GMT\r\nx-amz-version-id: AVT0eVg8lUMBzaXafV6_BXTDWheLxrHk\r\ncf-cache-status: HIT\r\nage: 382501\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=2XiD3x1w0HfVv%2Bl%2BY%2FVYMEKzEF8qFXI02rZA7Ls9BaJwtBXROb36R4uk8PR%2BTO0JCV0bCwN6RPSyv3Bupi%2FtM5KkLDIcsblHtlojlhVNQ7iMH%2BbVM%2F2799Itbprts6l5KsM8Xk4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=0\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 0\r\nserver: cloudflare\r\ncf-ray: 9e120e236ab935a6-OSL\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":759669,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65307)","md5":"723b58a79a5a83b39a6a77f5fec6d323","sha1":"0b0e951912df85fbce67cb0630a1d912218980b8","sha256":"d4e9c3da457060854d26f4d5910448fd7247787fc765804d2b39719305baa036","sha512":"85cf6c327848c83f881502fb5315c468e06516b63e7c7dcfed9595a7fc2a458c0037df0f6d54a70e49c2c5aab1da2ccef36eaf0e749426b6a87c600806da8cfb","ssdeep":"12288:vF8HglD4qJ1Z55kMYDIODrKsP9Mva6CzFC2pAzRfHHgLWU:vFBlD401Z55kMYDIOasPEa6CzFC2ahgV","tlshash":"2ff44ac970d2b02647f755a6507f1007f33a2a19780d8450f268ecda7eb988da2b7f6d","first_seen":"2026-03-19T19:31:41.560188Z","last_seen":"2026-03-24T14:33:06.200676Z","times_seen":80,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"backend.heleket.com/api/v4/fingerprint/sessions/ba34ef89-f99d-4d68-b06f-99bbad0888b4/check","fqdn":"backend.heleket.com","domain":"heleket.com","tld":"com"},"ip":{"addr":"31.133.222.28","port":443,"asn":50245,"as":"Serverel Inc.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://new-pay.heleket.com/","date":"2026-03-24T01:55:43.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"backend.heleket.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Feb 2026 03:02:23 GMT","end":"Fri, 08 May 2026 03:02:22 GMT"},"fingerprint":{"sha1":"A0:D4:9C:03:DC:3A:8C:6C:87:7A:8F:6F:26:A0:7F:B0:6E:A3:0E:C1","sha256":"51:CC:19:46:D9:57:B0:14:8E:9A:90:6A:56:5D:3D:9E:2E:EE:02:7A:E1:C7:66:E7:8F:F9:5F:54:52:5B:62:CD"}}},"request":{"raw":"POST /api/v4/fingerprint/sessions/ba34ef89-f99d-4d68-b06f-99bbad0888b4/check HTTP/1.1\r\nHost: backend.heleket.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nLanguage: en-US\r\nContent-Length: 575\r\nOrigin: https://new-pay.heleket.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://new-pay.heleket.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":575,"data":"{\"fingerprint\":{\"available_screen_resolution\":\"1280x1024\",\"color_depth\":24,\"device_memory\":null,\"hardware_concurrency\":48,\"os\":\"Windows 10\",\"platform\":\"Win32\",\"screen_resolution\":\"1280x1024\",\"touch_support\":false,\"video_card_render\":\"llvmpipe\",\"video_card_vendor\":\"Mesa\",\"canvas_hash\":\"949c557074a26ce5c643bd74e5472f0def88beef91d1e39d0d93752b2c73c6c7\",\"timezone_offset\":0,\"language\":\"en-US\",\"languages\":[\"en-US\",\"en\"]},\"session\":{\"user_agent\":null,\"browser_major_version\":134,\"browser_name\":\"Firefox 134.0\",\"referrer\":\"https://pay-heleket.click/\",\"timezone\":\"UTC\",\"ip\":null}}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 24 Mar 2026 01:55:43 GMT\r\ncontent-type: application/json\r\ncontent-length: 41\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\naccess-control-allow-origin: *\r\ncontent-encoding: br\r\nx-request-id: 59cca5cbf49cfdf7c5b82825fd818216, 60529ccbce6469cfc9b8a9cc9a814d91\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"dec0ca102bef6c4c57c1f2d782f3b76a","sha1":"a4043ba002d00070edfba36e41eb55f41979e73e","sha256":"ba4e3d53d6765570dde9f11d570db1983e974a1114b00ee90830e82162fd949a","sha512":"07adfb4c64a3b020794b9a8e23bb6390458cf7f4f8ef946da984e33d9fdeed3f4faa66347b6eafafe399260d85baa31f88426b8037eb6aba877e46bf72ee2bcc","ssdeep":"","tlshash":"348004c314100057c4c0770c517c3f7151411157c50c014c40cc1414cd304047d4f505","first_seen":"2026-03-24T01:55:34.283068Z","last_seen":"2026-05-28T04:59:36.572231Z","times_seen":9,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}