{"report_id":"6272efca-1c8a-449d-8069-2a367d0ce32d","version":6,"status":"done","tags":[],"date":"2026-05-28T12:32:57Z","url":{"schema":"http","addr":"tr.galabet-guvenilirgirisim.icu","fqdn":"tr.galabet-guvenilirgirisim.icu","domain":"galabet-guvenilirgirisim.icu","tld":"icu"},"ip":{"addr":"104.21.20.214","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"tr.galabet-guvenilirgirisim.icu/","fqdn":"tr.galabet-guvenilirgirisim.icu","domain":"galabet-guvenilirgirisim.icu","tld":"icu"},"title":"Galabet Giriş | Galabet Güncel Adres | Galabet 2026","dom":{"size":18562,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1150)","md5":"b51b1fe8fb34553217261220a2ed83df","sha1":"b4c65f6c170e87ea18ed0f4b185da469dd9f3ac7","sha256":"4592203a1f131216350ea666ba1e7dc222978e61989b4f01a5309163f1fd6ce3","sha512":"6ef2541b53a653e923555cf3e4f854df940a0b25c7984afd2cece5b27d587b632247af8bb2847056125cc7c51cd675417e4fed8c6ae52df94c909a2740e791a1","ssdeep":"384:ihQoH1caLSB/c6FB7SZTJREkgZonAbIUJuRt2:3aJYkg5u2","tlshash":"7482b69b1aa2201ebb47b28eb3eb37096b55e103c915cd74be4d4a5c9fc06e1c99330c","dom_hash":"domhashc3c2ad723905c0e6ca1faa1bae60ae2b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tr.galabet-guvenilirgirisim.icu","fqdn":"tr.galabet-guvenilirgirisim.icu","domain":"galabet-guvenilirgirisim.icu","tld":"icu"},"ip":{"addr":"104.21.20.214","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-02T12:32:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":3}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-28T12:32:36Z","timestamp":1779971556,"ip_dst":{"addr":"104.21.20.214","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50910,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-05-28T12:32:36.351915+0000\",\"flow_id\":2023555418305872,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.22\",\"src_port\":50910,\"dest_ip\":\"104.21.20.214\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"tr.galabet-guvenilirgirisim.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":933,\"bytes_toclient\":1654,\"start\":\"2026-05-28T12:32:36.341328+0000\"}}"}],"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-24T22:18:17.447529Z","alert_count":0,"request_count":10,"received_data":197843,"sent_data":5878,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tr.galabet-guvenilirgirisim.icu","ip":{"addr":"104.21.20.214","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-28","domain_rank":0,"first_seen":"2026-05-28T12:32:57.847502Z","last_seen":"2026-05-28T12:32:57.847502Z","alert_count":9,"request_count":3,"received_data":21507,"sent_data":1444,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"64.233.162.95","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-24T22:21:07.624228Z","alert_count":0,"request_count":1,"received_data":7408,"sent_data":513,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oswald/v57/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/oswald/v57/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet-guvenilirgirisim.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 19104\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 27 May 2026 14:45:32 GMT\r\nexpires: Thu, 27 May 2027 14:45:32 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:49:06 GMT\r\ncontent-type: font/woff2\r\nage: 78425\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19104,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19104, version 1.0","md5":"4276e5fb1957782e7d33184615498ef6","sha1":"cf8028a7a9f18f603c0c88dd68f2e7808f2cd0d5","sha256":"99016932b273efa7d55b3a0ae9fe4babc6dbdcd7539f58a742697054f89b1142","sha512":"3af0ed664e1c987e1a38e94a495aa8973b3d6e6e5e1f9111574ac434b0ca4559ee1b04205cd7f581a329f3d2e78d4cf6f0b9f6e304ea10b64229ba75cf742e77","ssdeep":"384:EAfnkm7VI6sRhX5ZkzfqZT17M0mUTruWW0s8krjkEQMnxIaZE/V:EAcmx9sRnKzE1g0mUT6WWXZjkaxIaZo","tlshash":"c282d0146d312851efcb5fb90b7b0746b605ba69c3326478b3ed098c7594feb4b06d02","first_seen":"2025-09-16T06:39:47.163224Z","last_seen":"2026-06-13T01:24:30.288206Z","times_seen":510,"resource_available":false,"data":null}},"time_used":309,"timings":{"blocked":142,"dns":0,"connect":27,"send":0,"wait":16,"receive":2,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUjm6bmMurHFyTiQB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUjm6bmMurHFyTiQB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet-guvenilirgirisim.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11860\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 28 May 2026 12:32:37 GMT\r\nexpires: Fri, 28 May 2027 12:32:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:43:48 GMT\r\ncontent-type: font/woff2\r\nage: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11860,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11860, version 1.0","md5":"b1735847a905f105c716377e5dd33d77","sha1":"a14e16fd918a6217c53848f0140f605c20c45d57","sha256":"5ef27223af807fcc529d77f2a5263b9513f351c9de7129d3c11860e916b1d690","sha512":"c8690b450ec99b2723d730faac629e61d611609a90729ff298d6dfb2bdacc11ee59887f3f281ebec895c250b6a3e14e14d1dcbfef323da795068b264d8e98c85","ssdeep":"192:vpi46ThQeqAZV1zaKZfftkpB/fx5KRGLSlyhcwU4/Y5hd3ns9F:xiBueqAZV1zastOB/21N75htWF","tlshash":"1032bf75cd52be43f5752034d93a41e508cf93a6a948be5b3242bbfa6984060bd9484e","first_seen":"2025-09-12T10:41:08.3187Z","last_seen":"2026-06-13T01:33:09.850708Z","times_seen":181,"resource_available":false,"data":null}},"time_used":526,"timings":{"blocked":253,"dns":0,"connect":31,"send":0,"wait":15,"receive":1,"ssl":223},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUjm6bmMurHFyTiQB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUjm6bmMurHFyTiQB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet-guvenilirgirisim.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11860\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 28 May 2026 12:32:37 GMT\r\nexpires: Fri, 28 May 2027 12:32:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:43:48 GMT\r\ncontent-type: font/woff2\r\nage: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11860,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11860, version 1.0","md5":"b1735847a905f105c716377e5dd33d77","sha1":"a14e16fd918a6217c53848f0140f605c20c45d57","sha256":"5ef27223af807fcc529d77f2a5263b9513f351c9de7129d3c11860e916b1d690","sha512":"c8690b450ec99b2723d730faac629e61d611609a90729ff298d6dfb2bdacc11ee59887f3f281ebec895c250b6a3e14e14d1dcbfef323da795068b264d8e98c85","ssdeep":"192:vpi46ThQeqAZV1zaKZfftkpB/fx5KRGLSlyhcwU4/Y5hd3ns9F:xiBueqAZV1zastOB/21N75htWF","tlshash":"1032bf75cd52be43f5752034d93a41e508cf93a6a948be5b3242bbfa6984060bd9484e","first_seen":"2025-09-12T10:41:08.3187Z","last_seen":"2026-06-13T01:33:09.850708Z","times_seen":181,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":72,"dns":0,"connect":28,"send":0,"wait":43,"receive":2,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMurHFyTg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMurHFyTg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet-guvenilirgirisim.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24264\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 28 May 2026 11:04:56 GMT\r\nexpires: Fri, 28 May 2027 11:04:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:45:23 GMT\r\ncontent-type: font/woff2\r\nage: 5261\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24264,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24264, version 1.0","md5":"c857c350f9a78d0f1684649bec4d817e","sha1":"033e97ccd98283307ccbe7a2ea0207464316e5a8","sha256":"0dfbc398ae98c27c21c97f96e0ae26ad704102bd81bf56c2e2995c14a26a1c61","sha512":"a6929609a6a00ef26a901097329c59d4c09e34f12662ec79d84345d8196a16baafa4e9170eec6ef7e8f148653eac45422afb8f21bfca18c6075cb7786d82bae9","ssdeep":"384:WnlKaSpe+DgBwukIm0gcCuYPLzNvqQ42b/D56wUb48CpqwjkjDJiZ8jCXF/GammO:WnlKaj+DMUImJld4A0wUb48t4XFpBaDZ","tlshash":"6eb2e1c8c46eede0105b847011ca4f48008911c5f4f4e350feae5caa9c9b40ed9b75dc","first_seen":"2025-09-11T17:11:13.787379Z","last_seen":"2026-06-13T07:47:25.932225Z","times_seen":3872,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":52,"dns":0,"connect":0,"send":0,"wait":36,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oswald/v57/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/oswald/v57/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet-guvenilirgirisim.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21472\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 22 May 2026 13:55:30 GMT\r\nexpires: Sat, 22 May 2027 13:55:30 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:45:39 GMT\r\ncontent-type: font/woff2\r\nage: 513427\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21472,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21472, version 1.0","md5":"5f49329007f1e2c86462fd68a5f3affe","sha1":"aabe123b52750eaf9e6fe604204c2687222b0c54","sha256":"571f3457dab507b6f2ce5394d593ca015251b69fea81ab7a546bd2368e9fc3ed","sha512":"59b693cf63d3bc706adc09d289f51f3be1ed2cec80a6e1ebfaf35a5b569ed006e5785cf1faa884e133ab83eb7a0fce9c4545c512c9e7fed63e94264fb13c4937","ssdeep":"384:89cq4KprqBvQGNLahU+kaK7dWYQmQp48QMg9syZ/0TxUAWKymEIetG0pLlZxeH:8iq4cmvfNLahDK7QVmQqhw1EjLLMH","tlshash":"4da2f1a25a83d949fb68403e3b80287d963a03c733967a63575225ebbae1c53305a4c9","first_seen":"2025-09-11T17:19:09.761048Z","last_seen":"2026-06-13T10:23:16.68765Z","times_seen":10660,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":104,"dns":3,"connect":15,"send":0,"wait":32,"receive":4,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMurHFyTg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMurHFyTg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet-guvenilirgirisim.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24264\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 28 May 2026 11:04:56 GMT\r\nexpires: Fri, 28 May 2027 11:04:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:45:23 GMT\r\ncontent-type: font/woff2\r\nage: 5261\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24264,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24264, version 1.0","md5":"c857c350f9a78d0f1684649bec4d817e","sha1":"033e97ccd98283307ccbe7a2ea0207464316e5a8","sha256":"0dfbc398ae98c27c21c97f96e0ae26ad704102bd81bf56c2e2995c14a26a1c61","sha512":"a6929609a6a00ef26a901097329c59d4c09e34f12662ec79d84345d8196a16baafa4e9170eec6ef7e8f148653eac45422afb8f21bfca18c6075cb7786d82bae9","ssdeep":"384:WnlKaSpe+DgBwukIm0gcCuYPLzNvqQ42b/D56wUb48CpqwjkjDJiZ8jCXF/GammO:WnlKaj+DMUImJld4A0wUb48t4XFpBaDZ","tlshash":"6eb2e1c8c46eede0105b847011ca4f48008911c5f4f4e350feae5caa9c9b40ed9b75dc","first_seen":"2025-09-11T17:11:13.787379Z","last_seen":"2026-06-13T07:47:25.932225Z","times_seen":3872,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":81,"dns":0,"connect":15,"send":0,"wait":17,"receive":12,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMurHFyTg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bmMurHFyTg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet-guvenilirgirisim.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24264\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 28 May 2026 11:04:56 GMT\r\nexpires: Fri, 28 May 2027 11:04:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:45:23 GMT\r\ncontent-type: font/woff2\r\nage: 5261\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24264,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24264, version 1.0","md5":"c857c350f9a78d0f1684649bec4d817e","sha1":"033e97ccd98283307ccbe7a2ea0207464316e5a8","sha256":"0dfbc398ae98c27c21c97f96e0ae26ad704102bd81bf56c2e2995c14a26a1c61","sha512":"a6929609a6a00ef26a901097329c59d4c09e34f12662ec79d84345d8196a16baafa4e9170eec6ef7e8f148653eac45422afb8f21bfca18c6075cb7786d82bae9","ssdeep":"384:WnlKaSpe+DgBwukIm0gcCuYPLzNvqQ42b/D56wUb48CpqwjkjDJiZ8jCXF/GammO:WnlKaj+DMUImJld4A0wUb48t4XFpBaDZ","tlshash":"6eb2e1c8c46eede0105b847011ca4f48008911c5f4f4e350feae5caa9c9b40ed9b75dc","first_seen":"2025-09-11T17:11:13.787379Z","last_seen":"2026-06-13T07:47:25.932225Z","times_seen":3872,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":114,"dns":5,"connect":15,"send":0,"wait":15,"receive":4,"ssl":86},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oswald/v57/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/oswald/v57/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet-guvenilirgirisim.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21472\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 22 May 2026 13:55:30 GMT\r\nexpires: Sat, 22 May 2027 13:55:30 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:45:39 GMT\r\ncontent-type: font/woff2\r\nage: 513427\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21472,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21472, version 1.0","md5":"5f49329007f1e2c86462fd68a5f3affe","sha1":"aabe123b52750eaf9e6fe604204c2687222b0c54","sha256":"571f3457dab507b6f2ce5394d593ca015251b69fea81ab7a546bd2368e9fc3ed","sha512":"59b693cf63d3bc706adc09d289f51f3be1ed2cec80a6e1ebfaf35a5b569ed006e5785cf1faa884e133ab83eb7a0fce9c4545c512c9e7fed63e94264fb13c4937","ssdeep":"384:89cq4KprqBvQGNLahU+kaK7dWYQmQp48QMg9syZ/0TxUAWKymEIetG0pLlZxeH:8iq4cmvfNLahDK7QVmQqhw1EjLLMH","tlshash":"4da2f1a25a83d949fb68403e3b80287d963a03c733967a63575225ebbae1c53305a4c9","first_seen":"2025-09-11T17:19:09.761048Z","last_seen":"2026-06-13T10:23:16.68765Z","times_seen":10660,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":58,"dns":0,"connect":0,"send":0,"wait":29,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oswald/v57/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/oswald/v57/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet-guvenilirgirisim.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 19104\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 27 May 2026 14:45:32 GMT\r\nexpires: Thu, 27 May 2027 14:45:32 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:49:06 GMT\r\ncontent-type: font/woff2\r\nage: 78425\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19104,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19104, version 1.0","md5":"4276e5fb1957782e7d33184615498ef6","sha1":"cf8028a7a9f18f603c0c88dd68f2e7808f2cd0d5","sha256":"99016932b273efa7d55b3a0ae9fe4babc6dbdcd7539f58a742697054f89b1142","sha512":"3af0ed664e1c987e1a38e94a495aa8973b3d6e6e5e1f9111574ac434b0ca4559ee1b04205cd7f581a329f3d2e78d4cf6f0b9f6e304ea10b64229ba75cf742e77","ssdeep":"384:EAfnkm7VI6sRhX5ZkzfqZT17M0mUTruWW0s8krjkEQMnxIaZE/V:EAcmx9sRnKzE1g0mUT6WWXZjkaxIaZo","tlshash":"c282d0146d312851efcb5fb90b7b0746b605ba69c3326478b3ed098c7594feb4b06d02","first_seen":"2025-09-16T06:39:47.163224Z","last_seen":"2026-06-13T01:24:30.288206Z","times_seen":510,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":55,"dns":0,"connect":0,"send":0,"wait":43,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUjm6bmMurHFyTiQB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"173.194.220.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:13 GMT","end":"Thu, 30 Jul 2026 15:53:12 GMT"},"fingerprint":{"sha1":"6C:B9:FE:19:9C:7C:AA:5D:D2:39:3A:16:2C:50:FB:C8:59:C8:CC:A8","sha256":"FC:4C:0C:6E:AB:D1:82:30:1F:A9:46:DF:FA:38:02:9F:06:56:FF:98:E0:8D:AB:9A:26:C3:2A:97:C5:CF:A6:1C"}}},"request":{"raw":"GET /s/karla/v33/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUjm6bmMurHFyTiQB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet-guvenilirgirisim.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-type: font/woff2\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11860\r\ndate: Thu, 28 May 2026 12:32:37 GMT\r\nexpires: Fri, 28 May 2027 12:32:37 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:43:48 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11860,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11860, version 1.0","md5":"b1735847a905f105c716377e5dd33d77","sha1":"a14e16fd918a6217c53848f0140f605c20c45d57","sha256":"5ef27223af807fcc529d77f2a5263b9513f351c9de7129d3c11860e916b1d690","sha512":"c8690b450ec99b2723d730faac629e61d611609a90729ff298d6dfb2bdacc11ee59887f3f281ebec895c250b6a3e14e14d1dcbfef323da795068b264d8e98c85","ssdeep":"192:vpi46ThQeqAZV1zaKZfftkpB/fx5KRGLSlyhcwU4/Y5hd3ns9F:xiBueqAZV1zastOB/21N75htWF","tlshash":"1032bf75cd52be43f5752034d93a41e508cf93a6a948be5b3242bbfa6984060bd9484e","first_seen":"2025-09-12T10:41:08.3187Z","last_seen":"2026-06-13T01:33:09.850708Z","times_seen":181,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":52,"dns":0,"connect":0,"send":0,"wait":46,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tr.galabet-guvenilirgirisim.icu/","fqdn":"tr.galabet-guvenilirgirisim.icu","domain":"galabet-guvenilirgirisim.icu","tld":"icu"},"ip":{"addr":"104.21.20.214","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-28T12:32:36.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet-guvenilirgirisim.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 00:42:36 GMT","end":"Wed, 26 Aug 2026 00:42:35 GMT"},"fingerprint":{"sha1":"13:C8:53:AD:4F:72:73:B2:80:99:82:5A:8C:46:E7:04:B2:56:FF:23","sha256":"94:F4:0C:9F:8C:03:AA:78:AC:8F:39:9B:AB:5B:56:DF:96:51:D0:5E:6B:05:19:C5:70:11:BB:B7:7F:BF:90:0B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tr.galabet-guvenilirgirisim.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 May 2026 12:32:36 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8tvRiUuP6RVsm8Xl211zJsH5S8uc1SrMwEr%2BybwUCgCwQNmhm5YXAqLub92q%2F8pWuGzlEP1WJYQd0fnV4GP4V4e%2BValpgUtEOObTgiFlG2YM4g7wgpSCZZ3HbE2W7M78OUONmmEBhfI%2FaC5GVmF%2BBgRj\"}]}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: a02d48733820b512-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":18777,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1150)","md5":"fc7ff9bd2806783dcb8d0433451de422","sha1":"2a1f3a5a0950fcf744ba09c0f46f1ccba1d90c3a","sha256":"6253bd0e9bfe74c4b204c40c83813896be778c3e057f89a3090d4fc4997b6440","sha512":"9a219dd40910ce101497ada04ee4b9f1fa00ee8524bfe8c86380b696fbe6a08b94f5a36c2b636f75df704c6cb2296ab4d93257f91ff346aed83160debbfed240","ssdeep":"192:mYjNEVNmizJREz4gZooJyCifIk11ASX+pBQaiW9PHZD2j6qo3OUPziiYRRtQ1t:mGaZJREkgZonAbIUJuRtU","tlshash":"7982b69b1eb2201e7b07b29eb3e767096b55e103c915dd78ba4d5a5c9fc06e0ca9330c","first_seen":"2026-05-28T12:33:00.943153Z","last_seen":"2026-05-28T12:33:00.943153Z","times_seen":1,"resource_available":true,"data":null}},"time_used":382,"timings":{"blocked":73,"dns":55,"connect":1,"send":0,"wait":236,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Oswald:wght@600;700\u0026family=Karla:wght@400;500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"64.233.162.95","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 May 2026 15:53:15 GMT","end":"Thu, 30 Jul 2026 15:53:14 GMT"},"fingerprint":{"sha1":"19:42:B0:56:3A:E4:79:BF:8B:69:E2:50:F4:76:BF:1E:A9:D7:7A:49","sha256":"D7:FF:C1:46:95:F3:5F:08:04:B0:E1:A8:FE:14:FC:60:19:58:D6:C7:D3:6E:82:B3:64:07:E9:E1:CB:9A:27:8C"}}},"request":{"raw":"GET /css2?family=Oswald:wght@600;700\u0026family=Karla:wght@400;500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galabet-guvenilirgirisim.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 28 May 2026 12:32:36 GMT\r\ndate: Thu, 28 May 2026 12:32:36 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6722,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"dd298465d823bf0387c4b1e4a3c90ce9","sha1":"063b0a3131fcb8214c4ba5d1c58954dca9567575","sha256":"483b85ebc32c43de314df66116bf7c5cc2ead9250cbaa54a482ee2f0fc660d9a","sha512":"df05774d2eac9d1c10d470db2e0f602320664ce383ee15bdd43041714713c3807c18c19ee85a0f365f7b1ca4401caddd30839c2c7f7bb768391dec4b566d692b","ssdeep":"96:yOEa7Jc+uuOEaDN9OXa7Jc+uuOXaDN9Opa7Jc+uuOpaDNzOxMaWgOxMazFZOfOxl:Ffa/fJRf3EWBKSvszeWSKBossT","tlshash":"fdd12f92082fa440eb470dc233de7e26ef1f62512454c5395ffd18a8ec9ed26131a74e","first_seen":"2026-05-28T12:33:00.94489Z","last_seen":"2026-05-28T12:33:00.94489Z","times_seen":1,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":105,"dns":1,"connect":28,"send":0,"wait":32,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tr.galabet-guvenilirgirisim.icu/favicon-96x96.png","fqdn":"tr.galabet-guvenilirgirisim.icu","domain":"galabet-guvenilirgirisim.icu","tld":"icu"},"ip":{"addr":"104.21.20.214","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet-guvenilirgirisim.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 00:42:36 GMT","end":"Wed, 26 Aug 2026 00:42:35 GMT"},"fingerprint":{"sha1":"13:C8:53:AD:4F:72:73:B2:80:99:82:5A:8C:46:E7:04:B2:56:FF:23","sha256":"94:F4:0C:9F:8C:03:AA:78:AC:8F:39:9B:AB:5B:56:DF:96:51:D0:5E:6B:05:19:C5:70:11:BB:B7:7F:BF:90:0B"}}},"request":{"raw":"GET /favicon-96x96.png HTTP/1.1\r\nHost: tr.galabet-guvenilirgirisim.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galabet-guvenilirgirisim.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 04 Jun 2026 12:32:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 28 May 2026 08:23:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 253\r\ndate: Thu, 28 May 2026 12:32:38 GMT\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sxodrxbCqmeeJZ8n2thPYz73wNriREZ4XJP%2F3VyE6RXICwjbLpjWImhTwqY09DyDlbVOTGibbS%2FQA6IkyiuIOl3tWzUKqxhQBhXtaxZhv16oJj7zdIigEtH8bITzoVpTZ3icfcKU3%2BmotirjHA9NcsBS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: a02d48766cd65690-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":253,"size_decoded":0,"mime_type":"image/png","magic":"SVG Scalable Vector Graphics image","md5":"171026fceaaa80daf90449cae4d50449","sha1":"5eccf48a05ee09dd0792b253ea7f33f0d767c141","sha256":"c99609e594d24754cc8ae6c4ac5fe2f631849dfce036b532ac303c67eb15d1ae","sha512":"05985bb255ca242803e4131c0a68a3d9925b07629437e408ca1463fb5ce6d9766bf61475612df9786b768caa3b04666833cc9d380541f9430052689d3535715c","ssdeep":"","tlshash":"dbd095e19388271cc70ccf15271534a7330d78cd55414df4f9c025269085cd7655c74d","first_seen":"2026-05-28T12:33:00.945946Z","last_seen":"2026-05-28T12:33:00.945946Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tr.galabet-guvenilirgirisim.icu/favicon.svg","fqdn":"tr.galabet-guvenilirgirisim.icu","domain":"galabet-guvenilirgirisim.icu","tld":"icu"},"ip":{"addr":"104.21.20.214","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galabet-guvenilirgirisim.icu/","date":"2026-05-28T12:32:36.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet-guvenilirgirisim.icu","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 00:42:36 GMT","end":"Wed, 26 Aug 2026 00:42:35 GMT"},"fingerprint":{"sha1":"13:C8:53:AD:4F:72:73:B2:80:99:82:5A:8C:46:E7:04:B2:56:FF:23","sha256":"94:F4:0C:9F:8C:03:AA:78:AC:8F:39:9B:AB:5B:56:DF:96:51:D0:5E:6B:05:19:C5:70:11:BB:B7:7F:BF:90:0B"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: tr.galabet-guvenilirgirisim.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galabet-guvenilirgirisim.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 04 Jun 2026 12:32:39 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 28 May 2026 08:23:16 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 158\r\ndate: Thu, 28 May 2026 12:32:39 GMT\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hd5fyQ6cilcBk1%2BOQwX6X7VfnDKVxSNNL90tFaw4ZQh2ftJvkfQY%2B5Re7ydimJgWkrGQaWCQOi4KzKFTPQ7zR8KYa7G4DMKdWyAEStu%2B3NJ3avmSGq66QCmZ4rNWiQdIx5L63NyjRf3no79DE2Lb5o27\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: a02d48766cd75690-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":253,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"171026fceaaa80daf90449cae4d50449","sha1":"5eccf48a05ee09dd0792b253ea7f33f0d767c141","sha256":"c99609e594d24754cc8ae6c4ac5fe2f631849dfce036b532ac303c67eb15d1ae","sha512":"05985bb255ca242803e4131c0a68a3d9925b07629437e408ca1463fb5ce6d9766bf61475612df9786b768caa3b04666833cc9d380541f9430052689d3535715c","ssdeep":"","tlshash":"dbd095e19388271cc70ccf15271534a7330d78cd55414df4f9c025269085cd7655c74d","first_seen":"2026-05-28T12:33:00.945946Z","last_seen":"2026-05-28T12:33:00.945946Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"tr.galabet-guvenilirgirisim.icu","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}