{"report_id":"6ff79b5d-4447-46de-85ea-980312738ec3","version":6,"status":"done","tags":[],"date":"2026-02-23T12:38:02Z","url":{"schema":"http","addr":"gorevmerkezi.it.com","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"gorevmerkezi.it.com/m/index","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"title":"ebay","dom":{"size":36901,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (29431)","md5":"1350132fc855fdf1944fbe4af49163db","sha1":"694052c03d103b1493f6ce6cdde668a84cdfabba","sha256":"4d5c1e4b17cd7a0a189916eaeae3e7dffc45a8135f788028877acae8ce82b768","sha512":"84f9ee628f214293c21bd4934b8b208beb6ed291ea34cc56eb7cb874d820c920498831ff56acc7dc371e2be32bdc5d35cbef27951d69bd29be44a3ec7ad31f1c","ssdeep":"768:vByKTeJaFjSJI2jmWIIIIuJ0fRt90BVrPplUZ3VOjVokGWhcO1PgZ:3TeoWIIIIuJ0fRt90BVrPplUP","tlshash":"07f25130c41218af1523c8e5e160bb9934d2f70fda669440b67c8f5edfdbef0662619a","dom_hash":"domhash6514edc3cea00cbfb60d0214feba8ac0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gorevmerkezi.it.com","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":0,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-30T12:38:02Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"gorevmerkezi.it.com","ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"1992-10-23","domain_rank":0,"first_seen":"2026-02-23T12:38:07.875467Z","last_seen":"2026-02-23T12:38:07.875467Z","alert_count":423,"request_count":141,"received_data":13309301,"sent_data":67194,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-02-22T22:27:51.54973Z","alert_count":0,"request_count":16,"received_data":1880023,"sent_data":7274,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"334149adf44476f28bfbf16c7b0382c2","sha1":"ad2ea246ebb53ed655ab50d44b33d4d6f942387d","sha256":"6d2c0a450a04b5d1492f77d7e512fe6af26e95c2feac596825f45e71b9ffa4d6","sha512":"0f9d66a68e400a2499cc1dbd79331892e9e62e278d8b4784e354b7a281c91fcc1401eedb0857ff6911d842ea853d39081b459fbdc0e30d927ee93b5ba1ecdbea","ssdeep":"384:hpI8XyWPbWeAExXqgxH7RqzGbcQdVzxbUm6HwT9eei:LbXdyGbcczx/6QT9e1","tlshash":"f25285ce7861b0a757e320f0805f4a0fb2b6552a754d84a0f660e9f66db542e8733f5c","size":13638,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.423279Z","times_seen":1179,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c019be63e713ce6f2aa221c0df8fa0cb","sha1":"e5471888945144f233714d470959059c010eb667","sha256":"87e6aba4bd25be4196ad7f269a62de823242abe105df538f218d4e6e268f74ce","sha512":"6ca3ae5fb17dc20a2c27d4008454feb7cefc626bf104252354c1abd0977f73a315001d94293a7d4379ecfda6ba21d3f49a992f243a6f9249c935195527d407be","ssdeep":"384:BPdUYakDlUGQrDQxMQ4rJaT30WCxQI1cg:DUYzhUGmUMQUX3","tlshash":"cea2b7c6f56270270a9260e5183f1107a33f241d648d855df2d6e8ee2ebdd8e91a3f39","size":22805,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.462559Z","times_seen":1154,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"2675fab97e66abb2dc482356efb999b7","sha1":"3311edff263714f305e1e345e152bbee777cc844","sha256":"bc87ac65daaf5582b0084af46d5f173f84e35b6b39733943e908fd9023cf3bb6","sha512":"6d1ed57e31ecba4fd8d5e5bad006be0928245259a0d0a57a6c99029dc00cb4d2e74f0ee31a7c4e198b51bef9c544d9a55c559aad033e38acf75be73bb53873bc","ssdeep":"","tlshash":"121180cb99618a6896e214ee36fe3750b573e052f9446130751fcd103d9c70f036aaeb","size":889,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.466637Z","times_seen":1124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-182e5dc3.defb634e.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"eff859afb8a3df275b2d92e31472c68f","sha1":"fc245e439d856b97ff9c57e607ef2977fe61ed95","sha256":"1e109c80af9009e7cd9b560508daaa05a613fbf24ff62734e97e04a51db6572b","sha512":"a23f03ca3d27f47e8fd70c828f4d30f6ae5fc6d933fd825f9b6c900890cc58934c4d8ab92175f8ddd4a1686902140352553d54d4e15de811851d465f0abd0bb4","ssdeep":"96:hzOO/KhO/KPKaLmmxQKhMEOGpGjBMdvSNbB3wgsq/rIBNlujujDj7hlSPitAMLcg:hN1KhMdMGtUcw40zcj2P2VWHl3PgpliB","tlshash":"4e325509b8c7f166cc6aa021412f2535e17a7ec55422f141eb34cde0a6b9c792b2df9e","size":11914,"data":"","first_seen":"2026-01-27T15:16:56.813731Z","last_seen":"2026-04-14T15:55:46.960544Z","times_seen":25,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0a01fa31e644ca44836356a172ba7c9","sha1":"e81438a79e8a7f34423168c70696cff2a820dbf1","sha256":"840ea076b43dbf564a909bb082dc287740a96f3c4483fcc024f7176306daecc7","sha512":"a18f9c600996f8f31c046e80334cc794efff550c2286bc822ba7bbc197d99e4ce5f032133866b18cb9743a717b76e578cdb2a9fb5f6ebe42614d08ea1ea2e47c","ssdeep":"1536:XFWQV1ZGORGWiB67hAHLY/IyYT3uu+OLFckh:XFW8tG967hAHM/IyYT/Law","tlshash":"5853e8c5f46134a213e7a2b582bf11032376953a640c85b4b798dcf98d7d98c532bf7a","size":62797,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.423793Z","times_seen":1157,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.7/index.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc6dfa2d326274455390160572856dce","sha1":"efd937a0eaa2f39487b612814c98c37a752c9a2a","sha256":"bc09e54472585388c0ef0b58e5818a448f03b5671df4120da425cd6cac70fb79","sha512":"d42e99eb85cefb310ba46cf4a5fd9514f6804d4fa95f312178b0b54723db60950908465b257cd7160e2a67e56b1b2855bada2e67f56c992f53fad520bb7a73f6","ssdeep":"6144:jlrTktiHOvAeyErnMb/KeG4tVhkiIAUYxRtS8islZST79eA:jNktiHOvAeyErnMb/0G1TUARQ79eA","tlshash":"e1c41a8d72c5b53147a36070103f250bb33b299ca40980dcb679d9ea6dbd909626ffbd","size":590640,"data":"","first_seen":"2023-03-11T09:11:20Z","last_seen":"2026-06-07T10:47:43.44918Z","times_seen":641,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/lib/flexible.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"2481028b2f8ae3f9f9c15d0899705aab","sha1":"175d394457b861cf64b9347d243fe3f179048faf","sha256":"5fc76e812ff59a1e0a2faecfb1db22cfa4af69efafef2f3bde03494d543acc1e","sha512":"7b48ed3af9b9330ccbff7a8a9b7dbb1eeadc4356acc22f68a821d435b8cd85e82bc453d489355ee0679cd5ef98feda4c0be8599a0568c1a20bd6d8901669e5f9","ssdeep":"","tlshash":"fb81322806e722361e2330348fbf210539728067055ace447d5ee79e6fe4a654ef6bf5","size":4071,"data":"","first_seen":"2023-03-08T08:46:29Z","last_seen":"2026-06-01T10:56:00.253522Z","times_seen":284,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vuex/3.1.1/vuex.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c66594705de51675f08e3b83b9b9b38c","sha1":"40fa40f722043957a56324174ec6f80389391971","sha256":"e973901e74ff65888bbe2e58b95cfb957d5db316bb185a106f543d99176d1d65","sha512":"3cb0d6b77ac49d3c6c5c5740efa2fd9e3e0c79158c88a9d4f0b709f4713a38a7b72109a2b4c636377c783effc3c6457c718d8cdc2e9c7577db9691562e95375f","ssdeep":"192:90DuIfY7JtjC5ydUypH82+H8urFLR7BD4GOUo1MQl+B2GHPpB3QE7WA+MWnBP:9guIw7JtWqmhfldD4Eo64UgH3nx","tlshash":"4f1261ccf661b0764a377460623f120fe276a46d200a4468f598e4ef6cbe14d94abf3c","size":9875,"data":"","first_seen":"2023-03-07T12:05:56Z","last_seen":"2026-06-08T12:58:48.443895Z","times_seen":1413,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/lib/jquery-1.11.2.min.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6355f3cc28006e33bad2e765cde30e0d","sha1":"909cd6318d5047f3c8e83528253b256981394414","sha256":"39eed2d24faf4985b922b64d078f106edba6b3b84d5385e483a5c7bd69201da7","sha512":"b22d3868a7b311f82bb149f8afccee03c68dcd5e7152a061b8e18d97aef794b106dd1cc081d49f4d638193924ffa5885239cf67152fc339ff0cf3cd1d194d175","ssdeep":"1536:0Hg1kz+hAmcGmVFnlkFybx+amELolY+30k1dml+BQZX6YPnrCtn8JkDnlwMxVW2:0HDdc2F3c2G7mIW2","tlshash":"13930add76c2b06387a720b9506f550bf276599e280c4440f268e8fabc7ca49a137f7d","size":96382,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.448514Z","times_seen":1827,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-vendors.0959c18b.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"59718baba413ffce8af627b8a687fb33","sha1":"7ad82303fcd29efcdad03df36319183f8787d4c8","sha256":"95732ae511ea64b6041ef117de0b516f6523a1d657c809f3117a0c9fc42fdf0c","sha512":"9a8210c594b1ff6caec54315030f045a86dcc4d2fdc681a767730e524dac8240f6038b6ce225bce1b0415f7ebc802d7fc47102fb86069fc6baf6d037790e8dad","ssdeep":"768:WscXuLZN8ZzldBKOpNtWVw5iVJonYrQBOJJB2GfJbrCGVuZgdpGd+cH0iIWRiAVo:5cXub8Zzl7bD/YowQKL4+cHdIziAAg5l","tlshash":"4533c788f2e6f074479761a4402f600bf279ad55744e88a8f225e4d1bdb8dce847bf38","size":51996,"data":"","first_seen":"2024-06-11T23:26:00Z","last_seen":"2026-06-01T10:56:00.256892Z","times_seen":129,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"0d75a045ada91e8b297dc25ca5080ebc","sha1":"5459c8d31303d82ae64e465707ea4c0b774a26f7","sha256":"3bbcd117f9c743158fa2c3e85837cada012be7f205946287fe8dd509c7a317ba","sha512":"7a44155e399fa84ca4f908072115d470b687598d9d35ccde28025515a3f312cc1bbcdc6bc8a464e278f28d3563ade49f32a6d0099033870d1bd61dad4beeede5","ssdeep":"","tlshash":"a3a002a363459b385cdd3ba65470cb9a3c385121bc16b445450d1920c5a8ec2445bd94","size":67,"data":"","first_seen":"2023-03-07T18:08:41Z","last_seen":"2026-06-01T10:56:00.263506Z","times_seen":266,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/app.09610774.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"3dc2a1d16af7ad443d7e934f745dd80e","sha1":"81afb63a77517281ded685fbf13accb55888eed6","sha256":"2084618e46fcffeb8876ae33ce572e8e6d7c8b3386857e0a3b17f0c0d4600aeb","sha512":"5166289574bf93c00ab0fbdf85240cab21cc376cc91776c22fbcfaae1a28e367170196cf2c2264b260a1e33df0635c65eb751844a696735c7e8b62bbe1abfb7a","ssdeep":"12288:m7Fs6wQZIflEQrEf4oYZq25hJ5C2xp2GFsA2A45tsoEk0zgPAiB2oau9j1+8HWlK:sqER5T++j3","tlshash":"a7356bd822eef7b511429549410f3b3c42191fbaf156d2919c72e98839ddff48233eaa","size":1112124,"data":"","first_seen":"2026-01-27T15:16:56.867654Z","last_seen":"2026-02-23T12:54:01.628858Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"17e942ea0854bd9dce2070bae6826937","sha1":"434cdec1669f2c6c7406297a72120936bc56ed52","sha256":"72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26","sha512":"3f0439fa3817c71a6b34673cd32707137b29823e93b8389e1deff24e46c427e5396a897b753ba98bfe156f01c7ce54155bbed56f418b388b22622807802e6f72","ssdeep":"1536:1UXY7qLtpHt2Pqe1mZ8I6H82RaLiMBlo2VV2B/S/g:MYeJpN2yefjMBlPV00/g","tlshash":"529308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","size":93675,"data":"","first_seen":"2023-03-07T01:18:07Z","last_seen":"2026-06-08T12:58:48.433882Z","times_seen":4059,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fa93e8894edb6245ab03883633b12b6e","sha1":"e3ba4c7d1a8876090756fd31715b4f6af6fd649e","sha256":"3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15","sha512":"263612833aa8f4ad08798184b25311604f1a3bdb6aecacb71103661159007ba0a9d7803094930b3276f47e980492bdd8c49f208508ab88ebd9c0875166278621","ssdeep":"","tlshash":"0c8124b0bb8d35ab0e0e21145b1f60cd927ce43a085949f6ec9df1321468c2e977ad6e","size":3883,"data":"","first_seen":"2023-03-07T12:01:36Z","last_seen":"2026-06-08T12:58:48.428004Z","times_seen":3338,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"32e2eb91e6ed0512057b2ad1e6d1b242","sha1":"27809df1b99a4b81b6b82ba2985cdd4b1c8bebb6","sha256":"e8707a396dd2f8d74eaaeb2f784074a24d7a71cbe15dcc70297f726b31c160d5","sha512":"0ab7b445b586dd27a0aeb72396350982783129c9ba028ba1db847c9d2acc0de9c90c3c9636e76a21553fedf81031220f3676ea64bf7336644c04da33d744563d","ssdeep":"384:UUcnX3xpR5tumD+EaKGZRpqB1UdEPQFWmexTMCJ:7E3jXtuW+qGZK1UCP5mqMk","tlshash":"01b2c7ddb581b03547e326a0412f250bf27b358db44e8498f269e4d52cba85ec42bf79","size":24822,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.444421Z","times_seen":1173,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ac19265b38d14235141d184bca54d9a","sha1":"c725eb5a33d093e331e25c3a5ef1272b0f1f648c","sha256":"e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e","sha512":"6476ae51cfef0724ba254cff1e5d68f2cda477840954b01b933f1c9608ed6ca5094fe006d5cef7e5a32d54b25fb4a418a3e2c3eb642bcafa0d6bebaacbeac21d","ssdeep":"1536:O/pPCitsufJthaK85kqzOAkRlojU6tU8r5MhkhGllpcXvH7WcWUKcOqylFE8BtOa:+JthJkOAkaRaaGl4fH7WcWUKcOqjtYD","tlshash":"2bc31849b35071e551e72256539ed601a3b66845b90ac0a831b2d8d7acbce8c03bfffd","size":128745,"data":"","first_seen":"2023-03-07T12:58:52Z","last_seen":"2026-06-08T12:58:48.463087Z","times_seen":2388,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.12.44/vant.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bd964aefdd330a73c62c045d6b31e66c","sha1":"f7021d4ccab3188fc2c0f7ad8c51f88cda28172e","sha256":"4e685208d134a61fdf4e8fa18b054f5ca2b522813f9bf591db4ac4b42ef16598","sha512":"b9c22baff22e7711c36f2091e37825b9e865ce1d2ec8476f697712c62c51e4604a961e8182950a67cedd060d7ebb720784fecb4f4b46f8d98164badd580dac0c","ssdeep":"3072:RuhM/vLqNdJXyzFg0xnnx7XJ2pviRq4jtSr1GM6TyrfXc556SdryZMyR7:MhM/GU6KRBx+rRSPyR","tlshash":"be44e78ab1c5b425079770b5403f110ab237298cb81a84dcba79e4e66d7ca5ca13ff7d","size":278598,"data":"","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-01T10:56:00.23193Z","times_seen":232,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.1/swiper-bundle.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"38ef180eaf570243775427085e2ea834","sha1":"e0d97d1c702c90dbb22a6294b3c1e4126ba1662a","sha256":"b624e1e378abe009ef0de69a698b0a3e734af47efcdbd6816d5fcb8fc64c8bfe","sha512":"9da1101bbe0870e2d0e8afc1d4f9a121c6788b7604d855ecdb39bad37135437b216eba27f8f9982e0e38feafb1032983fd1bec919d87f25d506bb239a842e5ae","ssdeep":"3072:NJvgjudkXhYnafpoy9v8cIWyUaV4y+oGeJhyEfrNK/MxF:NJvgidkXhYnafpl9v8cIWybV4y+oGMAQ","tlshash":"c0e3f8896360b1a552e3268b93a9c611e3b51400b409c4e871bd4c9b6d7ed9813ffffe","size":143070,"data":"","first_seen":"2023-03-07T01:27:55Z","last_seen":"2026-06-07T07:45:16.076416Z","times_seen":465,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"622c4c9d5dc4b1ee29a2eb908186ec88","sha1":"491753a3f979f7d180af11e1929ffff85e30f921","sha256":"794d1c7ab27be77d366e0497e641488e50f5ae6581b4db51cc08de1e142eb47a","sha512":"2b2485006e3a36dbae0d0d8488ab63ae6085c34d5a6f72c3558c52b492294c157f67ce47c1c3b89498db9ff72f748485fedc04a881f1877f903cfa0df1c8be8e","ssdeep":"1536:PLFpwkiSucuVH8MBfaQQ979S17LMgRCSRjMbEjeb6Gt6UQ:PLbw1Sucu3Qw8gc3gk6Gt61","tlshash":"1f93618cbec6f06642636675413f900bb27a1a86745f89d0e12ed1e4bc7c98f413be6d","size":92050,"data":"","first_seen":"2023-04-06T20:58:39Z","last_seen":"2026-06-08T12:58:48.43561Z","times_seen":1467,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.7/locale/en.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"05c65efd7ab47381eac414b929c80d11","sha1":"c0fbfd65eaf0a9a92dedbc93b1b1d7d8c55f8094","sha256":"d6361676df25451bfb74c691c9304ba709919cd4dd03d3c7bd5f999af7a6c597","sha512":"3ca05b333100d916cc783022dcc5b5d0210351e5ff8f184bf7e6450f63f919dc6c28e330d2f49de7a452a7cbee975a68872a3e2d3cbeb99e255e2827b59674ad","ssdeep":"","tlshash":"0a71fcff49b5406a4135dc19659f6407616180ab4e28bc397fad53a82f8cc1ca0feed5","size":3516,"data":"","first_seen":"2023-12-31T12:39:44Z","last_seen":"2026-06-05T01:07:25.344623Z","times_seen":411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-2d90c97c.245bb9cd.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-2d90c97c.245bb9cd.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-12ba\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4794,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4794), with no line terminators","md5":"d81af9f0fed86f2336e72d4dbd27b0eb","sha1":"f7aaa56d9a8bd8ae249c346f868bf6a66e5c4d09","sha256":"93cd6c5726c486853f54f0522bad1d31d143d5ede3f3d41dacd43b1297cb0477","sha512":"b7220674ed2cd37383d4cd6840f0f7b9bb2e0301319a7c9fe9786dc2fb91bb94a3ba5d41d998b3dfbeae59ce2af1bf3156e12f11596711bb921471d799bcde7c","ssdeep":"96:RxU1M6UMqhM6pLxmA94d2+Wlfb3bP4PUKUez5:sM6UMqhM6Z4Q+gfb3bP43Uez5","tlshash":"2aa18fdfa4f68111f1f7de6217cc9445de326fe339a10ceab1da148d870aa85271b0e6","first_seen":"2024-09-19T21:03:31.100076Z","last_seen":"2026-06-01T10:56:00.239006Z","times_seen":250,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":153,"dns":0,"connect":0,"send":0,"wait":174,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-1d8200c0.151d881f.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-1d8200c0.151d881f.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-bb51\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47953,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (47455), with no line terminators","md5":"636133671b750e8b58028c759390117a","sha1":"f46ef314ab5cb78e778312534dd4dfbcd5109029","sha256":"673b455052afbe5aafa1d630aefd8d6698c59797b5cf1e9e61370c69aff1ac53","sha512":"8ec3dc2fab8d1ffe32d80d8cd53dab2b9631703e6014a3a332b1d81e462f0af178a28e249b8b135ef471d8a4e43c8b6e8d9d62808ceddf0d667e866f755d702d","ssdeep":"768:uSJViW0ts2ZtK2Kx0GIg1udUZtK2mxMZYywuVZtK2Kx0S:ucGtIbIgNtsGYyhtIV","tlshash":"fc23d94cb1c3f06e4a6b5621851f1419e23a6a99f405d145fb3cc8e1b8a8c69772ffbc","first_seen":"2025-10-18T07:29:14.091517Z","last_seen":"2026-06-01T10:56:00.25875Z","times_seen":66,"resource_available":false,"data":null}},"time_used":2905,"timings":{"blocked":2721,"dns":0,"connect":0,"send":0,"wait":183,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/5eb4d6147cfd46278abd6ec7522ffb50_.jpg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/5eb4d6147cfd46278abd6ec7522ffb50_.jpg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 81716\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:45:11 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81716,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, progressive, precision 8, 1200x628, components 3","md5":"e275ce32fabc7cf5c80b2c2b13d5889f","sha1":"7fc5ec860f8fceb739595120d6d64131e93a0be7","sha256":"c53cf186e9a629609f26dd546ae9f733ab3347131544eb2c25b8bacf399911ac","sha512":"650f83d14a6afedd9ed960ea3ae405f6e35aada7a0f28b35a93660b5f6c460117d141752346c1bd94a5bc5842cc3933cf30c776b3914d15ec13d1bfbfcbfbe5a","ssdeep":"1536:aFkARScRSSCEVK5OXBXCD+c/N+MObln17:0RFCiK5GwE1R17","tlshash":"ed83023bb599a5a1e0cb3a7287a8c279d11867cc41d3f7aeeeec25260505cc21cc9f65","first_seen":"2026-02-23T12:38:22.19233Z","last_seen":"2026-02-23T12:54:01.610591Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1937,"timings":{"blocked":1697,"dns":0,"connect":0,"send":0,"wait":185,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d21d0c2.3f86d8ae.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d21d0c2.3f86d8ae.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-4eac\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20140,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (20140), with no line terminators","md5":"98fc4f7d659f3ff5fe223a0005d30e5f","sha1":"8464c1b8138ce0a4b902c403fbbd61887b215a6f","sha256":"3b4fea3e5f45315e8243cf56781d0df5722e6133942671dc592ff479ba8213e5","sha512":"205b160455a2df2174059f4306d93b67d21c207f50caebf6006df72c501c954aaff7770273e5a68c9190e82251c6f62cdec564eaa28947bcb6143ed41b6029ff","ssdeep":"384:S3v3YBYcL1rAAdTRA7v0zwrmSHHHsglQFx+m1OPNtOVSLMyoLyUhyytGojYPFKp:9zwrmSPG8DOyZUoy2m","tlshash":"4f92e6e9f35542f6525d5cc5286f201ba4b0a4262c1a41acbfb5c0e7e8b8fd1787af70","first_seen":"2023-03-10T03:00:05Z","last_seen":"2026-06-07T01:38:16.22947Z","times_seen":1222,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-0ce41c5a.36a8d6d5.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-0ce41c5a.36a8d6d5.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-4b6\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1206,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1094), with no line terminators","md5":"5e979cf4281f7ebde0d82b99cd25ba25","sha1":"1810e016d0dc79e815f84b4c21caca2e4be64352","sha256":"e265a6091249dd914b53d55a7c2a2711fd8813ddb7c38ca634dc4d02de49238a","sha512":"849df467f9db93783890c75d5e9dfb70f4742dcd0245dad279e9d4dd76ce362d4503685b25916dddaede4469f9696398a5d4f268c06b2dc0c98bd2bb9caaf58f","ssdeep":"","tlshash":"2521dd48b4d3e62dcc2f4406200f3371f0e23eae1410a8c2b2b4c99a5739ea5570f97d","first_seen":"2024-06-11T23:26:01Z","last_seen":"2026-06-01T10:56:00.189054Z","times_seen":267,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":172,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-13ee2c88.cfa5704c.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-13ee2c88.cfa5704c.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-5181\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20865,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (20535), with no line terminators","md5":"33c94d891c02fa7b1c1c79c7f0bb273c","sha1":"979c7ac6009966a8f7a1bf4a56f4af8b284a9156","sha256":"0b52197469cfc1a4b92594d515112f1db40f7b9edb2487e1b0e916bb739138db","sha512":"ab893d5df6acad9fe87a260ca1f846852ee413a5e9a6dea659bbb894ace369ca0cedb97719ee75371c5760209e02f987584753cfdf3cd4398ef3ed9863b80a55","ssdeep":"384:Ytz23MbmZeudvQILLLFZN1nxwL4pUxNhOo:YDmZYCJX1nxwMWnhOo","tlshash":"b192d88871c3f01606e37121902f2149f2797d89b809d55aff78d4e2b879959722bfbc","first_seen":"2025-04-21T10:41:38.078267Z","last_seen":"2026-06-01T10:56:00.197169Z","times_seen":87,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":58,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/01/2a8227e85f5944c08c32e4414bdd93ea_.svg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/01/2a8227e85f5944c08c32e4414bdd93ea_.svg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/svg+xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 01 Feb 2026 00:56:26 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9032,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8d7ffdb3be9129609daaeb0288948b7c","sha1":"13c31092fa328abe2637b38ea41ff4c2d907f686","sha256":"1f157047a5313c549789f873d4ccd7ae56b7e25d6357c07e1810ff4a948b6aec","sha512":"8f7c500003048396afa4f66440beda1ece4abd7bf3648bb4661920a926239180b77ebf33fdbc789207ef90776726b11231bcfffaa806b9654234e2ad63856d18","ssdeep":"192:NmxZqfe5JpNbyaYn6GqJhINz09ho8OxCG7MfWmd0uMrz/Nz/NZ:NUZqfe59bMn6lhSr8Ox8fT0vn/B/r","tlshash":"101245fdab7c62bcb4474b5afb305008178f74b97766ca91822daab410c3d99d24fc41","first_seen":"2026-02-23T12:38:22.195015Z","last_seen":"2026-02-23T12:54:01.474802Z","times_seen":2,"resource_available":false,"data":null}},"time_used":669,"timings":{"blocked":492,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d0d7fe4.7ea5bea3.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d0d7fe4.7ea5bea3.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-a38\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2616,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2574), with no line terminators","md5":"85e6c16abe67c57f69d2c8c7b7defc3f","sha1":"73ec895f2a50c863d8ea3ebe379b6cea63f830ac","sha256":"d4e3b729a67d406e2f89da70f5ba68c04b9bafae8ed779377aeacd854457ae9c","sha512":"3d09869add8668b7dc709514596a96fb70d857c61756aee7e31a840f591928511cb9b7488323094839f44f36c06f22448d9b09e14ea2b7a5278e4c2564606c4d","ssdeep":"","tlshash":"8051780cb0d3f08d5dda4017b26f2564a1763ec6151582aaab38c5e15a58cd1331b7e9","first_seen":"2025-06-30T02:18:00.839676Z","last_seen":"2026-06-01T10:56:00.209731Z","times_seen":80,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-vendors.0959c18b.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-vendors.0959c18b.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:41 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-cb1c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51996,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (29775)","md5":"59718baba413ffce8af627b8a687fb33","sha1":"7ad82303fcd29efcdad03df36319183f8787d4c8","sha256":"95732ae511ea64b6041ef117de0b516f6523a1d657c809f3117a0c9fc42fdf0c","sha512":"9a8210c594b1ff6caec54315030f045a86dcc4d2fdc681a767730e524dac8240f6038b6ce225bce1b0415f7ebc802d7fc47102fb86069fc6baf6d037790e8dad","ssdeep":"768:WscXuLZN8ZzldBKOpNtWVw5iVJonYrQBOJJB2GfJbrCGVuZgdpGd+cH0iIWRiAVo:5cXub8Zzl7bD/YowQKL4+cHdIziAAg5l","tlshash":"4533c788f2e6f074479761a4402f600bf279ad55744e88a8f225e4d1bdb8dce847bf38","first_seen":"2024-06-11T23:26:00Z","last_seen":"2026-06-01T10:56:00.256892Z","times_seen":129,"resource_available":true,"data":null}},"time_used":1398,"timings":{"blocked":507,"dns":3,"connect":175,"send":0,"wait":358,"receive":0,"ssl":353},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/01/009afa33f25f4e569cb2844f3783ab65_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/01/009afa33f25f4e569cb2844f3783ab65_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 37994\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 01 Feb 2026 00:55:40 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37994,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3840 x 2160, 4-bit colormap, non-interlaced","md5":"4a76312da84ecb6ef92e065633ab3a61","sha1":"54061aa58a02eaf7a6df4e35e0c4489801150dba","sha256":"68f425bf279d750a1ccdd4689bd592e629cd5713928c4a0f7627985a5670a78a","sha512":"b528cd9e32e009342f58cc1bb39243f7d0ea05100744c780934d27c37bee53d27ef12131106e9df0e9b9b08ad7c852bb0039e8d23478c3fa56266f3cf6bae5de","ssdeep":"768:+nIWZ3rryuSX/6bpwTHJkn70CEF0VVTyk6ao1bo4uHbqzwsTmOPmyn:+IWZ3rryXXCbpepknDREkpgbMbqc0mK","tlshash":"1c03e2758e03fefdd59c8e356b29359a0963b319ac60c40c7d8655c2f9fb10aba11a23","first_seen":"2026-02-23T12:38:22.19723Z","last_seen":"2026-02-23T12:54:01.597263Z","times_seen":2,"resource_available":false,"data":null}},"time_used":504,"timings":{"blocked":325,"dns":0,"connect":0,"send":0,"wait":177,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/cfg/202602/21/7723461a757a433c9ca744fc140ace94_.svg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/cfg/202602/21/7723461a757a433c9ca744fc140ace94_.svg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/svg+xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:43:13 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55848,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d6b6e3015093e8df0679c7fed68f7e81","sha1":"c6eef241fbe63821ebf65572f4c709ea46a90dd1","sha256":"46f3b0c5a8db682596b47c2bb786c6f5a40f8b785b9d19572cb2040b3bdfe21a","sha512":"c1d167a89b0c275f744f3e0da259a5af05dab919d40c40ee1ba1339de2f828793b67d40d6d62f59e5c52257dd96e547a16b61e3b308ca4f133d542dc899199cb","ssdeep":"768:dxzd3CpdA//H06WFw/L3uwyRcCH1amNiNqaVhtK2MbX9YSZpZ6qnSvTg8e:dxzd3H8bS/LbyfVamNiNzK2KXC06NvTy","tlshash":"c343d8c69770e3e8d9cac79ddf32eca4615b60bd6933c6c449af4b08554bc89fa08c94","first_seen":"2025-10-08T06:03:27.894596Z","last_seen":"2026-04-27T04:11:54.756804Z","times_seen":7,"resource_available":false,"data":null}},"time_used":415,"timings":{"blocked":50,"dns":0,"connect":0,"send":0,"wait":363,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/66b9b2694ade4252b9b4ab31cdecda46_.jpg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/66b9b2694ade4252b9b4ab31cdecda46_.jpg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 908479\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:44:07 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":908479,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 216x216, segment length 16, baseline, precision 8, 3840x2160, components 3","md5":"3f3e85792c85585a1ff9bacb8a0e9e90","sha1":"fee4eed3bb8640bee454bc0a150f2db076658a6d","sha256":"a3b5427f02b1bf63713c05c157571a2f500029e3fda29f98775e48d3b32f0827","sha512":"ee6c1476d4ae45d7b2266ad0fa18ee7cd9cadfef05d564eb12baeaafed139b5884cfa383afdf7b0e6c454c3b2a2203ecd1a1b7b2aa73b4bcfe72b609d5f2383a","ssdeep":"24576:/WwJTFeyE0PTdpbocwG1Bswtspy33ZiV9ql56zd4TB:/WQTFey/rPbocwG1B6yN36Z0","tlshash":"1b150238f7d7db250b1ba81e597c7c77874211ca20cab59711271d5abb88fb886031be","first_seen":"2026-02-23T12:38:22.199064Z","last_seen":"2026-02-23T12:54:01.606606Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1626,"timings":{"blocked":835,"dns":0,"connect":0,"send":0,"wait":180,"receive":611,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/d2792d3a8bcb4eb68c5951b0d08a96be_.jpg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/d2792d3a8bcb4eb68c5951b0d08a96be_.jpg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 106321\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:46:09 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":106321,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x751, components 3","md5":"8d2e59e181f8e266815c59f1ea9fab4d","sha1":"9d10b7da2db8c75d42620226bb074d25c2d8fdb3","sha256":"0bd46c2b6ffade0ae894cb63f950c53402c311fa1941cc131a94f74dbc21f1db","sha512":"60a28b7121a45c0eb9c6b3cb917e0b1883391e936fdf3739f09ef0ebd57b26cd477ea9353c191f7c49df3fb3f852d366b2afa8f646a8b49876b7d7da07a61187","ssdeep":"1536:jd/V3H4YMalP6LhTxzb3HzkvfV9Bv2uqvhGApYl0S4eOzFRrNqQhMP23foIFMF5q:dxHt76FZ3IDB+Pv0QR81P+frMS","tlshash":"01a3f104f2c99b5919d7ec8d0eaca696465774f1b238e10e31ee7ccee3e87c740a4a45","first_seen":"2025-06-25T17:53:14.050859Z","last_seen":"2026-02-23T12:54:01.601452Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1730,"timings":{"blocked":1537,"dns":0,"connect":0,"send":0,"wait":182,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/app.d0b60b6f.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/app.d0b60b6f.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:41 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-2781a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":161818,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (64370)","md5":"9c806df89d61e3e0efd1c1e9fc4500b2","sha1":"68dd2a4116cd8e54ffddbaf7ca938d07172c0543","sha256":"075ecb6cfec87e16daac1178a38a51715c60e16f1eaa2fb5462fa0f365371d7f","sha512":"992a0dd658cd74437eef21b957cb0ff4510223e1cfcacf4d7fa1ce6328ff92c4195c1b4fcfcb999e35ad82746a2630de3ec508b1687fbb6eea7f456870f85172","ssdeep":"3072:3kZYwo1OAPkuD336ya5hrCen0eTUIfS0QqX:3kZYwo1OAPkuD336ya5hrCen0eT0Y","tlshash":"60f39997bad5210cd8574e92c6cd7efcea3f491252928cd7b1433baa8b453db238501e","first_seen":"2025-06-30T02:18:00.921698Z","last_seen":"2026-06-01T10:56:00.195562Z","times_seen":78,"resource_available":false,"data":null}},"time_used":1401,"timings":{"blocked":510,"dns":3,"connect":173,"send":0,"wait":360,"receive":2,"ssl":351},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/core-js/2.6.9/core.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27060\r\ncf-ray: 9d26c6a09f4b0731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e2d-16793\"\r\nlast-modified: Mon, 04 May 2020 16:09:17 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 921989\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=kZtLakq%2FP0G3Mbcg7%2B1cawc8daduV6WIP3I6T5LRcYLEk9a9zYlq%2Bgtjv1P5pnVKEI%2BkHNFXUxx9Vr33uH0SJ0sLjyCVRcMPX2M%2Bb90vTU8BUDnN%2FBXLEhG5kMaoTWVNfZJ3xn19\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":92051,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32000), with LF, NEL line terminators","md5":"622c4c9d5dc4b1ee29a2eb908186ec88","sha1":"491753a3f979f7d180af11e1929ffff85e30f921","sha256":"794d1c7ab27be77d366e0497e641488e50f5ae6581b4db51cc08de1e142eb47a","sha512":"2b2485006e3a36dbae0d0d8488ab63ae6085c34d5a6f72c3558c52b492294c157f67ce47c1c3b89498db9ff72f748485fedc04a881f1877f903cfa0df1c8be8e","ssdeep":"1536:PLFpwkiSucuVH8MBfaQQ979S17LMgRCSRjMbEjeb6Gt6UQ:PLbw1Sucu3Qw8gc3gk6Gt61","tlshash":"1f93618cbec6f06642636675413f900bb27a1a86745f89d0e12ed1e4bc7c98f413be6d","first_seen":"2023-04-06T20:58:39Z","last_seen":"2026-06-08T12:58:48.43561Z","times_seen":1467,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/lib/jquery-1.11.2.min.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /lib/jquery-1.11.2.min.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:41 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-1787e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96382,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6355f3cc28006e33bad2e765cde30e0d","sha1":"909cd6318d5047f3c8e83528253b256981394414","sha256":"39eed2d24faf4985b922b64d078f106edba6b3b84d5385e483a5c7bd69201da7","sha512":"b22d3868a7b311f82bb149f8afccee03c68dcd5e7152a061b8e18d97aef794b106dd1cc081d49f4d638193924ffa5885239cf67152fc339ff0cf3cd1d194d175","ssdeep":"1536:0Hg1kz+hAmcGmVFnlkFybx+amELolY+30k1dml+BQZX6YPnrCtn8JkDnlwMxVW2:0HDdc2F3c2G7mIW2","tlshash":"13930add76c2b06387a720b9506f550bf276599e280c4440f268e8fabc7ca49a137f7d","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.448514Z","times_seen":1827,"resource_available":true,"data":null}},"time_used":1415,"timings":{"blocked":513,"dns":1,"connect":179,"send":0,"wait":361,"receive":3,"ssl":355},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-206d39cc.ca6a7c12.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-206d39cc.ca6a7c12.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-25d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":605,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (605), with no line terminators","md5":"9859ac42814ba16915f4bbde321961d0","sha1":"6981964e0e7f875688afc8f3bc15607aad67c663","sha256":"7632b8d3825c45debf2fd39b10c62cbd2405f512e63d776bedfcd530ab2a0464","sha512":"659c8ee4eccfd3b98c54a9b721e9bf465190e8fcf2cfc8ac5cfbb66748fd7cd05dcb6ebe4b7ccb36fc9664da3db545df3d55fa5980ec2ec1a8967922ebf05cca","ssdeep":"","tlshash":"bff0dd36391d0029b42ff66ec4800af4813ce143a21b4aea3a0a7362af971da30586c5","first_seen":"2025-04-09T11:39:56.05907Z","last_seen":"2026-06-01T10:56:00.225873Z","times_seen":105,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-1b5a0ff6.73cdd133.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-1b5a0ff6.73cdd133.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-af1\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2801,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2801), with no line terminators","md5":"f20fcc67b5bcdbf76d1fcaf70e39cc94","sha1":"fc9dd05191827fd72e5de36cd3a1b6e4512fcc7f","sha256":"ed307e364c733c0e394bad53e71b12208a2d289df7ea3e06c520a546740d85b3","sha512":"c0e601058a9b08c3c566f0b78676591257246a010aca294414fc3399ca847af9a76821f627962773b95f5188226b4be8917b1c3d01431f3fbf94c68632bca4c0","ssdeep":"","tlshash":"cd51842c7192f4bd4e67b1a1452f7216e13a36451035e881f760cdd0a7e5c5f523ab3a","first_seen":"2025-07-19T12:02:29.488808Z","last_seen":"2026-06-01T10:56:00.199979Z","times_seen":68,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":112,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/lib/flexible.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /lib/flexible.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:41 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-409\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1033,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ff3955ccaab30b6705c564ec20327213","sha1":"b6a9a1cd9cd27a7791f43758a360dad129ed2802","sha256":"1a61c02df0ce591e74ffac300f6c2e2ab3614ec95a9bb2f8d29aa6a9ae099deb","sha512":"a9fc65c1298158177afdf10a06e723b893187150ee4f73bdb16b842d140bd0881d53da1a109fa051c0eb44a419ccf27afc072515f23a632d3bf64a69c7cbcd1b","ssdeep":"","tlshash":"631175315350b490a4f78e33320d955865304352cc378a60f320f198d5e203b27a2b8d","first_seen":"2024-01-12T03:26:58Z","last_seen":"2026-06-01T10:56:00.191485Z","times_seen":271,"resource_available":false,"data":null}},"time_used":1231,"timings":{"blocked":519,"dns":1,"connect":174,"send":0,"wait":180,"receive":0,"ssl":352},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-20aa535d.40bcfaf4.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-20aa535d.40bcfaf4.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-b74\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2932,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2856), with no line terminators","md5":"888b5de99e3cef6cebc5c2f13b53916d","sha1":"3621f5bed8bbee870a00f73057677428c59fdc86","sha256":"d72e761bb6039b8abff19aed95c65c5e451db014e5be6176eaafd65e210fad68","sha512":"80f6ae27245bd18aa699e6118637c70e8d71934718bc5066bf173ff66ec0651f23041c48b613bf246f0a3a903f9d503f1dea8a83e18f648e2195dec35cc45314","ssdeep":"","tlshash":"5e516658b003d1aaacaf9027e51d3630d0757bfad012d083e3b4cd805a58df9271faa4","first_seen":"2025-06-30T02:18:00.917868Z","last_seen":"2026-06-01T10:56:00.23347Z","times_seen":80,"resource_available":false,"data":null}},"time_used":3064,"timings":{"blocked":2890,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/6f9a6a03121b4ab3a89f08d5e0fe2719_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/6f9a6a03121b4ab3a89f08d5e0fe2719_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 93950\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:43:57 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93950,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1350 x 675, 8-bit colormap, non-interlaced","md5":"ae74254d8c73303921ccaaa1dee1e038","sha1":"b18630fc532cdf39e92ee28dc195261809d5d703","sha256":"3d0dd9f19f0f42617cb605e5335a4a6ff9c5c40c39f0b202ac3c6fea021d4131","sha512":"85e62544659c56b031732949fda962f199e7562c27d6dffe0ad887a8f6af931db97d91b225100359675f082d6765f8885e483711fc4b0476dd866076a8c923ba","ssdeep":"1536:zEEtfkFCO3y0VNS/+4cUMsEeLNzF8qytXXEDuUFFx30aw1:zR5k/jV8/PmqytX6JFxu","tlshash":"079302b36c4d7b884617d40c3d2cea0f8576f9e28a59c0e9be614ad89d9fb0423f3516","first_seen":"2026-02-23T12:38:22.207153Z","last_seen":"2026-02-23T12:54:01.584996Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1181,"timings":{"blocked":821,"dns":0,"connect":0,"send":0,"wait":178,"receive":182,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/6bb934bfa30e4b0b824999e3152c850c_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/6bb934bfa30e4b0b824999e3152c850c_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 138260\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:44:41 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":138260,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 576, 8-bit/color RGBA, non-interlaced","md5":"59f54a03e524242aa542d4f799a98b8c","sha1":"1786edf273ef64945381b91536fd1326bc6e8e4c","sha256":"7ab0ae0d11ecb34475feeac518a11bb0ebb690288e34e6b9c96d55c97a04f493","sha512":"cc47d0bb686918c5e70de4f85033062ee030531bfec3d6b8ee0bcac6294e67eca37375a5bfb7f4b25d179836cfdc8331bb42f24fc586e2da5b7b13fab53c4741","ssdeep":"3072:acR52pSXiIURlrbf10yRl0fsYWas1fDrdcCF:aNSSIURlrbf10ysUZVnF","tlshash":"28d3010ef0f3e6edcfe80ab85301a8b11b761853e713961950f57492a60a5bced5ccad","first_seen":"2026-02-23T12:38:22.208214Z","last_seen":"2026-02-23T12:54:01.586015Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1351,"timings":{"blocked":1143,"dns":0,"connect":0,"send":0,"wait":177,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/01/6234e335a9e24695a0e91c4750794d14_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.813Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/01/6234e335a9e24695a0e91c4750794d14_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 121591\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 01 Feb 2026 01:01:32 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3840 x 758, 8-bit/color RGBA, non-interlaced","md5":"64ee790dd73bcc39fb440d7cf546d7ea","sha1":"fcb0a49c2fc32a15187f455cf4a83e0c56a33f22","sha256":"7cda41a0ec7d2c29f78ebd8996ff75592b54d6b2e37c1a2f5996628328edad68","sha512":"9380a31da91179edc14b7b8124c1f9406ce2ac0dda11d468010a971975be3acfb37e08352615fe69aa32d188ebe9cd079779e0fde5e13584847e7096519139ef","ssdeep":"3072:+BNIta6tnFJ7DuR5ZHCpfl79OKzjEPxkmp6ZQK1lV:MT6tnFJDuNHCh3OcE/dElV","tlshash":"18c3022ba66fd6c0cd0e94b1ff294e7177acce2e403493362bbae438de975402464716","first_seen":"2026-02-23T12:38:22.209431Z","last_seen":"2026-02-23T12:54:01.445098Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1003,"timings":{"blocked":638,"dns":0,"connect":0,"send":0,"wait":177,"receive":188,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d90c97c.170827b8.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d90c97c.170827b8.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-804\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2052,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2052), with no line terminators","md5":"38ff190d07bd2005e8eeed02e73e4202","sha1":"79e52f2f3e35d773b345238b68ee2813c2854e3e","sha256":"f8a1abb5115294689f2b203f819c2357aadd5e88027c261398eae26d4eac2118","sha512":"c13ec5283526197997540236a214eee9e4ef2cf7f8c99f8d84c09f0d956a35b29f524e39092671f0827ce88c9af414728f2a968383affbe6d544cffb3a3dcab9","ssdeep":"","tlshash":"77413468b096f17d9c32840a245e3230e15e1ff45920edc1f2b8cc97d2bae9d072e69c","first_seen":"2024-09-19T21:03:31.183439Z","last_seen":"2026-06-01T10:56:00.210457Z","times_seen":109,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:40 GMT\r\nContent-Type: text/html\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-3c39\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15417,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (11857)","md5":"e391d8de43bdc115e55532c3caa70655","sha1":"6201122b8e10dd2fce30b6aab0252e1394d02bed","sha256":"980196c32e203478cb5394dfc9d44143a6eadf71a71704cacbb335b537c53373","sha512":"802c8881d3a031a16f2c2c8ca221d56e09abdffc5d38d7ca654a5563627219f4e0ba76db511cd607a9e45b8717c1ea2bba7cc04ba2b0536b29b6508856a9205f","ssdeep":"384:d1J0CLlqU4TZh4p3Jsr4z21PLMEE4AJI7QntyztM4KaZ0W1nL:d1yWgCaRJkJI0ntyztM4KaZ0W1nL","tlshash":"eb626469d20009edf592ce8f5a75bb6994e77c773931e484f26d884bcf18fc4162608b","first_seen":"2026-01-27T15:16:56.77774Z","last_seen":"2026-02-23T12:54:01.558846Z","times_seen":19,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/icons/ic_notice.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/icons/ic_notice.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 402\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-192\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":402,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced","md5":"abb53fe2e63bc5822dd24dee0403af75","sha1":"c8fa28643c580911924cfb5b4cf52386dcd8d1cf","sha256":"e380df313a08bbd6143377dcf272191cedba3d76a34e345b77f5935ad6481d94","sha512":"1d8f659b09f0dab32ceda5f7f5c1922b2d3c35ecbc0b7af5dcfa3138ac1fcb789e183ed601f60313bb5b91945eaeb5d164d4b6788def7d204d36710ac2463206","ssdeep":"","tlshash":"6ae08185f5238970efe6313e3c06290cc871a89c3a2482bc288e342c7a0740c47e0921","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.260386Z","times_seen":57,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":46,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/01/f028885416444b198b9faef9301b8e8d_.svg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/01/f028885416444b198b9faef9301b8e8d_.svg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/svg+xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 01 Feb 2026 00:59:46 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2301,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c2fba61fd637e254f0c63718a5f53f5b","sha1":"c6fcdb84e5be1a107ed94e73725c6350278a5003","sha256":"94a00309e52a789030d6aedc043571fa5c0e2c63e0804aeacd316c07e81d88b4","sha512":"362f43091de807c0f155da19b5a0822b106e6078f66ae0adf16650d5ee39dabfc8f69de0931ff04155a75128f03eb637e97d1ed3c0755d03b51c74574fa70daa","ssdeep":"","tlshash":"aa410fa6e951bd7c590b8b90d2795aa43b0fa09c7783839c427ec370ec96dd8c0288dd","first_seen":"2026-02-23T12:38:22.212686Z","last_seen":"2026-02-23T12:54:01.511175Z","times_seen":2,"resource_available":false,"data":null}},"time_used":495,"timings":{"blocked":317,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/01/303ea33860d34049bdb2d5c762f1d2f6_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/01/303ea33860d34049bdb2d5c762f1d2f6_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 14702\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 01 Feb 2026 00:55:53 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14702,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 800 x 224, 8-bit/color RGBA, non-interlaced","md5":"fa525fa3e71567ef613f01128c6c7201","sha1":"5d5676443316ae85d5ac79859dc0e37f1cf78c7b","sha256":"3821bd0d75571ff9dbc0069b6aa09fa17c9db0f9538fb11f732f1726a8f5214b","sha512":"b754b4193ee57ac2ba49f25f6413549aec8a8c244ed3c99ad1b1507bc476eef12504359aa63eadb2a7b7c38fb16ab2903cc3c24222694623e66167dc29e1d720","ssdeep":"384:vTn5jZxmCWk71MfLry8/DJwTp9TSu0IMKAd:7PxmCPBeLp0porIMt","tlshash":"2562af42be568cc58495be779eeb01262c73e2f08750cb0aed7a1d575471ee5ce0c3a0","first_seen":"2026-02-23T12:38:22.213711Z","last_seen":"2026-02-23T12:54:01.413834Z","times_seen":2,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":385,"dns":0,"connect":0,"send":0,"wait":178,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d0e923e.8d2e366b.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.423Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d0e923e.8d2e366b.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-e4a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3658,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3488), with no line terminators","md5":"5cd88b23fc8f2931b4b8f4d7174fbe3f","sha1":"71e4990884653e12960999e9885d034b71a403d9","sha256":"20469603c96e56a4fe21c108bbc580962e51abd5920005f3e6cc12c0a77e96d6","sha512":"c3dd8dc3202c3fccd5cbb47a83a41b4164972fa459485b44483ebaf748a1a7722a855165d9ace5a417bcf5026ccd7cd7b7b376b7c575857da45d6e8adbed082f","ssdeep":"","tlshash":"6271c79688d3ff9cec266054104f316850313a8b6916e2e8f37855f2d7aab69070f72d","first_seen":"2024-04-28T18:22:38Z","last_seen":"2026-06-01T10:56:00.259299Z","times_seen":123,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/app.09610774.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/app.09610774.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:40 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-10f83c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1112124,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (52579), with no line terminators","md5":"a0edf816acdfbf48cbb54aeef381e57a","sha1":"8c3dee285f14188f7f85bd53bce5306cf4078483","sha256":"f307c0a922e298d152daf11f954632f77bf24a690f3914db3af430a907064877","sha512":"98be7c38da62e5bb1b0a666cac742df58c3b9ed71f104aac0dfc8de2f92e782593b5dbe03903754db29910ebbfd5981ce2acfc74380738350863bb16a7427c43","ssdeep":"12288:m7Fs6wQZIflEQrEf4oYZq2C2xp2GFsA2A45tsoEk0zgPAiB2oaQ/XRLoW78ZusIF:sqMR5TgrxBw","tlshash":"51452a8922cae7f44e95b1f411093774d12b8efae28dd59f0b76d0d436eeab4401bc98","first_seen":"2026-02-23T12:38:22.215441Z","last_seen":"2026-02-23T12:38:22.215441Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1044,"timings":{"blocked":153,"dns":0,"connect":0,"send":0,"wait":357,"receive":534,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/axios/0.19.0-beta.1/axios.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 4213\r\ncf-ray: 9d26c6a0af730731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03d6a-3546\"\r\nlast-modified: Mon, 04 May 2020 16:06:02 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1074760\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=yK8%2FhzXyXXEJWSVEBPiX%2B8O8pZzYTT6%2FwCd2wQumgJr4iYefB0L5EJyWa%2FYbpQ3szhjHAkHF%2F1uPNRG7BWdnb%2BoWVFTf3lWvDwOMf8rX4EspvDjHRyrn8O08BF50wahUTt6HYRmg\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13638,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10313)","md5":"334149adf44476f28bfbf16c7b0382c2","sha1":"ad2ea246ebb53ed655ab50d44b33d4d6f942387d","sha256":"6d2c0a450a04b5d1492f77d7e512fe6af26e95c2feac596825f45e71b9ffa4d6","sha512":"0f9d66a68e400a2499cc1dbd79331892e9e62e278d8b4784e354b7a281c91fcc1401eedb0857ff6911d842ea853d39081b459fbdc0e30d927ee93b5ba1ecdbea","ssdeep":"384:hpI8XyWPbWeAExXqgxH7RqzGbcQdVzxbUm6HwT9eei:LbXdyGbcczx/6QT9e1","tlshash":"f25285ce7861b0a757e320f0805f4a0fb2b6552a754d84a0f660e9f66db542e8733f5c","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.423279Z","times_seen":1179,"resource_available":true,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":47,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/js-cookie/2.2.1/js.cookie.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 1299\r\ncf-ray: 9d26c6a08f1d0731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec5-f2b\"\r\nlast-modified: Mon, 04 May 2020 16:11:49 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 970201\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=lNtsv6crVtZq1u8iFppAExMIO4uLf%2ByaDJ2deJG7TmGpewmA2YrJQHgkCbC5KGoHyzfi6Jl0XJ2NZyCSstvncJuyj1SRl%2F1NAP4A5B%2FbG%2FpE1wbNC0b9L484ObDJfFZrBIV9XqDg\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3883,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"fa93e8894edb6245ab03883633b12b6e","sha1":"e3ba4c7d1a8876090756fd31715b4f6af6fd649e","sha256":"3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15","sha512":"263612833aa8f4ad08798184b25311604f1a3bdb6aecacb71103661159007ba0a9d7803094930b3276f47e980492bdd8c49f208508ab88ebd9c0875166278621","ssdeep":"","tlshash":"0c8124b0bb8d35ab0e0e21145b1f60cd927ce43a085949f6ec9df1321468c2e977ad6e","first_seen":"2023-03-07T12:01:36Z","last_seen":"2026-06-08T12:58:48.428004Z","times_seen":3338,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.1/swiper-bundle.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/Swiper/8.3.1/swiper-bundle.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 4219\r\ncf-ray: 9d26c6a09f450731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"62ceb414-107b\"\r\nlast-modified: Wed, 13 Jul 2022 12:01:24 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 722297\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=%2F0iTGRQq%2BkENrHdjx6OwC%2FAUCoVZPcVTfHOa2dlewvOIYfjuLX8SB4QVFNI5t9eLhlXXryr%2F7ssKdsm2gMYensBX2vjIhhCfAmuUGDC8ejJqOoe%2FBqaYCNA7mpK%2FxR6EN%2B1x4vDu\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19297,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (2240)","md5":"dc42cb727908d66cfc974a6f55cd237f","sha1":"18a5e51a20f48241f660c87214ca0d38c662fa63","sha256":"de3aa2bd1edb484896d8b84bb8aed72f913eb094961ee10277fd908158cbed00","sha512":"e531910a5de13e8aadaee84efa6b9b4eec921ce7dc101bf221f8961e808af300cb99fe82d54ef7394a0d094e99bf24fff2f7c27216b520d0c8a3c75a6c39908f","ssdeep":"192:XbaCmUJbiKnectoOJ4PQ6UpqWaJxYG6OdbG68FWPLF9FFDE4bRswwMclce7se6tS:XOUbecnOPjUpTlGrGATF9FFE4b2xlh","tlshash":"bb82029853b01c1326274e7a1a728774ebb854810b4bdd79e2c06d48dff99fc631f2a5","first_seen":"2023-07-11T11:12:19Z","last_seen":"2026-06-01T10:56:00.224732Z","times_seen":149,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-23cea0af.f88be9a7.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-23cea0af.f88be9a7.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-95\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":149,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"8ff02eb123d7e9cc01a6e0a37a8e2421","sha1":"4f866a4cac5ea6d9c9b22a96aab46df2b1c76e17","sha256":"ce59cda2443069f2e9f0decfb33419d36a8a8c8066485b0dc283995ead3d5d4d","sha512":"de173bf58d2cb5837df3ad16d08ff842c87a0d05b365913da27d3b90409ef3b99b69128264d7849deaca9719c8b42f731af90a6e1d8e462c4943ac98d26651a7","ssdeep":"","tlshash":"07c02b03761a2026017f88fd217445c239dcaea3ddd1c1e058b3c4001c83a76370f12c","first_seen":"2024-04-28T18:22:38Z","last_seen":"2026-06-01T10:56:00.222673Z","times_seen":127,"resource_available":false,"data":null}},"time_used":950,"timings":{"blocked":415,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":358},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/99ff1e45841745d08248d0983a334f5c_.jpg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/99ff1e45841745d08248d0983a334f5c_.jpg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 75500\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:44:22 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75500,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 976x549, components 3","md5":"7574e86df1765d5b54952228e7205ad4","sha1":"32c650acdda527b13876fc39bfb95be2b068d4e0","sha256":"68fe1873638965a469b9f843930943dc3c2edb80563ae81d39c59672f79ceef9","sha512":"5b6182574ce7bea126b975ea35214814620491c698541852e2c5eb346305875452c5e681b39e8e336bfecd4034fd70c613d0c33db1f0ecf4eb31621924759c60","ssdeep":"1536:cKCGC6rggDz3do9PL1hTY20Gsh2dscq9Esj1Db3JbkG+wYBItD+JIeY:cn6rz3ds1hc2cb3Jg6YBIwIeY","tlshash":"3c73128d95b1e2d1801472bbdbf45639e5617cb5f940ccdb404d550e81e6be2bc3b82b","first_seen":"2026-02-23T12:38:22.218935Z","last_seen":"2026-02-23T12:54:01.620374Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1354,"timings":{"blocked":993,"dns":0,"connect":0,"send":0,"wait":183,"receive":178,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api/common/dict/allMap","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"POST /api/common/dict/allMap HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: null\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: https://gorevmerkezi.it.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://gorevmerkezi.it.com\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13207,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"79d2ae547bcde4e06fea1c0031b8b868","sha1":"f2505ff259ed830a1a7b35187d77014029bfbcd9","sha256":"4f1542a1c4eeead67c8339f126d22368cb5fa88aadd1490a43b9910f9fef9500","sha512":"8ea714e8788c302222fe38a919212f8e09edf6e9875cb779c438d70e361e08f1e1e4965429a82f830cd65298ef2743eb9e4d05083a35482f43aeca605d386b5c","ssdeep":"384:awc6HuhJN30REHyMWILQd4MEjQTSOnzEobvB49hLmo6i0iibOfOQPA7:aAJ+jgSP9Eorzq","tlshash":"4c523e8d6743a9f99c0ffc90d3eca4ac547e3f771e4dc2445d91a44431b0082ae2abae","first_seen":"2026-02-23T12:38:22.220006Z","last_seen":"2026-02-23T12:54:01.592838Z","times_seen":2,"resource_available":false,"data":null}},"time_used":334,"timings":{"blocked":60,"dns":0,"connect":176,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-7fa7af0e.ed1730e0.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-7fa7af0e.ed1730e0.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-af2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2802,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2802), with no line terminators","md5":"65777255c3090272e9fab78125aa99a5","sha1":"3f42ce9c251872515f26fc706d523518800f17e3","sha256":"ad5ecbf7349b2352cb01a3a3c8c928a0d469951ffc4ad485aa1bf62274e71aa8","sha512":"0478ec523a4888034e8840b209bfddc614f40eb8594523d7bd3e22075bdc49229a8cd9589498a27ebf48ecdf55dd38576a0fc66d208ffac76a103f6cdbbccd99","ssdeep":"","tlshash":"1051ee376214330ce427e91847dc0bae0229c22be11327ed1f626675cbd7b5e1abd19e","first_seen":"2024-04-28T18:22:37Z","last_seen":"2026-06-01T10:56:00.199073Z","times_seen":270,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/tabbar/orders.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/tabbar/orders.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 906\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-38a\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":906,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 45, 8-bit/color RGBA, non-interlaced","md5":"7158cc1ea0a5361d7da036a4ae236e7b","sha1":"f8b1761e2ae0d975005dfc59e0d8be65f2444ca3","sha256":"940f1ac824ebe17c2c94051bcece498bc54564c3fcd9a0a47c77184cd96f08b4","sha512":"237c5cdfafa2b358d9cb1ceb1ae6c4aa6229a3bd345172f38d5780a8231c1c6951ee08cba7ae002c643b1fe6687f4292d4333efdbaa7b750c4a7cc60c6a835b4","ssdeep":"","tlshash":"371163ce6379e8aca68c5b3c74cc053fdd72517e60ceb108a8105368ec7a745414a2e2","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.213968Z","times_seen":90,"resource_available":false,"data":null}},"time_used":552,"timings":{"blocked":379,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/e7ac3f5fcac8488f9ffca5592e6a0c16_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/e7ac3f5fcac8488f9ffca5592e6a0c16_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 31287\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:44:29 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31287,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 950 x 450, 8-bit/color RGBA, non-interlaced","md5":"b0c31d9491466d321abf71e7140c081c","sha1":"ccf7a946c2aa041ce86c9b08bf8f2b29fba7cf65","sha256":"5e4deca4e9d56f27a391e464373913261ccfc7ea9e19d3c95c6dc68ea91bb7f6","sha512":"aee92618943c2feb2f89f4b1e9ef2fd4ef489bf65f755a696710bf58dc009dd20bb78fb5bdc4cc46a7ab2827455f86ff9ffd1accd51bde5aff998b13c882200a","ssdeep":"768:a5JRXYqXCzUjdKM3ZABtg0BbXMOFl28kAVA6lt:kRXYpIjdKM3ZADgE4/Av","tlshash":"c5e2af4d098a28fcb87d72c9e0326fbd79a2515b30fa0e38a31c48d46d2796d2119fcd","first_seen":"2026-02-23T12:38:22.222158Z","last_seen":"2026-02-23T12:54:01.433524Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1179,"timings":{"blocked":996,"dns":0,"connect":0,"send":0,"wait":180,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/8716442acc094a4396bdc1e3e42bf202_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/8716442acc094a4396bdc1e3e42bf202_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 92900\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:45:18 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":92900,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2880 x 1767, 8-bit colormap, non-interlaced","md5":"edad559f4c2222b089be54d04e4274e4","sha1":"a0a1b63d69ebcc5e4d177e1d78eec4bbebe6c3c0","sha256":"1d14c0853d21217ffe182db8a8cb45b49140ac842a15b94b768a33fe6f414850","sha512":"de680017c44d2670d72fda4348c0391cceaa77e605a3b548dd19eba67a432aecc26112f97146b337f82514d330e1f7c7bc2ae0aef61c3baa373895b3e02b41ac","ssdeep":"1536:rBkYx17dnD6qPRJenQxXC/zvJZQgMwv8uYMU7I88FKkaz:rBvT75bZJe6XCL8gTU/MU988kaz","tlshash":"db93026c1a3627e3627a01f9e28ab66714b3bec47d73ab03e4e893c485c90447d65727","first_seen":"2026-02-23T12:38:22.223177Z","last_seen":"2026-02-23T12:54:01.453415Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1901,"timings":{"blocked":1705,"dns":0,"connect":0,"send":0,"wait":179,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/390ec022fbb441f6aaa9b5e4a398301e_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/390ec022fbb441f6aaa9b5e4a398301e_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 675068\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:46:47 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":675068,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 799 x 491, 8-bit/color RGB, non-interlaced","md5":"dcfbbf0b7c9efd40467ca3ec9c230323","sha1":"3ff92075d67a417c4046564b9e30f6196f199845","sha256":"b32a02e6504ec527761615e9de7582348be3ee7e9ea5a6795c673178e21e5bdc","sha512":"d0ecec14b2a5fd01b71c8c7efafc62b86e9204605a15379d92dfd82c179d5fbfe2de0dda5ff25368e98922c08282fdc3ac70cd0aee2e50745947b5d51ea2ff2b","ssdeep":"12288:02SI2WMQ3HGLsN/cvmydRaVwgmfY1kL0/23NGvW/NZ:02VMMustqDzaV1k4uEvcZ","tlshash":"58e42332d0cd4cbb56f738539360959f17052165a0ce456d0e9bb8caaf1acec1c5ebac","first_seen":"2026-02-23T12:38:22.224094Z","last_seen":"2026-02-23T12:54:01.412196Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2161,"timings":{"blocked":1734,"dns":0,"connect":0,"send":0,"wait":183,"receive":244,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/01/5b05308261e24c93897773a14223d8db_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/01/5b05308261e24c93897773a14223d8db_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 29975\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 01 Feb 2026 00:56:39 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29975,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 132, 8-bit/color RGBA, non-interlaced","md5":"30e83fa773505309eec2051f909a01dc","sha1":"81151451bbf30d7d076520e98c84bdb8df158008","sha256":"2331eb9fb215e6e573244ee03b86ecc80fe50836c829f8190a73cdf917d0dc3d","sha512":"0d001aa397667ccb6edad98ca50b4cf7cc9c3a4ebe06d16fcdde61ffaac0fb5dfeb19fbbc6c920a3f3dbb6c8a1f680b96e66857ff332b0f103f8a58aee3d59ee","ssdeep":"768:pAY6VOEU8wA/HY3r9AABewOcgTRP3kcGQlwR:wXwAA3r9AABZOP1UNd","tlshash":"c1d2d0e3df246150163fbf810b563422f924095219a4fe967b5e28765f0cc66e93bd2c","first_seen":"2025-01-28T11:44:00.312809Z","last_seen":"2026-02-23T12:54:01.568821Z","times_seen":3,"resource_available":false,"data":null}},"time_used":732,"timings":{"blocked":553,"dns":0,"connect":0,"send":0,"wait":177,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d21d44a.9e3c7a52.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d21d44a.9e3c7a52.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-550\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1360,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1332), with no line terminators","md5":"063b1dce058d78683019c57d4b6de853","sha1":"cd62098b12168ff32db1afe785da0db3a3568e38","sha256":"58023a2e105bf911f131610a55750ba7386fc39096133d727635186a98a6127c","sha512":"9523fb7f681f7abe0b168b735a1b904076e6e1cdfe3e57dc02b71fc22e1603445365362148588704b92dacf0d7670b64d862cdec5943502cf419cfcaa60ad03f","ssdeep":"","tlshash":"cd210f54f087d28dac7f8001a59e3234f0242fd84551a2c3abf8c56516d5cb90b0d75d","first_seen":"2025-04-09T11:39:56.010645Z","last_seen":"2026-06-01T10:56:00.198385Z","times_seen":110,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/cfg/202602/21/65155c00026044f8ba1abb02cf0a3d24_.svg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/cfg/202602/21/65155c00026044f8ba1abb02cf0a3d24_.svg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/svg+xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:41:45 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3853,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bb84aa82f69c09a4510e00ffc5870503","sha1":"871a1a397cfb7ab15738303b2a119a6b495b5fd6","sha256":"a74b5e3fe552613af384eb20dfc082cd1a9a0e035a417d6df1ce760b6fac3967","sha512":"d09b0f66b6280886165d0d88498911231e755c818b2f5894665eb9680487217cae3cac27f6c31b0cb597cbc2fc944753d6b732f0e6b3c1a23e26e82165005d0b","ssdeep":"","tlshash":"6681b31bd37908f8964e42f80fb9141a502e78bb62101e32bc9ec44adf42d417b387dd","first_seen":"2025-04-09T11:39:55.882707Z","last_seen":"2026-06-04T17:13:18.495827Z","times_seen":38,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":51,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-11dc054a.dc0dff3a.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.086Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-11dc054a.dc0dff3a.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-225\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":549,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (549), with no line terminators","md5":"543c20808701b85c34b0d28fd21db192","sha1":"daafd5e95b9657b6ca14c3481b43074dbeec6abd","sha256":"71c664f917edc7fa00c5aed7e33a9911bd8bb185cf72724db6fb464dd86c9927","sha512":"01768a531f71d3248377d09dae80481262a7a5d1e976d4b3c8839264eaedbab1c2d302280c2786bf3b8b45221a14092e6de16917204087913c120785dfb9a66d","ssdeep":"","tlshash":"b9f0ac36391d0025b02ff76ec45006f4813ce143a52b0ea63a0a33229a675da31996c5","first_seen":"2025-04-09T11:39:55.955972Z","last_seen":"2026-06-01T10:56:00.186142Z","times_seen":105,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-182e5dc3.defb634e.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-182e5dc3.defb634e.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-2e8a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11914,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11778), with no line terminators","md5":"eff859afb8a3df275b2d92e31472c68f","sha1":"fc245e439d856b97ff9c57e607ef2977fe61ed95","sha256":"1e109c80af9009e7cd9b560508daaa05a613fbf24ff62734e97e04a51db6572b","sha512":"a23f03ca3d27f47e8fd70c828f4d30f6ae5fc6d933fd825f9b6c900890cc58934c4d8ab92175f8ddd4a1686902140352553d54d4e15de811851d465f0abd0bb4","ssdeep":"96:hzOO/KhO/KPKaLmmxQKhMEOGpGjBMdvSNbB3wgsq/rIBNlujujDj7hlSPitAMLcg:hN1KhMdMGtUcw40zcj2P2VWHl3PgpliB","tlshash":"4e325509b8c7f166cc6aa021412f2535e17a7ec55422f141eb34cde0a6b9c792b2df9e","first_seen":"2026-01-27T15:16:56.813731Z","last_seen":"2026-04-14T15:55:46.960544Z","times_seen":25,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":47,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/icons/ic_withdraw.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/icons/ic_withdraw.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 1020\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-3fc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1020,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"70d1c13f7ac751ce09b753e3d955dcd9","sha1":"c968143931b9a22e7b6eb3f6a4bde6bf35f7154c","sha256":"6162c404f5ecd341bccec293364e418717a70e7bc69088f3539932283c9b9209","sha512":"120456706abe3cdee25d06462dcbfd3ae3c3b353b80f1c4c4ba0596e34ef19e7affed608afaa51a20c76f1382a9c78a3801de2cdc155c0870d6d6a5baa820610","ssdeep":"","tlshash":"9a110ce301519d22d95712fe8e340460b5472dd4031022c8bea39fe8eb14fe501c4339","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.205227Z","times_seen":90,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":150,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/92bad79110224c68b3137bf8b5796eaf_.webp","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/92bad79110224c68b3137bf8b5796eaf_.webp HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/webp\r\nContent-Length: 35740\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:43:50 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35740,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e3512a65eb0eb37eb14690b2a8d358bd","sha1":"6d27d48fbbf782a84c0511df359aa5268503866e","sha256":"c7e948fbe3912abb662acf4abfb6d47ffe9ec6d89318de050c559086e935d4ef","sha512":"761d27c74058e54b4309e525acc01d5c259bb1dd81153c055d10876f4d604fd5e0098061454b3ef172fe973af06981f6e064a43a34f03d27a75e99b20b153d05","ssdeep":"768:zqg0nUeJl+Ndn000YYMefdhaBcZnH+2plZP8naYXhyrVTgKE:8jGBhKzdhaBQeGlZknNXuT5E","tlshash":"5ff29d50ec0bfc3ac041e37a948f5af5cc226573f5ac1b9079e16b1274a03ab59a2f85","first_seen":"2026-02-23T12:38:22.229995Z","last_seen":"2026-02-23T12:54:01.492765Z","times_seen":2,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":134,"dns":0,"connect":0,"send":0,"wait":176,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/poster/2.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/poster/2.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 5419\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-152b\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5419,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 133 x 165, 8-bit/color RGBA, non-interlaced","md5":"bac31cf2fb3727165b214f503693b3c0","sha1":"1cdbf93b2035b930fe1dc631b90b150a2a3244d5","sha256":"d9032a8cc5ce594627f9e88a70b80240c75328fd397a5e0a29543ba2178d0ff2","sha512":"a5c5db9b1575e601d1f05e9ce576b566f5422d19fa1f96939c4606e3348e539636a4146de2317d5c1f15f591bf288bb2444e394449d76dba861313f165d79a1b","ssdeep":"96:ezDT8o3dpY+P+VCv2KgnsbdYVI1eDAOj+SoAEIrqQ6pjkWm2UCKvTpsRF9Yus:uM9VcgnsLcN53Eh5X7PK1sj9Yz","tlshash":"b5b17dc0278cb4f8fbd1eb3125b809d08951114a895bcaa61775830d5aad70753eb3a1","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-04-13T21:42:53.982531Z","times_seen":32,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":157,"dns":0,"connect":0,"send":0,"wait":174,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d0b33c0.76b45f33.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d0b33c0.76b45f33.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-8b3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2227,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2157), with no line terminators","md5":"4d28200dc1a96e8ea942110d0de11fb3","sha1":"329c8686545c332b8042152343ac66d849239635","sha256":"1fda28079b6bf3c9de5280daebaa102756fe7d38e6e21bccfa3f7249cca0b1dd","sha512":"8c563dc451a1a62df20936018a4b2ae1fd9d2cff06f9eb0c4c40937dbcb4a1bf632e4de6a81042b75c4e92171c9aa34fbddcab287ebfea77af37f7204e42fd7c","ssdeep":"","tlshash":"a541668db087c29e4d3e9442151e3335e13a6bcd9d2198c2e771c4856296c5b632ff6d","first_seen":"2024-04-28T18:22:38Z","last_seen":"2026-06-01T10:56:00.237367Z","times_seen":123,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":79,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/680cadfdc12e4fad8ba6255683ef46f0_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/680cadfdc12e4fad8ba6255683ef46f0_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 315660\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:47:34 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":315660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1476 x 870, 8-bit/color RGB, non-interlaced","md5":"648f265dd33d2b31cda7e3b70846f288","sha1":"dbbbe462f97c919507108f11ba6a053f521b22ae","sha256":"4064167497e7ac549a08fc3f93513489c815f66f7ae4063e1f70b55d818ce9a8","sha512":"6ddb4d048f33c72d60e2b28209e5d5790eb0edebf02fbb03be1820d19c45a33c64c9f7e14f57167621b1a577289c4f5c8482036f5d3ec567344d8821bf8c15a4","ssdeep":"6144:X3jkiZtgsCsWUeup0WD2k0t6B6mc7kyC1fzmU14xuRJbKkKTceXasYczs2:X3jkUVh6iKt6wt7hC56U14qJb+cAas5N","tlshash":"f6642382ecb04bd8c3dda769fd8687be274669cac1ed560e1117b2c125dce709c93389","first_seen":"2026-02-23T12:38:22.232313Z","last_seen":"2026-02-23T12:54:01.612259Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2537,"timings":{"blocked":2154,"dns":0,"connect":0,"send":0,"wait":192,"receive":191,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d0a35a2.c4556ea5.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d0a35a2.c4556ea5.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-4c8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1224,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1200), with no line terminators","md5":"65107d72da04c1cbca07ce7505dd52c9","sha1":"59f0aaf3238f3930dfeb8b72766c5c326a2173fb","sha256":"e5091d66e518dd0250dd6bf49ca20d18f926dc0d872419ade3ac72edb96746f9","sha512":"668adccd98e0602575b37f5d887dbd5be393853a6acb597f79fcc6fa31fbf434703707b9c328af41da6873378d98c26c234c71e0b058677f674bec95358f5d2f","ssdeep":"","tlshash":"74213514f053e9d4fc7f9445222c7334e062bec58946a1c1b9b8c69553c4c651b1e79d","first_seen":"2024-06-11T23:26:01Z","last_seen":"2026-06-01T10:56:00.234251Z","times_seen":259,"resource_available":false,"data":null}},"time_used":2590,"timings":{"blocked":2417,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-f438de52.b3979a8f.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-f438de52.b3979a8f.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-26b4\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9908,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (9828), with no line terminators","md5":"5f3e3b3cbd0913dbe7a4059ba0b393b5","sha1":"0b3e152c57fb42963b1c4203ef3b660bd058dc9e","sha256":"b616c4e67a7ede46fd307a729f5770f2f7d90186720efd9c939e50a4d76006e1","sha512":"66296a292165096d152a5bfb42bbc36d6639cd205737583c263017e2f4683d22384bdd3459b9d08b39107e1f0c55570025e29dc4dc2217bfb1cb8acbb0adea78","ssdeep":"192:KoTYBNJHelxkoOt96Fbq/7bTIqNLq74GM1ql44kNWOwQ:KoTc/hb0bnWqxkUO/","tlshash":"3112948db2c7f15987676221d11f101af23a5999f409c085f328d9e1b8f486aa72ff7c","first_seen":"2024-06-22T16:59:38Z","last_seen":"2026-06-01T10:56:00.256356Z","times_seen":115,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-11dc054a.b4f2d272.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-11dc054a.b4f2d272.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-5a10\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23056,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22760), with no line terminators","md5":"ed50c6d644b682e17968288255bf7440","sha1":"e9a3328cd426b48be0900355e5228c4c94452709","sha256":"47b447d821f058f7fe0b1f222b77124d1edf46c0ed804cc148ee8d7fd041f9f2","sha512":"07b44194568d52c8cc3399f6367021333636fda2c1de5e0f8f1d99576d36a9b8ad009f219c293c0cf117e256f2f5071f0aa30fd8e5c8efb1e0f904f6a6b86d8c","ssdeep":"384:GTOSwD92BtWlp+zp6iTu8xM0qP+oqA5rYGJm:GiPE18Su8xMio5Q","tlshash":"dfa2b648b1c3f16e8a7b9521811f1929e2396ac9e415d045fa3cc4d0b9a4c6d2b2fffd","first_seen":"2025-04-09T11:39:55.960728Z","last_seen":"2026-06-01T10:56:00.258085Z","times_seen":104,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":89,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-23T12:37:39.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:40 GMT\r\nContent-Type: text/html\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-3c39\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}],"data":{"size":15417,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (11857)","md5":"e391d8de43bdc115e55532c3caa70655","sha1":"6201122b8e10dd2fce30b6aab0252e1394d02bed","sha256":"980196c32e203478cb5394dfc9d44143a6eadf71a71704cacbb335b537c53373","sha512":"802c8881d3a031a16f2c2c8ca221d56e09abdffc5d38d7ca654a5563627219f4e0ba76db511cd607a9e45b8717c1ea2bba7cc04ba2b0536b29b6508856a9205f","ssdeep":"384:d1J0CLlqU4TZh4p3Jsr4z21PLMEE4AJI7QntyztM4KaZ0W1nL:d1yWgCaRJkJI0ntyztM4KaZ0W1nL","tlshash":"eb626469d20009edf592ce8f5a75bb6994e77c773931e484f26d884bcf18fc4162608b","first_seen":"2026-01-27T15:16:56.77774Z","last_seen":"2026-02-23T12:54:01.558846Z","times_seen":19,"resource_available":false,"data":null}},"time_used":1312,"timings":{"blocked":569,"dns":46,"connect":172,"send":0,"wait":174,"receive":0,"ssl":349},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/Swiper/8.3.1/swiper-bundle.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/Swiper/8.3.1/swiper-bundle.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 34443\r\ncf-ray: 9d26c6a0af6a0731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"62ceb414-868b\"\r\nlast-modified: Wed, 13 Jul 2022 12:01:24 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 720135\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=PuWPhs%2FaP%2Bl09Yz2eFCB5U%2FKwXV5Kh2HqKlrLFshypjnCv3CZRGlNTYkLuUxQn850GC1RhhdecOBKlH9YRtiwJTztjui3CzMuGjmkMRpDGfrTKF36Z1KZnPsvalJ%2BSwyBX0m8qX6\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":143070,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65283)","md5":"38ef180eaf570243775427085e2ea834","sha1":"e0d97d1c702c90dbb22a6294b3c1e4126ba1662a","sha256":"b624e1e378abe009ef0de69a698b0a3e734af47efcdbd6816d5fcb8fc64c8bfe","sha512":"9da1101bbe0870e2d0e8afc1d4f9a121c6788b7604d855ecdb39bad37135437b216eba27f8f9982e0e38feafb1032983fd1bec919d87f25d506bb239a842e5ae","ssdeep":"3072:NJvgjudkXhYnafpoy9v8cIWyUaV4y+oGeJhyEfrNK/MxF:NJvgidkXhYnafpl9v8cIWybV4y+oGMAQ","tlshash":"c0e3f8896360b1a552e3268b93a9c611e3b51400b409c4e871bd4c9b6d7ed9813ffffe","first_seen":"2023-03-07T01:27:55Z","last_seen":"2026-06-07T07:45:16.076416Z","times_seen":465,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/favicon.ico","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T12:34:25.437902Z","times_seen":16239334,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-4acb87b4.1b8f641d.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-4acb87b4.1b8f641d.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-6e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":110,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"63a91d823ad0600516e8142070f73022","sha1":"3b0cab14963a46b974598c88d60091229973a527","sha256":"1c3f2cd35e863cff9028dc65811b7e2eed91c9780bf887d7ecb29ebc6bcf5565","sha512":"deb695cd0e1585216a1bfbb391af8b561d3019893fa06b2e833a36a002ccc0d1f1b59e6a10ba2fdacec64f38bdc3fff79224335606f53491f9ab6ff9290417ff","ssdeep":"","tlshash":"6cb01200bc0c0c0d0ee3d3482064da871410ab13c980339f3da1c9308f03170b403c89","first_seen":"2024-04-28T18:22:37Z","last_seen":"2026-06-01T10:56:00.236614Z","times_seen":265,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":143,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-e19f796e.ec38c8ad.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-e19f796e.ec38c8ad.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-94\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":148,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"da5010df73283833c99259d2eed74202","sha1":"6dcf2fd4855c6ced3c3347bb87b782f709c4b966","sha256":"3a0957b91a0b8b9a578dfc7baacd10641eb25c7e8aefb040f8328b188e9509c4","sha512":"b5e28ceca999033b239829e616eb968fbd88cbba0713236212ec94de9288c76c0ba4986b32409261bc49c74156fc654bb939b4b92ad0d1a76e2a3b2033d8a873","ssdeep":"","tlshash":"79c04c71180890bd9137c23000deb5841425f22fd3f354814c06ba2419c6340387d358","first_seen":"2025-07-19T12:02:29.432859Z","last_seen":"2026-06-01T10:56:00.22835Z","times_seen":68,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-f438de52.856cb3a1.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-f438de52.856cb3a1.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-9e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":158,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"5e1d6e64b7b23b2bf5b9a0995dd513b1","sha1":"a8d6d9ea89023003eaceabe2a49c41d12381b3a2","sha256":"79a9a3357587daada819296af7ff82d5518704362c3f9e0aabc927fe2cf25377","sha512":"ec6c3a70751b4e512340e86fda978d40d0d11a0a99b640513a40c32ac22afbd0c1c9ed2d91ba2c2682eb86ce7ac67f259bf334d1b4ec9ef1b14bf11d21f5abb8","ssdeep":"","tlshash":"c9c08cfd2e8c409f3e2688a608bf0a844125e29a82cd797c4aa35bfcdc2a73a1520454","first_seen":"2024-04-28T18:22:37Z","last_seen":"2026-06-01T10:56:00.205807Z","times_seen":127,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":9,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/tabbar/grab.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.193Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/tabbar/grab.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 2181\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-885\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2181,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"473a27c1195489a54d77717d2745ecc8","sha1":"afff5e5e9c8252bdcb0d620510d00d6ebf1ba7f0","sha256":"564dc8a0df824a34af42659eeee924adb20dd4a21cdc71d58ce8ec21abb3a7f7","sha512":"072ccb3e27e200e3363a4fa9d86d012f0f388b906bdf6835bfb09782e27a277900fd6f785d350db60c79ab0222dda7c2d2320fab57b7b41601558ea2a26fd789","ssdeep":"","tlshash":"66413cf380630c7ead1bf45da5814a0da5256cd81e3b903c95291d7ae04b2f0b8294cd","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.184529Z","times_seen":90,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":29,"dns":0,"connect":0,"send":0,"wait":177,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api/virtual/commission/list","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api/virtual/commission/list HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-08T12:58:48.451917Z","times_seen":5285,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":138,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-22e427f4.1e4bd738.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-22e427f4.1e4bd738.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-71ba\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29114,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28224), with no line terminators","md5":"5ed887ea3fb8f31ac17361aacec98c0e","sha1":"baffb478f2046565527418e90ebe2cb64dbee678","sha256":"a9913f1ccd699519bf65b9dbc7ff4860236342b87be414023107c18da5c9d87c","sha512":"296afc1b819c3121024ea6a404da3f91ba2176e2aa6677269bffd2b4c24d130f4bb7552b5eefc4955d06874f694e3fbced94b8d78212a0aaf3f1feb462d23f87","ssdeep":"384:Fjz/yR8Vj16EDwF6Ey5pATBPEVxj8/pO9fToSWSJPrs+aRRDTq3P6hxsURetvSZZ:FjTKCuUpoHstvSZxiwX","tlshash":"f9d2a5ccb1c7711a1cbb3062712f758db336b54c380ad19493a8d8e598ec9d89e27f94","first_seen":"2026-01-27T15:16:56.860764Z","last_seen":"2026-04-19T23:00:56.497969Z","times_seen":20,"resource_available":false,"data":null}},"time_used":3080,"timings":{"blocked":2901,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/box/bj.mp3","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:41.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/box/bj.mp3 HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 206 Partial Content\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:41 GMT\r\nContent-Type: text/html\r\nContent-Length: 15417\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: \"697e4ab7-3c39\"\r\nContent-Range: bytes 0-15416/15417\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vue.js:2.6.10","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"SockJS:1.3.0","description":"SockJS is a browser JavaScript library that provides a WebSocket-like object.","website":"https://sockjs.org","common_platform_enumeration":"","icon":"SockJS.png","categories":["Web frameworks","JavaScript libraries"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery:1.11.2","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":15417,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (11857)","md5":"e391d8de43bdc115e55532c3caa70655","sha1":"6201122b8e10dd2fce30b6aab0252e1394d02bed","sha256":"980196c32e203478cb5394dfc9d44143a6eadf71a71704cacbb335b537c53373","sha512":"802c8881d3a031a16f2c2c8ca221d56e09abdffc5d38d7ca654a5563627219f4e0ba76db511cd607a9e45b8717c1ea2bba7cc04ba2b0536b29b6508856a9205f","ssdeep":"384:d1J0CLlqU4TZh4p3Jsr4z21PLMEE4AJI7QntyztM4KaZ0W1nL:d1yWgCaRJkJI0ntyztM4KaZ0W1nL","tlshash":"eb626469d20009edf592ce8f5a75bb6994e77c773931e484f26d884bcf18fc4162608b","first_seen":"2026-01-27T15:16:56.77774Z","last_seen":"2026-02-23T12:54:01.558846Z","times_seen":19,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/tabbar/home-sel.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/tabbar/home-sel.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 884\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-374\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":884,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 46, 8-bit/color RGBA, non-interlaced","md5":"d59d49d76d7ff3107fc82e2d48b06216","sha1":"2bfec006bc3a8a7c65ca34d3c3e92df5d488d1a9","sha256":"9572873a018cf0366633a07c9ec33192ad6180751c8f1c7396ae734f7ca46af4","sha512":"dab4a0283652f7b58bb2c082c5f30233b13f052e5aff041f44c10b092e68e94c4af73b0e1d31804fb9c1c77d2a7108910907bc1d0474e9072790af4a0b4bd04e","ssdeep":"","tlshash":"f611b3437b233c270ee2c1b3141510c46a63b232c1a6a5380554000ac1e70e0ebdf1ab","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.220272Z","times_seen":90,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-1cbbb860.a57f141e.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-1cbbb860.a57f141e.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-166d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5741,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5419), with no line terminators","md5":"3a4c54ccf2f91c0f82848d2ddbec8961","sha1":"776d35e67a25b6d53cedd8c99228a7b53e693b5f","sha256":"ca99699952ee76b8244a575fd4397fe1bf2ca9424df1afb18ba6f461b5a29534","sha512":"637319aaaa6a3cba86ca7a50f5fe20f3af09cc695ee18db3ca039c22c65302fc8c883ddf35f4f007fb0dce7d26605f7e357ac22c1f5b48e0101fbddade9c055e","ssdeep":"96:uwh6S/u208GaSVN77UCQfYpxjfwByP2pAhqqtAeVf22I8rsl0uS0C0LDCS0zVr:u205aSVNKaFWyXIyu/LDCS4","tlshash":"5dc1e858f5e7a9ec1cb78281b03d7025a232f2249803e1c6e775c9de5ea7f14150fba5","first_seen":"2025-04-09T11:39:56.022377Z","last_seen":"2026-06-01T10:56:00.219569Z","times_seen":109,"resource_available":false,"data":null}},"time_used":492,"timings":{"blocked":318,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/53cd7c621a7f4590889a381c2e8751da_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/53cd7c621a7f4590889a381c2e8751da_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 1013014\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:46:21 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1013014,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1280 x 727, 8-bit/color RGB, non-interlaced","md5":"b5258e9c9b614c32c2c4b4fe43620525","sha1":"93f705db6a297ab7b3b6d0e8c147e144e246a0f7","sha256":"1ca7be170b8006dd831b4a56e8cce4ac59211081b6c51bed1b047b87a83496a0","sha512":"c77302f09e643f647953bd7d45004fde47722af0f5cc24b5ead605429bfa0112af545967542dd692aec10ba07b6033102eb71e29ceb3181241878b77cd1ecb10","ssdeep":"24576:46KBzW8QTRhZ+iik/XUKRyKPa79DSX2U96J3Cfq:46KBa9thZ5/E8ahWoCC","tlshash":"87252306cbd96f324f2b2d63c07c9f8785a82282a3f8497e1c5e7720d56ea9f5391714","first_seen":"2026-02-23T12:38:22.239664Z","last_seen":"2026-02-23T12:54:01.557063Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2125,"timings":{"blocked":1603,"dns":0,"connect":0,"send":0,"wait":177,"receive":345,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/poster/3.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/poster/3.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 6052\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-17a4\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6052,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 133 x 165, 8-bit/color RGBA, non-interlaced","md5":"b01d2666f021b0e46b2f3208f0fabf04","sha1":"6915859d9dfb608c31bd45424d487acf7fe7722f","sha256":"e764ff9afa5c6ddec2f8dd46e7e45bc2286b4873d10e9086d82c13a979fe528e","sha512":"697fd1eed07d4ff44eb55a27b7fb0ee1fcef4408474f377394c4f3ccfba92b21fa5ced4bd914687216bd652651ef4843ecabf7cc0a7b1b5e88e47887a8fffee7","ssdeep":"96:O+4VlGmiTjbv836FNzkoa0PCA1nFTcHWVmh61p0GUqOuw4k8wm6C+AMdjoaESjsE:Ols9jbv850nVcs1phUyPmCGdjo7ii+p9","tlshash":"b8c1bfc736cfc791fe5164eda81b8354b82a293001bbf0cc941b75491b33d154e86977","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-04-13T21:42:53.88171Z","times_seen":29,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":154,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/01/189f6e81591446c1a9f79239a4b0a1cd_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/01/189f6e81591446c1a9f79239a4b0a1cd_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 44154\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 01 Feb 2026 00:54:18 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44154,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2400 x 485, 8-bit/color RGBA, non-interlaced","md5":"47a2c8cfc375b6436e082500119711f7","sha1":"c0eab35a91f632a04e3231ac83ac07f5e8c4173c","sha256":"97a0da0eaf1bd1edde35bf62581e9e92018e62a7efd130d295ea3749273049bc","sha512":"cae1c179232d6e6fc51c1ebe415fb2ceb2822733dd0dcd5fa55157aff2efa03c49d380f8cc7a61ae1b22ab71ddec780655babb383b81954a7ce5e64e6da5013b","ssdeep":"768:vF+PFutFgygduKRj8QhDSBQosDDzoQSmZtsUY20OcpFsWjnxlcTkLq/:vFeM/ud7Rj7hbDD8QSWY20OcpFbzhq/","tlshash":"3113e138d644d6ab5e15a42cc7ffc6e866a3a2f0e5262fc8952326d036203b13c187f4","first_seen":"2026-02-23T12:38:22.240873Z","last_seen":"2026-02-23T12:54:01.510137Z","times_seen":2,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":160,"dns":0,"connect":0,"send":0,"wait":177,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d207f61.5777890d.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d207f61.5777890d.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-a3a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2618,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2576), with no line terminators","md5":"3a114186f6be942215aecba1a5e8f0bd","sha1":"b1fe4469917a7b0a5f948801440967c7e436c29e","sha256":"9dcf1dacc6bba72317f67d47f5ce5371d3b6c121a21988d7b1531915cfb66564","sha512":"18ac6131c93227b662390b292f14c10b04ec9e03be914ae28332ca3ddc457d61a6456ec057d6cc254e0724ab5a6d661bdfb2b257abaa7133e0e2805ab6153e38","ssdeep":"","tlshash":"db51770c70d3f09d4d9a8017b22f1a64b1b63ecb2515c1a9a778c6e15a58de13317ff9","first_seen":"2024-04-28T18:22:38Z","last_seen":"2026-06-01T10:56:00.217003Z","times_seen":257,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-4acb87b4.a96cc41b.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-4acb87b4.a96cc41b.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-134e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4942,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4916), with no line terminators","md5":"17a5e0892aeeaef5237292be71721624","sha1":"825cf59ca832baa56c55e8944f37879acea468f8","sha256":"e591ce5c01f71a639f47ea735de6402b56c44f04c2b664473a45b3ff3ff61972","sha512":"7d5eab5473d7065e336c0e4231e5a71bf66989b4d1bf0865c34031756a4e87235127ed10cf5863387c55d1b357110f179f781746e660683978d4238f1a2faf79","ssdeep":"96:PhDHbbeN0BH8e6B/oNzGxNvFMM+ay61C96Du5Htjpy3VQUbb:P5Huma9/oVwsMVy61CMSFaDbb","tlshash":"7ea1f969a3ccd1dcac1fc65bea1e2868222706dd71115145a2a9dcb0a253de88f1ffcd","first_seen":"2024-06-11T23:26:02Z","last_seen":"2026-06-01T10:56:00.223401Z","times_seen":251,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6201\r\ncf-ray: 9d26c6a0af880731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402b-5915\"\r\nlast-modified: Mon, 04 May 2020 16:17:47 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1074760\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=QdDfjwVPST4a62ncfFhz%2FcpKPekHi95ng%2B0X1m1rI1aEESElr7a4T%2BUuWtevsttpTZqJpQYmQxygx8BqJQdQ%2FkKCEXLcZ6TK5g793y3FBl7J%2B0S6LD58QmNdwIINZWeoQj0zTH0p\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22805,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (22712)","md5":"c019be63e713ce6f2aa221c0df8fa0cb","sha1":"e5471888945144f233714d470959059c010eb667","sha256":"87e6aba4bd25be4196ad7f269a62de823242abe105df538f218d4e6e268f74ce","sha512":"6ca3ae5fb17dc20a2c27d4008454feb7cefc626bf104252354c1abd0977f73a315001d94293a7d4379ecfda6ba21d3f49a992f243a6f9249c935195527d407be","ssdeep":"384:BPdUYakDlUGQrDQxMQ4rJaT30WCxQI1cg:DUYzhUGmUMQUX3","tlshash":"cea2b7c6f56270270a9260e5183f1107a33f241d648d855df2d6e8ee2ebdd8e91a3f39","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.462559Z","times_seen":1154,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":1,"connect":3,"send":0,"wait":40,"receive":1,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-0a888720.79a39264.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-0a888720.79a39264.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-2d60\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11616,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11540), with no line terminators","md5":"0b9e6201702e9ef11c5c3a4c3a1f64f9","sha1":"6a4748a1758daff2fd25b236cd246633e3873f7c","sha256":"6996d0a4d1e3559b00e7cbfcf627f6816a0a5a06d9e7be3c9226c3a68b95e459","sha512":"e44f5d8391c63c17a3a90119c8aedfd7a4120d0d3903b5a2b00219bfbcf65ab7339db503af7bfc071e39622dd50b34babce8fa8e3d2af596cb7975903d15e52d","ssdeep":"192:3ugiH+ttVS72rfDyFqINV2bYWqNVqV8tQhrqj44ACc51YZ0E:3uWfDQOb31atQJ4xARqZp","tlshash":"a832a88d72c7f01647a77331d01f100ae27aa998f4099185fb28d9e1b875859b32bfbd","first_seen":"2025-04-09T11:39:55.963244Z","last_seen":"2026-06-01T10:56:00.228919Z","times_seen":107,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/be779b2e602446e5a3ceb0e73716a9bc_.webp","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/be779b2e602446e5a3ceb0e73716a9bc_.webp HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 3203660\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:44:34 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3203660,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6d6a6629c58db9b834ae6c1b9f583915","sha1":"8d70f574fd13ca62c4aea358d5cd28414d485cf0","sha256":"8138604c7c2c3070ea31e4efac2aaa05187c40c89ad12fc46cbf49565c1b9e6f","sha512":"f2887702c52eeb5ecb2ae4e757c544af96e1b0fe782c29f321a84b4ee5073650779eda79c44842cf431048ab796d16bc13c4ca8a71376304e21189eb1d6a3616","ssdeep":"12288:cNV3L7e8sauOY5Btps4woYOHaB/GYMv2PIBkgPHLlBliI9U9S:QV77e2uZ6oDO42GTrlBb9UQ","tlshash":"b6252353a859c1e0d625797a399c7f9db1381b7a13590c03ac3948f05dfb323e618e8b","first_seen":"2026-02-23T12:38:22.243659Z","last_seen":"2026-02-23T12:54:01.503489Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2312,"timings":{"blocked":1149,"dns":0,"connect":0,"send":0,"wait":178,"receive":985,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/9151edfa42c74f97abe8b8056d03485c_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/9151edfa42c74f97abe8b8056d03485c_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 462070\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:46:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":462070,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 994 x 575, 8-bit/color RGB, non-interlaced","md5":"3e8090776cfe6b4a8018a028848799b6","sha1":"d190b84ec04e5fce47225bd9b922fca500948945","sha256":"4522b1d2daa9879be3cfc93e9ac6faa3606cf62822da0c7c5389aa38a7557f65","sha512":"aab76cb48b83950ad42e3f7f108e5cb52cff76f251a3ad696445bb3e888196aa554d63d58bc7000e4b5bff64a937894b9e2482cc66cdea582282ef76df231ea4","ssdeep":"12288:y9f45R6G48VL7Hj9T1KPvbrgU/pjN0Sbwn:Y45R6GJL7d1cUOISy","tlshash":"46a4233bd0798933623c6ce18d102a04a267bde1c366d6550fe4e85f5a4fcf9096972f","first_seen":"2026-02-23T12:38:22.244645Z","last_seen":"2026-02-23T12:54:01.410269Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2273,"timings":{"blocked":1714,"dns":0,"connect":0,"send":0,"wait":185,"receive":374,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/ab780e21a4ea42ff93ffba6c779e401b_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/ab780e21a4ea42ff93ffba6c779e401b_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 27118\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:47:44 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27118,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1103 x 672, 8-bit/color RGB, non-interlaced","md5":"a8bc944a148b8095423ca27488903af1","sha1":"f4326e37a7a394b77dc3ea4208013b6f0984cd37","sha256":"74be932005f10941fbb67329e0501b0df955f86e20e3e21663c1e614fe18e545","sha512":"645572779517b9b682c3afa15c58f025b031a78f3d1e57a5c22ab56de5c751a7e7a716608d8b85ea2709322e9e472abb6584ced76e7f49b92bfbd0f2057a5dd7","ssdeep":"768:7Ymk6Iso3hGEWEjcGuPZlGGMD5ITJ58jELRR3z:7Kpxns+xDG5Xz","tlshash":"35c2d0f406a58492e0dc6432a24a3f6596d074c947d2427f68375f331cbb78f9f6b126","first_seen":"2026-02-23T12:38:22.248568Z","last_seen":"2026-02-23T12:54:01.549029Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2432,"timings":{"blocked":2249,"dns":0,"connect":0,"send":0,"wait":180,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d0d2ed4.7c3b3e40.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d0d2ed4.7c3b3e40.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-4570\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17776,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17274), with no line terminators","md5":"ac18104bf12caffe1d489721a89a02bc","sha1":"da379ff27e10a2e3eabe12413e95572f0f2fc973","sha256":"86b6cb165d3f3ec46724f61f98d43cfc5dd1970a83fd229089908992c03fb5c3","sha512":"0b05cb0e5071d14b256f69a9de8b649289b4181203a43901092713b19bdddde11e7eb3db134a6e3f847b298e66cd3d0ab9334df9bf92bb8175a09316e8d8c0e7","ssdeep":"384:LoGGUwbV6mR88M4cburqT+Xo9br7+NYjMdjE2RJH1rS:LbuGT+Xoxr7+NDdRO","tlshash":"fc82b68dfacaf4270fe27325b41f208ad22b545cf809455cf328d9e679baa095117b74","first_seen":"2026-01-27T15:16:56.796919Z","last_seen":"2026-02-23T12:54:01.627436Z","times_seen":19,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d22d99b.2e59ff44.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d22d99b.2e59ff44.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-f37\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3895,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3771), with no line terminators","md5":"701547107e6c26359bf15b379ac81f45","sha1":"d1d973e5688a2cc6887a70fe0fb47c07511f4af8","sha256":"f3b58341aea10d657a2f81302aa3937756bc3e61f950a464753b71ae46503957","sha512":"ec483e4c2a2d0605ab020ac15e4d9ccb007bd05e9ee7857d6d1d4e428feab6009c2cfaafaad5519f8fc63f3f823dad234bacaaa4478ea11e3f11d360f259eb70","ssdeep":"","tlshash":"1181a79ad888fc287d22d141712f31f4e11ba92ea5545bd4f7f1c6ca0ad86680a0d73e","first_seen":"2025-04-09T11:39:56.053084Z","last_seen":"2026-06-01T10:56:00.207503Z","times_seen":107,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-680ea45c.bb5af193.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-680ea45c.bb5af193.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-ab3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2739,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2739), with no line terminators","md5":"0229ad5705203b258375deccd035a1c5","sha1":"948a1c31b40b0944de3f6fedcbe1c4589685d082","sha256":"f0fdd44dae1197cb964f9ebdc26ad8beb30f7cb52591cf6c14caf22d551a00e8","sha512":"be231cbac8962637bdf3a64be6ba50c723475b656f1bc10ce79cefa9283b49a931a5088b08beaf1f35108f467f51472121bd92e85f4829bfaac4ed78e1d2b25a","ssdeep":"","tlshash":"7f51612c7142f5bd4ea7a161452f7216e13a35451075e881f760cdd097e589f823ab3a","first_seen":"2025-07-19T12:02:29.44903Z","last_seen":"2026-06-01T10:56:00.212728Z","times_seen":68,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-1d8200c0.68ff336f.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-1d8200c0.68ff336f.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-790\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1936,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1936), with no line terminators","md5":"ae6b44f25ea0633abb1972fd12e58aca","sha1":"8c320c348eb188f35693c586e2e740a4ab377188","sha256":"71d36942dd08d28d0e673d926aa9313c31dae8e60e9da4d5d0ca2e66ec20cc5b","sha512":"5f97436344e6e7ee6f9d07bd777dbe87d7cdf1e4c16ad8302a7efa8f897e2659e5da69e4cb95cd4e79a4784ee75331a3793f1f396f8647703e3b04558a1aa55e","ssdeep":"","tlshash":"c64138b67e040016bd2bd81ecba410c771ba6532d12345963973bd24eba7af032ef791","first_seen":"2025-06-30T02:18:00.903678Z","last_seen":"2026-06-01T10:56:00.193536Z","times_seen":80,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-4366d870.175bca26.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-4366d870.175bca26.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-9a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"92893dd74bbde0d3b99f7961ddc49084","sha1":"a2c4ee22ad640829d660abe7a0e20974076d8312","sha256":"4e87e87645a3cade6841c4948041b6446bf2e4e228b949eb1aca5b568d4f04d0","sha512":"d7cd4cf323461034e2767502d1a37cf02de528d1a4b8bc0fb0905284a72df55b518e23080bd31783e39b330c7a273602fab58b4b5ca8ada4698620a9fe091bf7","ssdeep":"","tlshash":"fec04c76658d6b2bf16af2906e5b71e86314ba27a110611b5a514630ddc3e6160d8428","first_seen":"2024-04-28T18:22:38Z","last_seen":"2026-06-01T10:56:00.194368Z","times_seen":277,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-4b346616.a149f580.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-4b346616.a149f580.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-e96\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3734,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3604), with no line terminators","md5":"8872ca58192b8763c01cde655e58a24e","sha1":"21d8cce695a7962fee9275c354c4bf996848a65c","sha256":"8c7be6935e5631fb25fe6dd1b8406b0db0b4c417e94d103a3843d2d0c1b172cb","sha512":"bed9a8fd258f9482f807c54952182dd4fc94e276c397a45822bb8002c12bfe913318552dba07c68b0836796a8a17da33e0adee9fb06eff7a38cae3789454dc80","ssdeep":"","tlshash":"3071fe04e8d7d29a9c7b8502915d1a70f0362fa0c921f043e3bccaa463e5db86b0e7dd","first_seen":"2025-06-30T02:18:00.899229Z","last_seen":"2026-06-01T10:56:00.200555Z","times_seen":80,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/lib/flexible.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /lib/flexible.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:41 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-fe7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4071,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"2481028b2f8ae3f9f9c15d0899705aab","sha1":"175d394457b861cf64b9347d243fe3f179048faf","sha256":"5fc76e812ff59a1e0a2faecfb1db22cfa4af69efafef2f3bde03494d543acc1e","sha512":"7b48ed3af9b9330ccbff7a8a9b7dbb1eeadc4356acc22f68a821d435b8cd85e82bc453d489355ee0679cd5ef98feda4c0be8599a0568c1a20bd6d8901669e5f9","ssdeep":"","tlshash":"fb81322806e722361e2330348fbf210539728067055ace447d5ee79e6fe4a654ef6bf5","first_seen":"2023-03-08T08:46:29Z","last_seen":"2026-06-01T10:56:00.253522Z","times_seen":284,"resource_available":true,"data":null}},"time_used":1230,"timings":{"blocked":519,"dns":1,"connect":174,"send":0,"wait":177,"receive":1,"ssl":352},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/sockjs-client/1.3.0/sockjs.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 16651\r\ncf-ray: 9d26c6a09f560731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03fd5-f54d\"\r\nlast-modified: Mon, 04 May 2020 16:16:21 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 12257062\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=4fGyDsAbOn6qOIaujtNfbXe59aKH1mBXIXTjvUWIc20ZJRSglD%2BttbuorDatvZ%2FFukFstrC08H0FKdGcMFYYLCdYtmx5nDAtO%2FDluNmaLXLZJ7fF4DVhR8YSDQCSY3u%2F6kZz9yZX\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":62797,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (62696)","md5":"f0a01fa31e644ca44836356a172ba7c9","sha1":"e81438a79e8a7f34423168c70696cff2a820dbf1","sha256":"840ea076b43dbf564a909bb082dc287740a96f3c4483fcc024f7176306daecc7","sha512":"a18f9c600996f8f31c046e80334cc794efff550c2286bc822ba7bbc197d99e4ce5f032133866b18cb9743a717b76e578cdb2a9fb5f6ebe42614d08ea1ea2e47c","ssdeep":"1536:XFWQV1ZGORGWiB67hAHLY/IyYT3uu+OLFckh:XFW8tG967hAHM/IyYT/Law","tlshash":"5853e8c5f46134a213e7a2b582bf11032376953a640c85b4b798dcf98d7d98c532bf7a","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.423793Z","times_seen":1157,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-182e5dc3.0a790812.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-182e5dc3.0a790812.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-7df\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2015,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2015), with no line terminators","md5":"c202062edef335b03ab084ea41017747","sha1":"7821722d7941b80e07140259e5dec0c59977fc5b","sha256":"631fe2ea4558d9538389bee411f3c13d75a6f16b446addab458a1ef2a9bf5e84","sha512":"b030da504cba969758eb8f4c3655bf004db3e48f556e5b389e09548329df4a23c05adae8b97eeaaafd0c35907afbde6054edaa9ec5e74dce4b8c0052b4963d70","ssdeep":"","tlshash":"7741426be49c2d289137dc92c5285dd542e4d623d20113fbd85b1b129fd354634e32ce","first_seen":"2026-01-27T15:16:56.824234Z","last_seen":"2026-04-14T15:55:47.015687Z","times_seen":25,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/ee9e4d1d2f464b5697a3d9809594cb5b_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/ee9e4d1d2f464b5697a3d9809594cb5b_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 454823\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:44:52 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":454823,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1023 x 614, 8-bit/color RGB, non-interlaced","md5":"959c41627841b5f8289651086288f4c1","sha1":"0327dcc67d663b14caaca0afe86d5cc2a3510f2e","sha256":"a93c89794f6224a044959e7c5662f7e1138b3084bfc2c48190d28d3aade6f210","sha512":"6650a2a10e24e282720503cd4fcd45ec47eebb7b35296128cfe019733d8239b55d350a616cbe34342ca46c4948508b7d4964a39cf6c1d2966dd5e59481ae3bd6","ssdeep":"12288:PTtAZLyw/Zt1qaYnj6YqRGT4Zpgcp67lzzLqXJhC:rCLrBrqaYj6S8U7lQU","tlshash":"43a423dcc74c0a729e879d6235814eaed591f1f089f2f506e36514ebb2e7c242d88cad","first_seen":"2026-02-23T12:38:22.254202Z","last_seen":"2026-02-23T12:54:01.44977Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1629,"timings":{"blocked":1216,"dns":0,"connect":0,"send":0,"wait":177,"receive":236,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/15/10ef483c385c498a93f5e90eee4fcddd_.svg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/15/10ef483c385c498a93f5e90eee4fcddd_.svg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/svg+xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 15 Feb 2026 18:39:28 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3853,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bb84aa82f69c09a4510e00ffc5870503","sha1":"871a1a397cfb7ab15738303b2a119a6b495b5fd6","sha256":"a74b5e3fe552613af384eb20dfc082cd1a9a0e035a417d6df1ce760b6fac3967","sha512":"d09b0f66b6280886165d0d88498911231e755c818b2f5894665eb9680487217cae3cac27f6c31b0cb597cbc2fc944753d6b732f0e6b3c1a23e26e82165005d0b","ssdeep":"","tlshash":"6681b31bd37908f8964e42f80fb9141a502e78bb62101e32bc9ec44adf42d417b387dd","first_seen":"2025-04-09T11:39:55.882707Z","last_seen":"2026-06-04T17:13:18.495827Z","times_seen":38,"resource_available":false,"data":null}},"time_used":665,"timings":{"blocked":485,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/01/fa5771475c1e451a8ea842fad8d9b60e_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.808Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/01/fa5771475c1e451a8ea842fad8d9b60e_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 22608\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 01 Feb 2026 00:56:15 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22608,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 342, 8-bit/color RGBA, non-interlaced","md5":"c2ec27f042f20bab4c2926b1ea500f55","sha1":"22d54358ab8b0e21d0017d1415ce9f5d99678a1e","sha256":"e8c8fdeb8ccbe2731b21291d04fa2d96520e82638c308251370a63bf7b43dc80","sha512":"dc345cf84847f0c382300696b3bedfe4df4bb8ab40201fb395cae4de943f32748a61f774541c3ef8c2ee6fdd0c05734eaceda59bba2d346ea747b994a28c8fa4","ssdeep":"384:XIyiadaaks5sLVIKchjA5/1t0L69/GZK7L4Mh+JM1WmU7S5waty:Yyiadt/YIDhjw/1t0fZKl+JMwmUG5waU","tlshash":"2fa2c13587047674e8dac1fa14e8a409a52b14009df9c3375178722e1b4f6bd8f6f799","first_seen":"2026-02-23T12:38:22.255149Z","last_seen":"2026-02-23T12:54:01.455824Z","times_seen":2,"resource_available":false,"data":null}},"time_used":666,"timings":{"blocked":486,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-f8d706dc.d39875d5.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-f8d706dc.d39875d5.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-c06\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3078,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3070), with no line terminators","md5":"c0d65fb50ce143b5605c10d3e6e71b2f","sha1":"b63607f03ad005e13ba8130d6dfb3cb75a4c47eb","sha256":"b2c0c555e2214756afa19dcedd12893181ae941786d7535e3263d53f7495dab2","sha512":"9f6ac6e832e05b9b7921d9ad1b396d130ad3f66cab6beca11c0d3b2901cc79259ca37af1d6fb3e15958017b69463e8784d1cf5e9428d9adfad55ecab7927cda1","ssdeep":"","tlshash":"2851330d75c3f4689aeab161501f2239f22b6ec49006e910fe34d4d17f61e69332eaed","first_seen":"2024-06-11T23:26:02Z","last_seen":"2026-06-01T10:56:00.201167Z","times_seen":120,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/5058e742cc7d489182fabd0b5f629681_.webp","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/5058e742cc7d489182fabd0b5f629681_.webp HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 31442\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:44:46 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31442,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0eb6b0e97641f3a993e9d618d13f0d79","sha1":"2cd7e2bd62e01a4e03320c439d3e6b3e8bf94c1b","sha256":"b71920e673a0fdb56b5aadf10c442de30b3677126951f5be749d5c0a4e18df4e","sha512":"8d33d85d143a23bd48579b0f0a16c714713bd8abfed3d43793f846984a0f95c188702d1cbfb9b8fd82f35b35e15f464283ee3bd87f44979a75e86edf75b23c10","ssdeep":"768:JYytYytYy59+X7FnpJf1VvabWX/5oqj8Q:JJJ1qvvaCv7j8Q","tlshash":"f8e2c0667f028311dbb7f2b4edf01e9992a35b80eb20595939fc55221b615f0e98c2cf","first_seen":"2026-02-23T12:38:22.256751Z","last_seen":"2026-02-23T12:54:01.473163Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1355,"timings":{"blocked":1169,"dns":0,"connect":0,"send":0,"wait":183,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/4ddf1148037d4a88a6b06e709562789d_.webp","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/4ddf1148037d4a88a6b06e709562789d_.webp HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/webp\r\nContent-Length: 48350\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:45:55 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48350,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1e69a4413a48f46015def2de6e8025fd","sha1":"76b3c807a2f99ecd889b11c403c416f063fc548a","sha256":"ee0a5041d07ba38722f948be8ed6745ea1d7ba170404aec451ed7a08b3f90778","sha512":"a8062e45be475a521cff50df67062879ce398145c6c2097e327a62d78e1ab7ad42b7ded29886792e4c34c483540d2c48c337491650db4de5c73ff4b0c4f3c2dd","ssdeep":"768:IazmkIiUcwdK8wnY6OyWFiEaUOEdXKKtoPgSGD8n8BaDIuGToqafsXpp65:nRIiUcswnhOybDa9t06Y8BaEToupp65","tlshash":"912301ebe2054b7a4f2199a813e15d86247db261ed797bd448980ef4f743b34c08ab4f","first_seen":"2026-02-23T12:38:22.257607Z","last_seen":"2026-02-23T12:54:01.437448Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1709,"timings":{"blocked":1529,"dns":0,"connect":0,"send":0,"wait":177,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d0cf330.d3cb0e12.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d0cf330.d3cb0e12.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-893\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2195,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2183), with no line terminators","md5":"940b7b1594fbb05b40ebad18fa7000e5","sha1":"ecd71236bc23c695c06da8ccfbc33e0eac2910e4","sha256":"ee1e38b7ad5206dea00e0f500875ae3bf88cef0f8fc8de8b9659f22ff1ae5a4d","sha512":"bb98d694a3cb128b1cd66ea613a39f919126c0287ab28e7c949dda94483c31fb96ffe7d09929e176b66ba97aa263c72d485a3833d40790492c63a413ffe508fc","ssdeep":"","tlshash":"c6411108f893d2bdcc7ea825562f1674e1709ed44504f151f63889b1a3e0c784b5ebed","first_seen":"2025-04-09T11:39:55.904569Z","last_seen":"2026-06-01T10:56:00.226407Z","times_seen":106,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-e19f796e.bd45e7d1.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-e19f796e.bd45e7d1.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:47 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-d01\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3329,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3329), with no line terminators","md5":"8816bb962321c72755013a3201eda331","sha1":"24fe5fe11c9f7672715ef5ed68c3fbaab0ee28bf","sha256":"372982eb6eaed682a071751397b7f9a9b25cbb881ded13f3e0b21e68355cc5f2","sha512":"0ea0dbbf50d0a3bb2736fd78f9f9e89eb86f69f0f344a742a645d72e76a201316d0b781dd1d527841c6afd796a23c2ef023313c41c2d793086652be415d852c2","ssdeep":"","tlshash":"a961646c71c3f4bd4eb7f161402f620ae13a36416035e841eb60c9c0aaa5c6f523af6b","first_seen":"2025-07-19T12:02:29.467043Z","last_seen":"2026-06-01T10:56:00.230752Z","times_seen":68,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.12.0/theme-chalk/index.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.12.0/theme-chalk/index.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 27462\r\ncf-ray: 9d26c6a08efb0731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e43-38cf6\"\r\nlast-modified: Mon, 04 May 2020 16:09:39 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 74280\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=%2BUd2OiDC%2FBrgNFlviMfV%2FQn7Hxe4lPBTmlnAjQ0mF%2BP20CB3oDQ0GMn0zQkW4MPxJek0gVHqru2LrBuWEwM5oTD66cJF445M8%2FaWPRUk0ydlCT3UIrvlCH8itDUKXyU5YunxXw3M\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":232694,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"b156c93b3792c208a43d643446f0d308","sha1":"1ee68ab3ff034e3553c779fe94079bbd43436f67","sha256":"913f0305e94e0c8cfea0ab62c4bbadbe86b52b5cd6893a1a3740d495a1005155","sha512":"671b1110d3c3f19b6c0ecb8e6a0771d05beefba8bfa8b3fde91e955df08c168477f23d526ca2eb355c7397dda5ef47e3f8196fef126c53d17cc4f8a236ff9c61","ssdeep":"1536:y28Y7SrW3YeWXA1u9w4HCe/l4ftg5fNME30e/8OaiZkW9YO8eQw4yG4tfNIc0yr6:Xbk0Z6fKyZL1dw","tlshash":"0a34a6219b07216b612bde6db6c0ba895f18c323d4725bbbfe55340dcbd34891263a4f","first_seen":"2023-04-06T21:01:19Z","last_seen":"2026-06-01T10:56:00.237941Z","times_seen":385,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":72,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-1cbbb860.e43e04be.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-1cbbb860.e43e04be.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-2fd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":765,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (765), with no line terminators","md5":"dedea350ecbc1691a0dbc8d699eafe18","sha1":"5875d960f2c96a25fa5e2a281882c9fab260f05e","sha256":"b4f4b8fac275a3e0d022c71e3f984c36e63f3abbdabc0d22b4ea662688bafc55","sha512":"abb6f62c9a3400fb24695359add398e1f219e57e466a1cf11d45f6d1764a44b6bd8481734fbb054addd438b713e2c5cad79ae38d8c8d692a52c9ecf0698f23b9","ssdeep":"","tlshash":"9301d2f530aa2814a73af62c719867912c20e333c543028a57d3d63e4fc73d515e4e87","first_seen":"2025-04-09T11:39:56.041244Z","last_seen":"2026-06-01T10:56:00.222011Z","times_seen":110,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":160,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-44853638.dc0dff3a.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-44853638.dc0dff3a.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-225\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":549,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (549), with no line terminators","md5":"543c20808701b85c34b0d28fd21db192","sha1":"daafd5e95b9657b6ca14c3481b43074dbeec6abd","sha256":"71c664f917edc7fa00c5aed7e33a9911bd8bb185cf72724db6fb464dd86c9927","sha512":"01768a531f71d3248377d09dae80481262a7a5d1e976d4b3c8839264eaedbab1c2d302280c2786bf3b8b45221a14092e6de16917204087913c120785dfb9a66d","ssdeep":"","tlshash":"b9f0ac36391d0025b02ff76ec45006f4813ce143a52b0ea63a0a33229a675da31996c5","first_seen":"2025-04-09T11:39:55.955972Z","last_seen":"2026-06-01T10:56:00.186142Z","times_seen":105,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.7/index.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.15.7/index.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 122414\r\ncf-ray: 9d26c6a09f5a0731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"619608ef-1de2e\"\r\nlast-modified: Thu, 18 Nov 2021 08:03:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 74279\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=fSSYBZtZx9xicWQfK2nIhoGEGheTLmeItNnV2oivQAEVTvHIsO8zbu9SWl4%2BkdVJFQIN9mjiTYGIsGzpq6hm4bphDPtyYakP80ZSM6TZdoobTi9s6pgnKDAgEiPbKmJb2cUtsicq\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":590640,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65105), with no line terminators","md5":"dc6dfa2d326274455390160572856dce","sha1":"efd937a0eaa2f39487b612814c98c37a752c9a2a","sha256":"bc09e54472585388c0ef0b58e5818a448f03b5671df4120da425cd6cac70fb79","sha512":"d42e99eb85cefb310ba46cf4a5fd9514f6804d4fa95f312178b0b54723db60950908465b257cd7160e2a67e56b1b2855bada2e67f56c992f53fad520bb7a73f6","ssdeep":"6144:jlrTktiHOvAeyErnMb/KeG4tVhkiIAUYxRtS8islZST79eA:jNktiHOvAeyErnMb/0G1TUARQ79eA","tlshash":"e1c41a8d72c5b53147a36070103f250bb33b299ca40980dcb679d9ea6dbd909626ffbd","first_seen":"2023-03-11T09:11:20Z","last_seen":"2026-06-07T10:47:43.44918Z","times_seen":641,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.12.44/vant.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vant/2.12.44/vant.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 67557\r\ncf-ray: 9d26c6a08f300731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"620aa8ff-107e5\"\r\nlast-modified: Mon, 14 Feb 2022 19:09:51 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1074760\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=3v5wYMVm56jUaOt81MGBWO7gwy3b%2BLqbckrPfU6nILil%2FWKz55V6g2A4yWzJOHZS6FdV0eU0WS6wI8c5WQei3bq8QIxU4%2BtLs0j1c6HJG18b5Ak4Qtvh4VwEQp4RH09uEPhI2AwW\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":278598,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (57307)","md5":"bd964aefdd330a73c62c045d6b31e66c","sha1":"f7021d4ccab3188fc2c0f7ad8c51f88cda28172e","sha256":"4e685208d134a61fdf4e8fa18b054f5ca2b522813f9bf591db4ac4b42ef16598","sha512":"b9c22baff22e7711c36f2091e37825b9e865ce1d2ec8476f697712c62c51e4604a961e8182950a67cedd060d7ebb720784fecb4f4b46f8d98164badd580dac0c","ssdeep":"3072:RuhM/vLqNdJXyzFg0xnnx7XJ2pviRq4jtSr1GM6TyrfXc556SdryZMyR7:MhM/GU6KRBx+rRSPyR","tlshash":"be44e78ab1c5b425079770b5403f110ab237298cb81a84dcba79e4e66d7ca5ca13ff7d","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-01T10:56:00.23193Z","times_seen":232,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-182e5dc3.defb634e.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-182e5dc3.defb634e.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-2e8a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11914,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (11778), with no line terminators","md5":"eff859afb8a3df275b2d92e31472c68f","sha1":"fc245e439d856b97ff9c57e607ef2977fe61ed95","sha256":"1e109c80af9009e7cd9b560508daaa05a613fbf24ff62734e97e04a51db6572b","sha512":"a23f03ca3d27f47e8fd70c828f4d30f6ae5fc6d933fd825f9b6c900890cc58934c4d8ab92175f8ddd4a1686902140352553d54d4e15de811851d465f0abd0bb4","ssdeep":"96:hzOO/KhO/KPKaLmmxQKhMEOGpGjBMdvSNbB3wgsq/rIBNlujujDj7hlSPitAMLcg:hN1KhMdMGtUcw40zcj2P2VWHl3PgpliB","tlshash":"4e325509b8c7f166cc6aa021412f2535e17a7ec55422f141eb34cde0a6b9c792b2df9e","first_seen":"2026-01-27T15:16:56.813731Z","last_seen":"2026-04-14T15:55:46.960544Z","times_seen":25,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":105,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/57765ac1975744079a469c02909aafee_.webp","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/57765ac1975744079a469c02909aafee_.webp HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 89680\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:44:18 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89680,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1120x590, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"29d6a970d7650cfded42381e03abb53d","sha1":"06298d10a492f6dc6e2eeb55f0f424e8fe85144f","sha256":"570c782c81f29e331a0f7d9372f48764d1accab059345ebcf648b2a6a5b6ea6e","sha512":"34afb8208ded97913eeb06df48a7e0b5ae68b201497ca154b7cc9e11953422a38207c6be266ef0793baf79291c834be75cdcb56099ac9f1c8460f72a0e04d5b7","ssdeep":"1536:Uluxb2bj90XfQNflIN5uJwYz8I7i1aaZ4DOPkXlwSXPoaFl2weB1x4Wl00H3yhx5:KcK10XilI3uy1VSDKkX+arTeB4wXyhPX","tlshash":"ca9312a5d36a6f10ce1a818eca29757beb019493f9c7ec85b76dd34049d93c20f097e2","first_seen":"2026-02-23T12:38:22.262221Z","last_seen":"2026-02-23T12:54:01.545711Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1243,"timings":{"blocked":890,"dns":0,"connect":0,"send":0,"wait":177,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vue/2.6.10/vue.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 30769\r\ncf-ray: 9d26c6a09f4e0731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402c-16deb\"\r\nlast-modified: Mon, 04 May 2020 16:17:48 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 413852\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=QXmEqAk63GIcS9ByjngtHvNRgml00EASjw99FinQ0dl6keUT7QII%2FABjXexPju%2FBl6nSaPF3ib%2BmPK9oe7AAIkZmwdltJC3m8fqHDUnAX0En82iZP%2BAhUnud9LhNz01KTmLUcP2G\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93675,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65449)","md5":"17e942ea0854bd9dce2070bae6826937","sha1":"434cdec1669f2c6c7406297a72120936bc56ed52","sha256":"72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26","sha512":"3f0439fa3817c71a6b34673cd32707137b29823e93b8389e1deff24e46c427e5396a897b753ba98bfe156f01c7ce54155bbed56f418b388b22622807802e6f72","ssdeep":"1536:1UXY7qLtpHt2Pqe1mZ8I6H82RaLiMBlo2VV2B/S/g:MYeJpN2yefjMBlPV00/g","tlshash":"529308dc7299b07157eb31f1107f140bf2365a19ac0ec194b222e4e67cb984d92abe7d","first_seen":"2023-03-07T01:18:07Z","last_seen":"2026-06-08T12:58:48.433882Z","times_seen":4059,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":1,"connect":15,"send":0,"wait":78,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-20aa535d.7d892f1c.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-20aa535d.7d892f1c.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-45\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"24c94bdd51ac5c41571ed99206810c33","sha1":"080da262a6cef9cda0e3f1e9af67c230e5536d8b","sha256":"d39d41f904e10dc5c21717c0067df4f3906c163074210397fd695989d82e5536","sha512":"b09ad734773bb7423cdac225f237fc6c1da71b8a69ce98e8d8a15339901ecb527a5425d5c0f81d23f30a94bdea968b97cac08ed1a1f388b8c3f19c75622b679a","ssdeep":"","tlshash":"45a02220fa2eb83a8238fe002c00aac00080ab0200030030c2e2fcc80803a2338f0200","first_seen":"2025-06-30T02:18:00.788732Z","last_seen":"2026-06-01T10:56:00.257556Z","times_seen":80,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-23cea0af.d3716593.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-23cea0af.d3716593.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-1c41\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7233,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7135), with no line terminators","md5":"ea08089fa610ee4411a8ffadfd6c7542","sha1":"01d887cf565cdf69f134e85e2e55bd35fc39f0c1","sha256":"9f3747769697cc7cb715fb2810c3cc3bd9836dbc0a35dacdc94b35dec37b969b","sha512":"b2cc246ba3764ee52094b7ac59bde685166b10d83e1b17624154f14c194e93accc3e3ac34085b7624490238fa0e4ac71670a6a81958a44dc910af8a9542ab14b","ssdeep":"96:QiuRksz9+gPPX3WZfWLbDY6zwCpAUUb4vh6pxlHTlaoI0BsJADJ:3ufkWHcCpAChOxlHTlariJ","tlshash":"03e11f14b0d3f1aeecbe9112415d2a39e1317be6a405d087ba38cdd02795d753b2ebb8","first_seen":"2024-06-22T16:59:37Z","last_seen":"2026-06-01T10:56:00.230043Z","times_seen":115,"resource_available":false,"data":null}},"time_used":3053,"timings":{"blocked":2879,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/92da83d0309941949e4f5fd72f31d56b_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/92da83d0309941949e4f5fd72f31d56b_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 56058\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:43:45 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56058,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 758 x 437, 8-bit colormap, non-interlaced","md5":"864f9837c4aba8cf48139eec1db2172d","sha1":"043895482eae5bf6c2ff04fd67cd0c3e03734d88","sha256":"8c92289027ab95b0acf6239b7018545258e14e1fec41045498a72d94d1bb5753","sha512":"7e2162a56f87ac45468fb0a4851b9a81b7db21ed8925525305273bf33cd27fdf9d7e201d9b6002ec6bf18fa5b1f15c55d41f61ee2789d4733ae3feca35173ebf","ssdeep":"1536:0LuyCgd6nfJrrNleFYIDGKtC9756VCt79M:1yCgMrOF3495b9M","tlshash":"25430138192cddb77af0d7b5bb8257d09d8201ac0042472498667617fee312f34ea19b","first_seen":"2026-02-23T12:38:22.264403Z","last_seen":"2026-02-23T12:54:01.487425Z","times_seen":2,"resource_available":false,"data":null}},"time_used":663,"timings":{"blocked":129,"dns":0,"connect":0,"send":0,"wait":354,"receive":180,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/poster/4.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/poster/4.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 6373\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-18e5\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6373,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 133 x 165, 8-bit/color RGBA, non-interlaced","md5":"60e2e78c0f32732c19c1ee646a32aef3","sha1":"513dff26c054d71f75b6cb656ce925b0e1e36fca","sha256":"4a7a339b29e5f7ca92239331924e2a22db3f75395367e987c4b8926d96ff10db","sha512":"c07e789368866f0669e72da3b03dd7aad2748a8f62af5a44b086cd95b039bf32617242bc203f99f4b148102a078e3639a2ee8207045bd4994b1059f3c577d9c1","ssdeep":"192:qTLiw0N5Kza1vyIoe7JhjDESdHGUlWiSS5Ae:4LC5TVyIxJhjDESplWiSS5","tlshash":"6dd1ae88d89104edc6e384d251f5c799e823d7c31bacf5d16a48a0b07c8c58f0fa11e8","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-04-13T21:42:53.968049Z","times_seen":30,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":166,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/tabbar/mine.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/tabbar/mine.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 1848\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-738\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1848,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 42 x 46, 8-bit/color RGBA, non-interlaced","md5":"feedd3f006c5e1f1faf22cf2ee250c39","sha1":"838e94489b8cac4da6b3eca3274dd25204bb70d7","sha256":"385b2888b16f8eb27611e9296b5d4ec60f4d75361603d51d6c8d54706f81331e","sha512":"c7656c033ad34733d8f8cdc3d64241c64b7a5ca3184a8a418f458b9c39967c7def37d7a34818c7aaa3f88628232f0d822ae06cf4fa891bd8a5ae48ffee94be6a","ssdeep":"","tlshash":"053109803b1ad87e32264f33e7723d9ad6341368ca10032610b12d80b1099fa06fd6ab","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.262069Z","times_seen":90,"resource_available":false,"data":null}},"time_used":553,"timings":{"blocked":377,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/f7b8ea20afc841708a735bad08e82412_.webp","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/f7b8ea20afc841708a735bad08e82412_.webp HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/webp\r\nContent-Length: 99954\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:45:01 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":99954,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x977, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"eedde60930de69f0dd034873fc30050e","sha1":"920ec7a049a56a494df17f2fe6a239a8bddf78fe","sha256":"fc083ecd907159c7b334dad3ff1d3f69abf77f009050499f3c5dd4d4e1d9b701","sha512":"85f632e4c85fe05a9191bd047511c91592f675951b85b06c63cadd4851c708ff9a2a3bdf73fa2fe8d647600e94f2a9f3a90f7baacc5877bd42db5e91d003c3c8","ssdeep":"1536:k2yND7lxSBY5cyBK/XQUIUnpj0GgUPFVmslE9lQ556KLSaisbcheih1V5q3mwOGX:qtCYcpB8UPXNsQ7NIs8Zhc3mwOGX","tlshash":"d2a3126d028b4e7e2df25877759697393852c547a048f2e4832a32cd6d7e678f0e640f","first_seen":"2025-08-15T10:58:35.27305Z","last_seen":"2026-02-23T12:54:01.609683Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1723,"timings":{"blocked":1536,"dns":0,"connect":0,"send":0,"wait":177,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/01/a9fba2f3e9ae49b882758be14dab4ba0_.svg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/01/a9fba2f3e9ae49b882758be14dab4ba0_.svg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/svg+xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 01 Feb 2026 00:54:42 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4645,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"390442e1d0f1ed29e2112cfd01c6211e","sha1":"3b05b9e81630c7727e670b11ef4aa20e6a6bfac2","sha256":"c326ff82e8e57561d9f66cfc9e3c5e1abcb7949c6f3070ec2921942e1adecea7","sha512":"9911d921b3cf7549321ab218f026d4db25b80ea6e94cbaef57d350a473daa53cce9d1bbf5c57b769c9814174719679959cd343cfe8e0eb2bb3054994ff18e0b4","ssdeep":"96:PkLUvDgFPGZK3HPIIsHWauPu67sdW5ijnQpfUVgpatjF8L9Cihbi:PkL6Dg+KHPIIhPvo0IjnQL9I","tlshash":"3fa16573936827fd69970780c62914d73be1b0dfa2b8d2d8a377ac757582db08058e6c","first_seen":"2025-09-30T17:00:02.340919Z","last_seen":"2026-05-19T01:24:14.690375Z","times_seen":5,"resource_available":false,"data":null}},"time_used":400,"timings":{"blocked":223,"dns":0,"connect":0,"send":0,"wait":176,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-4366d870.60bd4013.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-4366d870.60bd4013.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-760\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1888,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1880), with no line terminators","md5":"1bad28d40532cfb347b325b0ab26b0f9","sha1":"98dae2768f84d8b9f58f044077dc33da68b9fbc4","sha256":"f25b13e2bc2f948a5c29f39814b304947a9fce6fccb7c2100591ce928a5f1ad8","sha512":"a1f3f37a9112509150cee74a267b8e43d6c83c0a09781ae4a6fd8265c154b78fbc801bd1140efca58e5a460e956bd062a12c93e7560fec587cb8acc739ed8a9f","ssdeep":"","tlshash":"bd41234cb183f0a907eaf126701f231ed2b56a95a81194795de0d1c0bf3266d2237aaf","first_seen":"2024-06-11T23:26:01Z","last_seen":"2026-06-01T10:56:00.261517Z","times_seen":119,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-4a224979.246b7db2.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-4a224979.246b7db2.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-c61\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3169,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3083), with no line terminators","md5":"b4792c42c75fef8ad3f1159ef3fdb587","sha1":"21aabf5cb8110e614dab5f8ecba0e13299d76b77","sha256":"156be5bc11c900d5ec8ce330e36aceb810a1a118a4442427ad028e6af93ad289","sha512":"e0c2ba5af9242e54f2771a0595fed02237726bedd33bf0e193c1650716017011392da1d3116c5311863e68c80767b05a59561ffb46210213b98a2c08c31a5dcf","ssdeep":"","tlshash":"0d511158a447d2aa9c9f9063e51d1731f1b57febc402d083e3b4ce805658db4372fa98","first_seen":"2024-06-11T23:26:01Z","last_seen":"2026-06-01T10:56:00.208381Z","times_seen":121,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/cfg/202602/21/c5e5c8d75b9548889c16747a910cf03e_.svg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:47.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/cfg/202602/21/c5e5c8d75b9548889c16747a910cf03e_.svg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:47 GMT\r\nContent-Type: image/svg+xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:41:52 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":555,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c0ab7a6d0da4ee6e9b90315c1e8c93bb","sha1":"ca15cdcabce86ba383d6058591efb336e8d10437","sha256":"328fb70547c585e3be94e779143d01759d6297c6cee4a5c8c17060c1d38a8eb7","sha512":"3b41b2464d4d452145892525fc9c3b3a06835f4fdd1ea9d456e3e8405d7f9565d04e8f2214cf1f5c673f09b7f6d29984e809bae5fbe939bea00bc8b2e6429e45","ssdeep":"","tlshash":"d3f08194930e5688dd4113ae5b5c5227153e70f7970800689838226774487feb576e44","first_seen":"2026-02-23T12:38:22.271479Z","last_seen":"2026-04-08T18:20:10.459237Z","times_seen":3,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/element-ui/2.15.7/locale/en.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/element-ui/2.15.7/locale/en.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 988\r\ncf-ray: 9d26c6a0af670731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"619608ef-3dc\"\r\nlast-modified: Thu, 18 Nov 2021 08:03:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1074760\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=pG9rjlOQeWmknYj%2FWfvAHTbJKPS3S%2FJN7ICU%2BE0zIn2kopKHgWXuJzYWRYIqlYVlZnC9SEdBLHyU0Zn%2BOMSmHBG7Ek1lu7Wyb%2Fr9MT2745OsL4b2AmmFU4KVNxK3fhxP8KguuHFo\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3516,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"05c65efd7ab47381eac414b929c80d11","sha1":"c0fbfd65eaf0a9a92dedbc93b1b1d7d8c55f8094","sha256":"d6361676df25451bfb74c691c9304ba709919cd4dd03d3c7bd5f999af7a6c597","sha512":"3ca05b333100d916cc783022dcc5b5d0210351e5ff8f184bf7e6450f63f919dc6c28e330d2f49de7a452a7cbee975a68872a3e2d3cbeb99e255e2827b59674ad","ssdeep":"","tlshash":"0a71fcff49b5406a4135dc19659f6407616180ab4e28bc397fad53a82f8cc1ca0feed5","first_seen":"2023-12-31T12:39:44Z","last_seen":"2026-06-05T01:07:25.344623Z","times_seen":411,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-19e6f436.b313c630.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-19e6f436.b313c630.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-6e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":110,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"f9d9f82e65f7eff1cb8e131e0b71a4f0","sha1":"249cd39b95839347af6d8d0dbd1d4f80bf2d6bf9","sha256":"16a28002d833971b2c0ff5252e93461a84c69cb02e95be2ac634ceb9b7bca019","sha512":"cc6a5e790589789c4ea19bcb5cdd5b29d4d2196631d56765469d4c3d9746ce99a5f7b12df2203c97466957c52d4afe781e49a33998acb9ddab735953cfa64b22","ssdeep":"","tlshash":"9db01240f80c4c2f22e3d3c82064dec536103993cdc0939d3ca8c1228d231503512ca1","first_seen":"2025-06-30T02:18:00.800899Z","last_seen":"2026-06-01T10:56:00.202567Z","times_seen":80,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api/common/translation/list?lang=es","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api/common/translation/list?lang=es HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: null\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-08T12:58:48.451917Z","times_seen":5285,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-182e5dc3.0a790812.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-182e5dc3.0a790812.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-7df\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2015,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2015), with no line terminators","md5":"c202062edef335b03ab084ea41017747","sha1":"7821722d7941b80e07140259e5dec0c59977fc5b","sha256":"631fe2ea4558d9538389bee411f3c13d75a6f16b446addab458a1ef2a9bf5e84","sha512":"b030da504cba969758eb8f4c3655bf004db3e48f556e5b389e09548329df4a23c05adae8b97eeaaafd0c35907afbde6054edaa9ec5e74dce4b8c0052b4963d70","ssdeep":"","tlshash":"7741426be49c2d289137dc92c5285dd542e4d623d20113fbd85b1b129fd354634e32ce","first_seen":"2026-01-27T15:16:56.824234Z","last_seen":"2026-04-14T15:55:47.015687Z","times_seen":25,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-206d39cc.fe15a964.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-206d39cc.fe15a964.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-b5da\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46554,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (46076), with no line terminators","md5":"f47d5ab2779095fd9b3d8b4cb0ffdfd7","sha1":"a2b143ff76d0144efd84fd7119dc814318920430","sha256":"74234ede5e703da2bfd18185038c4667a57d1bdb0f4db870bc204012941da76d","sha512":"788f17fed5a83f265f8bb335de29cc7717d769367b394e7d4a3d9290a1c1242b40b7fe7e018a7164a393e4f8aa390c1c6aef2277e6487900bdc3563df7a2e70b","ssdeep":"768:viPESMntK2KxE8nGIO9ntK2KxE+aGw6MntK2KxEl:v9tI7n2tIf3otIk","tlshash":"9223c94cb1c7f06e4a7b5221851f1419e23a6a99e405c145fb3cc8e1b9a8c69772ffbc","first_seen":"2025-10-18T07:29:14.095009Z","last_seen":"2026-06-01T10:56:00.215755Z","times_seen":66,"resource_available":false,"data":null}},"time_used":3031,"timings":{"blocked":2852,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-7fa7af0e.e91d9701.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-7fa7af0e.e91d9701.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-d88\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3464,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3464), with no line terminators","md5":"14703ba2c4885d4136431727be3a424a","sha1":"d2cf20082b9d5e7b2c30cb3ac41e8b29530aba1e","sha256":"3aa3fce945d572a167eb8dcd64db9ce7138980e57e3e9fa9d7bfbc02fd3dd189","sha512":"b81dc1c4e01bca729b8b001122aae12bf5b562372d035d8a4e78a0bc911bc56c242d9cdcb6f6239ea82fc9f72b2e9dfcf590e20a8e8572a60f38dc036dd3020e","ssdeep":"","tlshash":"fb61a5093b5af4a9cca7c266401f1625f05c6a69b034d4c8f370dae0d5e4caa03aef1e","first_seen":"2024-06-22T16:59:38Z","last_seen":"2026-06-01T10:56:00.211035Z","times_seen":252,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vuex/3.1.1/vuex.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vuex/3.1.1/vuex.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 2776\r\ncf-ray: 9d26c6a0af8d0731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402f-2693\"\r\nlast-modified: Mon, 04 May 2020 16:17:51 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 991078\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=uk4n0%2Fy97MqFyIZUrHrMxcv5GXXiDa10JTVL%2B72lLM8BMkvuc7rbo5lcPIdYwAaxSV%2BLvbo%2B9ZAxGidcBRlIIs7bThJm5B5UA9CZ85Psu5ewAwdifi1UA2PCsS8zgiZTquRAN0Rk\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9875,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (9815)","md5":"c66594705de51675f08e3b83b9b9b38c","sha1":"40fa40f722043957a56324174ec6f80389391971","sha256":"e973901e74ff65888bbe2e58b95cfb957d5db316bb185a106f543d99176d1d65","sha512":"3cb0d6b77ac49d3c6c5c5740efa2fd9e3e0c79158c88a9d4f0b709f4713a38a7b72109a2b4c636377c783effc3c6457c718d8cdc2e9c7577db9691562e95375f","ssdeep":"192:90DuIfY7JtjC5ydUypH82+H8urFLR7BD4GOUo1MQl+B2GHPpB3QE7WA+MWnBP:9guIw7JtWqmhfldD4Eo64UgH3nx","tlshash":"4f1261ccf661b0764a377460623f120fe276a46d200a4468f598e4ef6cbe14d94abf3c","first_seen":"2023-03-07T12:05:56Z","last_seen":"2026-06-08T12:58:48.443895Z","times_seen":1413,"resource_available":true,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":48,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-4a224979.ae575bc3.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-4a224979.ae575bc3.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-45\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"4324c2c9e4ae5d00fe133d21e732b33d","sha1":"f5dedb85e0037227dee83b560409ec1f9af860b6","sha256":"54f30efbaa5e7f8cd31950fe9b21c5501fb79789e9b6d78f5e6ba066db61560f","sha512":"4860bd919a0b2fab508bdc2efe107868262f3afc964437fd552a48facdbbb1f43056395fc36cb7b5f719141c6b8eb67e78ec72874c484d74294f763c3d7e0bc7","ssdeep":"","tlshash":"b0a002a4fb9f957a5139fe156a551dd04180a75244930114d7e3fd545803a23faf0254","first_seen":"2024-06-04T08:05:51Z","last_seen":"2026-06-01T10:56:00.196204Z","times_seen":124,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-19e6f436.122c28fc.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-19e6f436.122c28fc.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-1327\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4903,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4877), with no line terminators","md5":"2e0bc0f3abefef3d980d12dd9a6107ef","sha1":"2de709a2db4ef69f18d8755645be6d72526ae01a","sha256":"42a00d5f218e022212b6487123dd5438ea64f9ee3da4323b8dd6870c03a8be1b","sha512":"3714d19b125886394875f97f6e36c7fa7a5952e080485931ad3ef459e72e493459481facbf242f4950ae19399c8a57de1ef3a3c1fb92ff1baa135a54f986f087","ssdeep":"96:WDHbbeN0BH8e6B/oNzGxNvFMM+ay61C96Du5HtjKy3VOUPb:CHuma9/oVwsMVy61CMSFvZPb","tlshash":"2ba1f969a3c8d1dcac1fc64fea1a1964222b06dd71115145a2adccb0a253dd88f1ffcd","first_seen":"2025-06-30T02:18:00.906349Z","last_seen":"2026-06-01T10:56:00.194951Z","times_seen":80,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":32,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api/file/activity/202602/15/0e44a97279b44e7683d1027dcc4cc457_.jpg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api/file/activity/202602/15/0e44a97279b44e7683d1027dcc4cc457_.jpg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 49990\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 15 Feb 2026 18:38:40 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49990,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, progressive, precision 8, 878x494, components 3","md5":"adc525d939040a95c83cf6726a1ff7c4","sha1":"bc69a98f1800a701e6728ac7449da64a33840f7a","sha256":"61710c2cf6fc4f4b1ff274f6d9018b37b0816e238f9121197e924430b7263c39","sha512":"181eb0f32fd71c36de6f428c99f19bd36cb6e3982be63115bcc00bde02b64bfbd9cb5e2f5e89bae84d30475dafbea6a9508fbdd1a0d96f3d81e50605eeacfcf0","ssdeep":"1536:vW4aMxqqaOpRZt9DYevlrMXx8+RHKdDA3+Pp9UVrZ:1a5OpRb9DYeNS88qdg+UrZ","tlshash":"4423f13d6db46d17f8988f79a9935836bbdd0e7ad30f132960f08dacb0915467630284","first_seen":"2026-02-23T12:38:22.278179Z","last_seen":"2026-02-23T12:54:01.605045Z","times_seen":2,"resource_available":false,"data":null}},"time_used":444,"timings":{"blocked":86,"dns":0,"connect":0,"send":0,"wait":179,"receive":179,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/icons/ic_recharge.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/icons/ic_recharge.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 1139\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-473\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1139,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 19, 8-bit/color RGBA, non-interlaced","md5":"1c2937ad9f59c2144856c7e17b022a65","sha1":"4c6e4fc1d9be48286e643da67f8e88b8612e0744","sha256":"9e4d52b130ee6457bc78db04c15c4f771820eb2b983259fdd606298f1e3e9f75","sha512":"894ea7b05ebd0efd11d9b79739fa3416d83302618e0c014a95c65bf396ba0cde03d1690dbb1851c73b1a267d6a0c2b5e9db5b2a3de26201fc8a3f4280f30c970","ssdeep":"","tlshash":"5321c6b50eff1ae2d378b339c412a4a2eb9732677514360a3d15c00b94b254c4483279","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.262986Z","times_seen":90,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":66,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/af437a323ebb471393e9ee0e0743c088_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/af437a323ebb471393e9ee0e0743c088_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 1311917\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:46:56 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1311917,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1455 x 865, 8-bit/color RGB, non-interlaced","md5":"90157ea05ca5a2db4e0549f213f46a41","sha1":"5f749a70bfb39331d4e40a3e008eb27eb606eb1a","sha256":"2e9a591cde914492bd73dd3ca47cadcb6505a1678ebce5219c69c8bcb592fe10","sha512":"04eee120d21aa460d533769f9e81f5b516300e42e16ac1159ceb7e2b2ae74842e79870be455e74e58fd0328246e52ef18517c2282655761d5a76fb48d903a850","ssdeep":"24576:dF/5z2FEnOZdmY++g51cLB9tPrpTO8C4z8i1fOCkZKYhf:vhz2FEeu518vpTO8CvicZKUf","tlshash":"0f2533bdd2ffa66cd9ee203104960a00f542748a3eb12455686f8bf74738f1a596cb4f","first_seen":"2026-02-23T12:38:22.279568Z","last_seen":"2026-02-23T12:54:01.62526Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2508,"timings":{"blocked":1892,"dns":0,"connect":0,"send":0,"wait":181,"receive":435,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vant/2.12.44/index.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vant/2.12.44/index.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 38108\r\ncf-ray: 9d26c6a08f260731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"620aa8ff-94dc\"\r\nlast-modified: Mon, 14 Feb 2022 19:09:51 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 9337392\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=TBoOG%2Fobg1RUCPy9lnVj4KX5JZeHDEBkyPy3cOH0B%2FYZ292FLtE9VxZ%2FvA8ResBlML1oLmwWXdJFw%2BjJZEKanliQZ7igY4YA2mtvU6Eowe%2FWqL%2FooXH32T7u58wJp0W2gy2%2Bu%2FpU\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":143622,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9a547188fa485f8ca9b2cc7d6d2524ef","sha1":"7893335159a1f637eb24cd05aaba96ac156c7f65","sha256":"897e513fc70a4e1759ceb06ed3c9348d036b36b724dc60d815f9f3124de6f433","sha512":"23653fb8a5c2f4cbc15cb35f215f166150516d84b8bcc143aff2d9c73056ce8e33689ef0578010cad93ea2c2e04423d3cc9ee1f5535a6bcb1e2302e5d47da263","ssdeep":"1536:KUyCltWrqoK3U0iNEBVcZH5NHMja4drYaAfP1rz1jVLSV:KTeVc5HMjajXfNf/SV","tlshash":"e3e3c52756c0236cb31bcd219bc096c5e224c123f5121bfaf1517a2dcfdbb9616a2b5b","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T18:08:50.598304Z","times_seen":2162,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-0ce41c5a.4006cc4e.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-0ce41c5a.4006cc4e.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-1292\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4754,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4754), with no line terminators","md5":"f2cf758791111fd2d848603463e99178","sha1":"6efa309eee6c7aebb25f7eb378ebb367680cea9f","sha256":"be18a5cd6c8dd5547446a18363472d5ee56a0d2008b3d187fda6f866ed32facc","sha512":"33df9c558a43f266d0231279d5d2c940a857326b2e9e6de968d1b17983e6a784938bc4de991b04007f737e16b67f475a7c1fbab4e82228b22ec105c37d238cb3","ssdeep":"96:92hnM63MqkM6uoSYbc+7fb3bDb9UKUea6:yM63MqkM65bc+7fb3bDblUea6","tlshash":"eea159db78d68112d277ea5216ccd51adf336be73ba10cea71d8284dd706a80631f0a7","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-07T01:38:16.110616Z","times_seen":1107,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/tabbar/work.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/tabbar/work.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 1736\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-6c8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1736,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 41 x 48, 8-bit/color RGBA, non-interlaced","md5":"bdbb6ff7b3a99d44d2b5d0a81bae3261","sha1":"117ad42cb03a00523864aef54bf83fe96292d401","sha256":"05c5c12d4f4cf615f695ab94b8ee03a2a62d4e560e930940d7f14e7b039bfc42","sha512":"c670cb3ad8b3b3da42d907738a701d6c2927728a00184925566bd906f1ca41e2a0acdae5573e5ceed8e158b7533c8f492c032033bfb6b90d8cd493c865b7f628","ssdeep":"","tlshash":"b731e96b29841c9c489055e943365ea88c2c2b9d3e3a7e24e1048aaf0a0d2f988ccc99","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.190819Z","times_seen":90,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":385,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api/banner/5/list","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api/banner/5/list HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2655,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"ad67ce392cb0b4fe17c454811a5d54ee","sha1":"a6f37e3e2719d428e28344e61566a5b7723a82de","sha256":"97c0830198404efc3a416957fd4e2bba7c2e31bb12619353ffc789856f2571f4","sha512":"77bfb4c2a0eb6638d22b7ed6948a2fa761e96dbe7deb675a257f88c4727e888f93101ba7a4f2f31c21b8280f01fed83fae0f81fffee5fe5304f77d031f72e1d7","ssdeep":"","tlshash":"8d516d199679f8fd898ac1cbc4dfbdc594aab22fc0c926543bc1cd1d8448cbb661941f","first_seen":"2026-02-23T12:38:22.282025Z","last_seen":"2026-02-23T12:54:01.589591Z","times_seen":2,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":216,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/3b72054bc537414bbef8c1db50b36e78_.webp","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/3b72054bc537414bbef8c1db50b36e78_.webp HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/webp\r\nContent-Length: 30112\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:44:02 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30112,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1620x900, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"45b3ad01c818afafa8e494b719851a49","sha1":"f2ba36950e725d8945ff8bd6bcc690614b3747f8","sha256":"8a41a9101f0a1fa459877aac047c0a483d1cbf2dab1ead87cbdb7d1eb6677429","sha512":"5146ccccbc23fb71ba76ee6b9de0ac0808928d347f5a136258ebca446c31c56306533fef70c4f701c939f8ca655aae4890dc8954597a50863477182ee5cbedff","ssdeep":"768:+u3/P6vvyRPl8O585Hw2VUmSt94Bc3UFaw2It2LHw/NrKZ9Jx7B:fn2vyR85YnjMc3aa/H+8Z9DV","tlshash":"a5d2d0c29a59540ffc30f2b0764b35cea25a78cfe21d62053efa46a663381955d2e327","first_seen":"2026-02-23T12:38:22.28294Z","last_seen":"2026-02-23T12:54:01.553903Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1017,"timings":{"blocked":834,"dns":0,"connect":0,"send":0,"wait":180,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/c61ed9635a994591bdec2cfc9ed02f95_.jpg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/c61ed9635a994591bdec2cfc9ed02f95_.jpg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 54981\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:45:43 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54981,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 686x386, components 3","md5":"adc0d98a99af4bdb6cb7abe3517b7c6d","sha1":"22ad3b0f7975b3b7df3f7d46abebb4895dc22cf4","sha256":"89b374530b2a3658d4917b207599871a10622f4eed88d81ca65508b4263fc9c5","sha512":"c9bb0fb6daa297449e235610c87485a9198be968642efb5b785b87786e1d7a6c4b43d981c61f1e74c7cc85f3e242892dbd0c62060e0d676690c7fd75bf05ef03","ssdeep":"1536:llC+biH1lmoCNntaYPu6x9Cp4rnge29+Drk+NedzCc9qg:xsnm/ntxPuUhu+FNedzCs","tlshash":"f233f119a50ef1d14f09c6fee4c7bb77d14b36ba5ac90f67a64d1d02e802a51338581b","first_seen":"2026-02-23T12:38:22.283785Z","last_seen":"2026-02-23T12:54:01.600291Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1532,"timings":{"blocked":1339,"dns":0,"connect":0,"send":0,"wait":183,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/poster/1.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/poster/1.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 6041\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-1799\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6041,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 133 x 165, 8-bit/color RGBA, non-interlaced","md5":"603a3e686c3901139d30d7c038b469b6","sha1":"067020e3c7a8be365c494858fcc6a9c4cf043a8f","sha256":"f36273b1ed4d722dd8fa466d356476d99980f89c519f535f7501219b15827af6","sha512":"48b4cc2fa6cf0342fa9d4b3bfcf566aa1a193631f4d90b93989c4320e129489e155be9155989422b4019696125b9e69246716a9c13f6961fbc0b9c37d2fddf01","ssdeep":"96:FdQpmYuTBBSPJC6dp/B57+eIi/b/8vI8tGuRVVbCTSPlj7/zPY6w2zh4CtGSCNOc:opWBywgp/b7zIiTkvI8t/RVl8slrYYN2","tlshash":"efc18f2f8a5f1909cae51e401945d28334bb24c399d11d54039f40bbaaa745fbfcba26","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-04-13T21:42:53.909021Z","times_seen":32,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":71,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d213517.1d9c21cc.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d213517.1d9c21cc.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-5e9f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24223,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (23849), with no line terminators","md5":"a7c08fe4876958637fb95af48340d03d","sha1":"6d8d46b389fce2058d06de9fc48855fb23bc139f","sha256":"d330977b223c5e5917914c4ebf2a603c3472927ce31e00918ba963aa9b13d1f9","sha512":"f00413356fd68992d5b47883c7db89b34a76c52e204db5441c4a4ddaf3fbeae5dc254b230fde5c6661e819b67e6502c1a9aa34a01588923bec918358a79a9f00","ssdeep":"384:NYoUhJhj5qaL0lV8/pE5TPLt+/NojvZuHoEBjptEC3:NYtPO+hoTjt+/Nojv7I5","tlshash":"79b2c98cb1c7f16a4e67a021416f1519e33d7e89e45cd044fb28d8e0a9b84596b3bf7c","first_seen":"2025-06-30T02:18:00.837564Z","last_seen":"2026-06-01T10:56:00.217659Z","times_seen":80,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs//Swiper/4.5.1/js/swiper.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 28993\r\ncf-ray: 9d26c6a08f140731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03cf2-1f6e9\"\r\nlast-modified: Mon, 04 May 2020 16:04:02 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 416250\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=eZ7snnU0L%2FF0PpQsp53ux6SNmZ%2BoyvfX1F3LHzty%2BLBuXce1BpSAK9Nc2t0UgNdz94sOlCNqtYF4ulyTbK%2ByKj6e%2F1iUrxMuG0mDsp70xQQsKZaPPpJ8H3eJ12G%2FTTtxdR%2F%2FIkRa\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":128745,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65269)","md5":"2ac19265b38d14235141d184bca54d9a","sha1":"c725eb5a33d093e331e25c3a5ef1272b0f1f648c","sha256":"e2c1132a1877692ca2e8d46203eaae9cf6936b0a9230341c6bfc4b5aedbb1e0e","sha512":"6476ae51cfef0724ba254cff1e5d68f2cda477840954b01b933f1c9608ed6ca5094fe006d5cef7e5a32d54b25fb4a418a3e2c3eb642bcafa0d6bebaacbeac21d","ssdeep":"1536:O/pPCitsufJthaK85kqzOAkRlojU6tU8r5MhkhGllpcXvH7WcWUKcOqylFE8BtOa:+JthJkOAkaRaaGl4fH7WcWUKcOqjtYD","tlshash":"2bc31849b35071e551e72256539ed601a3b66845b90ac0a831b2d8d7acbce8c03bfffd","first_seen":"2023-03-07T12:58:52Z","last_seen":"2026-06-08T12:58:48.463087Z","times_seen":2388,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api/poster/notice","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api/poster/notice HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":243,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b7e67b8524d3b1b75ff07bbe7dc7e316","sha1":"ee55b8621a0f165a458a9ef0ff127813c5d5c531","sha256":"2f595a39a270b61fa0b3c3d1681bbdbabe5c3901b12a979602d34ce5cba775f5","sha512":"04d5ed79f8b2c05380cb75585408f4a4c0828c47ab3dd8f59460ee1f42aa512736b5a8512953b5a1b59d76f6193be484d02e80b191539b9359053e75f5f8e333","ssdeep":"","tlshash":"a9d09702412ba17932c3c2a1123805eebe3a7041a7150c483efad0e1b20ed02813bda1","first_seen":"2026-02-23T12:38:22.2868Z","last_seen":"2026-02-23T12:54:01.583841Z","times_seen":2,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":44,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api/banner/4/list","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api/banner/4/list HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b9e754add75d51d888ce7585dc9dfe41","sha1":"0fd53114199a1a46e887032b7efa05f1fd74c807","sha256":"7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3","sha512":"6ea97d926607e77cda3275af2c3ba966fd45c1d4b4aa97b53d63a718f0941d93c1d4e67939885740dc6bfd59a0021ed049073ddfc61cfd0e8a5553efb449b539","ssdeep":"","tlshash":"2f500000003c000300030000000c0000c33f00000c0000000c0c033000000000000030","first_seen":"2023-04-06T21:01:20Z","last_seen":"2026-06-08T12:58:48.451917Z","times_seen":5285,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":138,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/static/icons/ic_invite.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /static/icons/ic_invite.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: image/png\r\nContent-Length: 792\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nConnection: keep-alive\r\nETag: \"697e4ab7-318\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":792,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced","md5":"ae9609f354c86c7572342b3465fb7df2","sha1":"9e3096deb064d95711813d6a0707b723f720b3c5","sha256":"581cfd62c526498c41d7fb2fa5091b6d11a15750cb4be622ba8bb5092467b706","sha512":"4e8e1dcd1be2903a55441b06191912db27a4d3b4f2ded175b9837a8a7a46e29ee2ab3eec8b7801443e5644643d1c5e54272147c19dfa3bb963b49ca260eec5e5","ssdeep":"","tlshash":"0f017590da270660d6ee934e8b871019dc7c70998384c34889488dff782f28dddf971b","first_seen":"2024-05-14T19:58:50Z","last_seen":"2026-06-01T10:56:00.201929Z","times_seen":90,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":150,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/61f934e152aa4ca789982b75801fca20_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/61f934e152aa4ca789982b75801fca20_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 32234\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:44:12 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32234,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1350 x 675, 8-bit colormap, non-interlaced","md5":"61246bb5f8d76971eabd0b06d3e321df","sha1":"f6b158d8272a66fd95dc70cda3d570113e683faf","sha256":"b5f1703a2420873b29edd765af460769a4f55a23a87fbf7057f9db63ad39f898","sha512":"5d46a6bb7c8be3e69e646e782dc928c957dc7144fc5f56d3bb94fd15b415c890adeeb366b0963d6ba9c31d93532e101cdfb720d7e2b431a0b26fd91d53719bb0","ssdeep":"768:vDOzj+1OqI3Okpylf7NU60/88cZma4upuQxyeENfcHqgz:7q++Okpa7E88cZX4MZDc4","tlshash":"a3e2e01e4a3b3615c33e2f700bddb11ad49a2513c8688333f77d6a153518bf8a62af19","first_seen":"2026-02-23T12:38:22.28846Z","last_seen":"2026-02-23T12:54:01.595515Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1019,"timings":{"blocked":839,"dns":0,"connect":0,"send":0,"wait":177,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/35ae8f5f3fdf421a8cd14875600f483b_.webp","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/35ae8f5f3fdf421a8cd14875600f483b_.webp HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/webp\r\nContent-Length: 130854\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:45:31 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":130854,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9359cf4cf07ed85d8ee84ca7c377afee","sha1":"d2e819713a0a06d6423924f2383af3e5a16c76da","sha256":"e37d554e3d505825b8fba9f00133a0b39f4140489ff123570fbb9a6dfd870c4d","sha512":"64f93becfd5d5c485b5e0a3dea879c7a9c1c80ac7679528c77ca6c912a166f75ace71a980d199419adeadc985f6b51f0c437d37d1bdc00e0646bd0f2d7de8f50","ssdeep":"3072:5kLhvcnPWwWns7iOHLkl8aQdZmv0nx3Zp8xTeirCjB:uZcngns73L4Gpn18kIC1","tlshash":"35d3123cf7d12ac1a681a0700403b6a76fdfeb7a15162f305909bf8596b5de324a13db","first_seen":"2026-02-23T12:38:22.289336Z","last_seen":"2026-02-23T12:54:01.441259Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1545,"timings":{"blocked":1338,"dns":0,"connect":0,"send":0,"wait":179,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/3ca41950de734f4da1df52015b8c5513_.webp","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/3ca41950de734f4da1df52015b8c5513_.webp HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/webp\r\nContent-Length: 89036\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:44:57 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89036,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a969855277b2f78c6507bf9340adfbe2","sha1":"697ff42d90f4afc5154225373cafbff85f4116f4","sha256":"496abd34ab2b4984c8179e99c22404bba5fa1990f1ce24ec4aeb5844ebb7fc65","sha512":"4c70d76d5b9448bc9e8162d1fd2a159e33e9f0cea937ef26ca1df0bcc5124be27be88899872ae08158bd7f235417e97f2f9b0580a7f77b39d0219f771a3c86e3","ssdeep":"1536:vC8Zn/CA151PbA5EieDMW1RAHDNOuZZytp39e8qkdSNxOey/Qs5aafc46ASl7SHj:vC8d6c1MaieDMxjZZYP9e8qNYey/Z5a0","tlshash":"b693029a8f88bae22730f578685eff6f9b54e38085155ff61f7540ae1a32cd4c02185d","first_seen":"2026-02-23T12:38:22.290234Z","last_seen":"2026-02-23T12:54:01.608065Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1554,"timings":{"blocked":1328,"dns":0,"connect":0,"send":0,"wait":184,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-f8d706dc.cbc27764.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-f8d706dc.cbc27764.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-70\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":112,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"356149ed230b9481a4b0a80bb6e9a27c","sha1":"ffdb151234ec2e972db2a4f2e79aaba15ddefb5c","sha256":"a27527c60ec70a58cb61e9aeaf0d134c94dd7e658d469bc2daaf965d466acf7c","sha512":"440c1034a95e5e6ed49eea04f26d84bb07075359217b31f6830c80c5f27cb4677443cfb707ec2f2ea1dbfea2aa6c3539cba6f42cdb2ac06a03dfaac69d7abc93","ssdeep":"","tlshash":"bab0920969072908141fba60a6380495c2e0c22a918a32978813572687d71da0bb4b0d","first_seen":"2024-04-28T18:22:37Z","last_seen":"2026-06-01T10:56:00.203747Z","times_seen":131,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api/banner/1/list","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api/banner/1/list HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6196,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"65a8496653ab4aab389cca89b9154fcb","sha1":"ac4ab887cac1f16e3b288cc42d9839c870869948","sha256":"7cd7ebb97cb6b8480ce59b957a1b53ec29aaa78b90214465a0487cde5add1bc3","sha512":"91879a390bb31174a769d5bbb2281fd95e8e4d78db427d9f913fcf50541e8678e3330c0ce05159e6ae9d8bd3cbef9f3bf378942fb0f879afebb4ec223d0f3440","ssdeep":"192:ePuW3f+wSHCea1HYgQFa1YHGiIvUEmeNW9SOmFupdxFN5xyCGWv+Sv/+UCUopw5c:em7HOMpv1e","tlshash":"fbd18029d6b3fcf9549190c345eeb6d9a09cb21bc0c166503b81cd1c8a9ccb2979f56b","first_seen":"2026-02-23T12:38:22.294831Z","last_seen":"2026-02-23T12:54:01.469918Z","times_seen":2,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":139,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/1eae32885bf34f00a11d7ca497474b94_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/1eae32885bf34f00a11d7ca497474b94_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 505504\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:47:08 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":505504,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1215 x 716, 8-bit/color RGB, non-interlaced","md5":"47f81f8bcab848d32ae0bfb8c44842ed","sha1":"1b2cae3e14be90052868a6ec89de6888935ca073","sha256":"16680e0c5e2da36e7f866665de56bc18d67f77c405a1230becbdc4b2dadbcac4","sha512":"e3be7ed93509f95a5c7be86df2ec45b5556c916553294ba36fb6e04c97f0418a6f3f2183723725ed1de87b028d4d1575ab24b4db156a397c0700c88a7dc8dcec","ssdeep":"12288:JsO7eZv17F/rlh0xnMTtHgG8icmhX2ZLLTg//i:qZJ1VrlhenwtH2mx2Nz","tlshash":"6db423a7c5f442bf71eaa0192ea6296819d4f60a935efb5d284ed0c81bf91304c1f7e0","first_seen":"2026-02-23T12:38:22.295792Z","last_seen":"2026-02-23T12:54:01.564538Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2472,"timings":{"blocked":1919,"dns":0,"connect":0,"send":0,"wait":201,"receive":352,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-74757738.00ab3f07.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-74757738.00ab3f07.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-14ab\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5291,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (4975), with no line terminators","md5":"102639d3a47290757dc5ad3e5a49c7df","sha1":"98b8f6b16bddd9cdcb020c0892f30c9ffe374f21","sha256":"5b8eb0bc42f9affd0e3b34f9f47922122cf3f406d9ec27fad583bfaae5bfd87c","sha512":"38740c561378b07e338fe9b60a70404d22b7fa1380ab15cea5b587da87d84ce12c0fe9e3193e36c5092eda680f82da31bb087fa085b2b8adafce8f6fd8b8cca8","ssdeep":"96:VDu9208GaSVN7kCQfYpGjfwByP2pPhqqtPeVrWpI8Lsl0uS6sl0LDLSJRm5q:VB05aSVNWRFPHMIEuzLDLSv","tlshash":"dcb1fb98f5f7a9e81df68281b03d70195232f1249c03e1d5f77685ee49b6f10150fba2","first_seen":"2025-06-30T02:18:00.864288Z","last_seen":"2026-06-01T10:56:00.232456Z","times_seen":77,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api/poster/homeList","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"POST /api/poster/homeList HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: es\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: https://gorevmerkezi.it.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:43 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://gorevmerkezi.it.com\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":703,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"952c33561b326b9e65b0692c35a0cb40","sha1":"beece12d36fc4b0929778a650d80e9525e2e26b5","sha256":"0c04fda97f4b385a62035fe16fb86add27076d00a530fde6b58bfd5824702e56","sha512":"d7649ce3c1a5b24f161e73df3e2f534310ff9a4bb9f481cd5983d8508d34b2e62adfd61dd46c85136a9cba497a7d8fb9c01a6baafc89c3ee1f11a5e06d2a2c43","ssdeep":"","tlshash":"3101d418d3a9fcfe3407d08a045ee14de49c2b2fad91a714a8cf8b1c47555921909897","first_seen":"2026-02-23T12:38:22.297484Z","last_seen":"2026-02-23T12:54:01.563413Z","times_seen":2,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":136,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api/common/dict/allMap","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:41.828Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"POST /api/common/dict/allMap HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: null\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nOrigin: https://gorevmerkezi.it.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:41 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://gorevmerkezi.it.com\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nAccess-Control-Allow-Credentials: true\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13207,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"79d2ae547bcde4e06fea1c0031b8b868","sha1":"f2505ff259ed830a1a7b35187d77014029bfbcd9","sha256":"4f1542a1c4eeead67c8339f126d22368cb5fa88aadd1490a43b9910f9fef9500","sha512":"8ea714e8788c302222fe38a919212f8e09edf6e9875cb779c438d70e361e08f1e1e4965429a82f830cd65298ef2743eb9e4d05083a35482f43aeca605d386b5c","ssdeep":"384:awc6HuhJN30REHyMWILQd4MEjQTSOnzEobvB49hLmo6i0iibOfOQPA7:aAJ+jgSP9Eorzq","tlshash":"4c523e8d6743a9f99c0ffc90d3eca4ac547e3f771e4dc2445d91a44431b0082ae2abae","first_seen":"2026-02-23T12:38:22.220006Z","last_seen":"2026-02-23T12:54:01.592838Z","times_seen":2,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-4b346616.5f36c1ce.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-4b346616.5f36c1ce.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-137\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":311,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (311), with no line terminators","md5":"08d7468828b9d3af79f2beddd30ea454","sha1":"9d937dabc497e1d26fc72d16e44d6c38397ade66","sha256":"a5f727bac268f24c09680cef211f65c30cf1a3b5c7df78b2db92b215344f80d8","sha512":"810377a34e3b7d2e2c00123d4a43a72145cf349d9efde2914d6c7868318acc25b7a4082caae4d36b788f6104d4d709688062eaf0a57787cad6c5c62a302a87b7","ssdeep":"","tlshash":"c9e0c21a79ae20092b3fd3cbf4405fd894a06b12dc6847a3ec8247350f0f2f62b00a89","first_seen":"2025-06-30T02:18:00.922588Z","last_seen":"2026-06-01T10:56:00.183085Z","times_seen":80,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-680ea45c.4171287e.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-680ea45c.4171287e.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-c3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":195,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"14ae3e0a5a74981b6393f7d242d8c426","sha1":"69078a1e59422308103d045e3e75cf6a1a9ebb01","sha256":"39f89b7568e1c1524ad50e77ea33015b12eb7dd5551aaaf7d85e97140ca82fe8","sha512":"b04ba20df584c0aef3249e0bc695478dd866b97b4ffa90b7d8aef3dea1dc2562d98871218da405704a56d55c2ca08712599508392a9c4caaed2adcd96124cd3f","ssdeep":"","tlshash":"32d002f13e9ef0b98637c2a580deed441ba6f626d17752814d429f2819c6201397c35c","first_seen":"2025-07-19T12:02:29.47376Z","last_seen":"2026-06-01T10:56:00.206977Z","times_seen":68,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-7fdaf070.c293b530.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-7fdaf070.c293b530.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-128\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":296,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"31409204b8266587230f69e8ebf6c469","sha1":"63184ae00e5a49abec4aa8747b7fa776146b4536","sha256":"c626f89a80a475d50efc020bb3502241a4b52fdad3e62fb5d4be32654cb6db77","sha512":"dde60faa565d1a20c70c621c70e501eaa31747b3aa4ffb72add3976d37dc9f07608e0ab0664619fe3a3c08f64712618e2e8c13bc0b3804c0209273699f675683","ssdeep":"","tlshash":"05e0726a3c8e220a28a3e06738845cc6c0a5238190104332b9b3bf296f57e2170a033b","first_seen":"2024-04-28T18:22:37Z","last_seen":"2026-06-01T10:56:00.255082Z","times_seen":128,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":126,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/01/45cd93262352444cbae28aef57a6dc1d_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/01/45cd93262352444cbae28aef57a6dc1d_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 26310\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 01 Feb 2026 00:54:55 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26310,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1322 x 446, 8-bit/color RGBA, non-interlaced","md5":"156e0ead4eff6c7f24cad5ecb6113006","sha1":"77eb7088339b2a0d59f09074ceac58785a440fc9","sha256":"23003e609fbd0793ae31ba2b026cb6492a9de74e32e2b27955093dcecdc03e0e","sha512":"445987811dbdcfd927f1174873f7be69f4e0c1e2d00d6db1fc0c543669df73dab04d552da216916bb01a920245a4e7a9fe1593caf2920735e9bc3d22cadbef30","ssdeep":"384:3K7ZJ0nagweZvBjkEi3nprcHVVKrGy0ER91f8XoKlP2/jo9dnhb8O:3K9WaTezjkxgHVVKra0ZK12Gdn95","tlshash":"dec2e108a40195adcb5d8079ae4f4cce9df71a459e93da38aded1102cfb33e31d592d1","first_seen":"2025-06-01T12:22:46.279397Z","last_seen":"2026-06-02T21:07:23.031595Z","times_seen":7,"resource_available":false,"data":null}},"time_used":660,"timings":{"blocked":308,"dns":0,"connect":0,"send":0,"wait":178,"receive":174,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-44853638.a268897a.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-44853638.a268897a.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-598b\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22923,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22627), with no line terminators","md5":"079213fc155480bd62209dc4257cde1e","sha1":"8e5a547fe103f6f06dd800ff013f65fd6ffb6926","sha256":"6c94351db225214eedb9f5bb34717f1a1af329510f51d1c800804ca9da0ea672","sha512":"d905c6322a78faeedceed25940fa3bb7f2bad21ad53c959d75d6cef404eccbc2484ebf8f9d522fb12b124c9adde1b228284357601a2c3f8fa1ee17fc48c878b5","ssdeep":"384:8TOSwD92BtWlp+zp6iTu8xM0qP+dqA5raGJd:8iPE18Su8xMidLb","tlshash":"6ea2c748b1c3f16e8a7b9521811f1929e2396ac5e416d045fa3cc4d0b9a4c6d2b2fffd","first_seen":"2025-06-30T02:18:00.747245Z","last_seen":"2026-06-01T10:56:00.234817Z","times_seen":80,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-7fdaf070.0921470c.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-7fdaf070.0921470c.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-7bf\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1983,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1963), with no line terminators","md5":"03349f81e683a1fe231132512bb08a79","sha1":"12bcbba3a7079a3ffcd7a0dc910c1549d72d5e21","sha256":"2f77baa4e742cac2032d833ac32ebe0a3ceb321460c8913a7e2a9f72b1d5f33e","sha512":"4080f5a157d76550501adcc8b0781daa9730067d464583b6be7f0f6e908719e8f4ebe07ab0521d9267d282cc3c84f2f299982168873ebfb7a2d062229b0f784f","ssdeep":"","tlshash":"3041100db0c3f5984c7bf041912f222ae169bed0542869d0be74d0c56b61dbd232ea9f","first_seen":"2024-06-11T23:26:02Z","last_seen":"2026-06-01T10:56:00.227182Z","times_seen":119,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/css/chunk-1b5a0ff6.5bf61409.css","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.091Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /css/chunk-1b5a0ff6.5bf61409.css HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-c3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":195,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"3221fb067b1cde22f7a51f3e176d770f","sha1":"4cdf60b231ed45d5d22340945a519a1ff2d8a59c","sha256":"3262ab79ed69af173a45cf6ebe34046a3e5a5423c5a0b49fa001ceaf86324ebb","sha512":"034b963413d230db730001b883a237049a791f3a9ccf111ccdbb5f31d82c02de015f75f10e1b469e4464d788fb766c2a04d228d18e1ec7fcd90e0b4f53e1979d","ssdeep":"","tlshash":"37d002b1291de0bbe637c16501dcbc449165f626d2775a41c9c39b2819cb2033eb4398","first_seen":"2025-07-19T12:02:29.42352Z","last_seen":"2026-06-01T10:56:00.22532Z","times_seen":68,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api/country/list","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:42.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api/country/list HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/plain, */*\r\nAccept-Language: null\r\nAccept-Encoding: gzip, deflate, br\r\nCache-Control: no-cache\r\nX-USER-TOKEN: undefined\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:42 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1496,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"3ef148366c01c1cfe0e865598df113e1","sha1":"9f76d051d255e896b9d85bbd447c47dbf927da96","sha256":"96b15042164d8c5a5b0ebe2a4ecbe838fc6c9fd0e5162e0a2e687f1601357c77","sha512":"694a77b00db54e5a108f9c23b823fe9a8a673394a3293fc5c74a3970c5db0d1b4036489c52944ea91f5f708f0e5ee3743024603402306892a5d176a4fef82a18","ssdeep":"","tlshash":"eb3141de620cadeea9c08422184fab5e387d85aae4c83c5162ce8e7941c79f1020cc26","first_seen":"2026-02-23T12:38:22.304707Z","last_seen":"2026-02-23T12:54:01.603619Z","times_seen":2,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":182,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/64ef5805242f406593d2b18612d239ee_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/64ef5805242f406593d2b18612d239ee_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/png\r\nContent-Length: 505504\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:47:19 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":505504,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1215 x 716, 8-bit/color RGB, non-interlaced","md5":"47f81f8bcab848d32ae0bfb8c44842ed","sha1":"1b2cae3e14be90052868a6ec89de6888935ca073","sha256":"16680e0c5e2da36e7f866665de56bc18d67f77c405a1230becbdc4b2dadbcac4","sha512":"e3be7ed93509f95a5c7be86df2ec45b5556c916553294ba36fb6e04c97f0418a6f3f2183723725ed1de87b028d4d1575ab24b4db156a397c0700c88a7dc8dcec","ssdeep":"12288:JsO7eZv17F/rlh0xnMTtHgG8icmhX2ZLLTg//i:qZJ1VrlhenwtH2mx2Nz","tlshash":"6db423a7c5f442bf71eaa0192ea6296819d4f60a935efb5d284ed0c81bf91304c1f7e0","first_seen":"2026-02-23T12:38:22.295792Z","last_seen":"2026-02-23T12:54:01.564538Z","times_seen":2,"resource_available":false,"data":null}},"time_used":2394,"timings":{"blocked":2103,"dns":0,"connect":0,"send":0,"wait":177,"receive":114,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:40.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 22:16:05 GMT","end":"Mon, 13 Apr 2026 23:15:55 GMT"},"fingerprint":{"sha1":"D9:00:47:77:A5:47:66:A1:6F:DA:EB:4B:BB:BF:67:49:BF:2C:A4:75","sha256":"07:A7:3E:4A:B2:9F:0A:07:6C:78:A7:7B:DC:2B:68:A1:84:7A:7F:1B:45:6C:71:8E:5E:79:F3:11:1A:6C:4F:62"}}},"request":{"raw":"GET /ajax/libs/vue-router/3.0.7/vue-router.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 23 Feb 2026 12:37:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 7869\r\ncf-ray: 9d26c6a09f530731-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb0402b-60f6\"\r\nlast-modified: Mon, 04 May 2020 16:17:47 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1074760\r\nexpires: Sat, 13 Feb 2027 12:37:40 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=ayXxQNQo0hINv4kAxmRccOd9579drMKKaoFhXMyoQ6OjE2Hnq%2FIZ1O0Z%2BMazjuwaJ1MpmoZXCcMQWwoOtpK25Qs%2F8gSwRofIWgxlE7QsbcaJTwCqvgwMnaY%2B3nRnGUx6T2H%2FWe6H\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24822,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (24752)","md5":"32e2eb91e6ed0512057b2ad1e6d1b242","sha1":"27809df1b99a4b81b6b82ba2985cdd4b1c8bebb6","sha256":"e8707a396dd2f8d74eaaeb2f784074a24d7a71cbe15dcc70297f726b31c160d5","sha512":"0ab7b445b586dd27a0aeb72396350982783129c9ba028ba1db847c9d2acc0de9c90c3c9636e76a21553fedf81031220f3676ea64bf7336644c04da33d744563d","ssdeep":"384:UUcnX3xpR5tumD+EaKGZRpqB1UdEPQFWmexTMCJ:7E3jXtuW+qGZK1UCP5mqMk","tlshash":"01b2c7ddb581b03547e326a0412f250bf27b358db44e8498f269e4d52cba85ec42bf79","first_seen":"2023-03-07T12:09:32Z","last_seen":"2026-06-08T12:58:48.444421Z","times_seen":1173,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/21/7fbb2d37eaff44c5999afbe0995bd805_.jpg","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/21/7fbb2d37eaff44c5999afbe0995bd805_.jpg HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:45 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 135394\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sat, 21 Feb 2026 13:45:05 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":135394,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x576, components 3","md5":"9c173f44a177d568a941a4e620f18866","sha1":"e8dfccf91c42e215221fffc927bc85cf407d3d11","sha256":"e2701d5322fd793de88731c4900016804e4202b398fea5a753fb2c2408ca7b87","sha512":"2ee1a24c5da7c854bf9fdc0becb5c406572441f3f9ff04c0fd35be9161e46fa51e52a2b4c8dab3e5f05dd81ae96d411803990d2b40003dc6c0969893a3ba66aa","ssdeep":"3072:iwcJ8kkm5kbMethYj8rXN7Fz8vi+gAcYc5CAFrTvL+0M:+Jim5k4ethYUn2l0RvL+J","tlshash":"34d312cf791cdc29b5adde90c03e58e9a1d2310d7bdc2f02f9566682c384165fa24eda","first_seen":"2026-02-23T12:38:22.319585Z","last_seen":"2026-02-23T12:54:01.587308Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1751,"timings":{"blocked":1559,"dns":0,"connect":0,"send":0,"wait":179,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/api//file/banner/202602/01/eb7ba8922d0d4fb8a090b5760de7b848_.png","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:43.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /api//file/banner/202602/01/eb7ba8922d0d4fb8a090b5760de7b848_.png HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/m/index\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:44 GMT\r\nContent-Type: image/png\r\nContent-Length: 44888\r\nConnection: keep-alive\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nLast-Modified: Sun, 01 Feb 2026 00:55:07 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44888,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3840 x 2160, 4-bit colormap, non-interlaced","md5":"23badc80ddb3c74f384ee2b646505eb7","sha1":"032a074c3d92398360d52a625b7e09afcd55ada4","sha256":"2634e68eececc522ef46d5ee911bc9856c2d76cd8c2f43bb70986ddfd7082814","sha512":"9fdf6c100c08c61eb13e2bb3076f163fa980e5d756c92b07a244c36820c3d51081e096b3777e2028e02ef2df0ed0a3bbc1341ee4ce46ed3a09b0821e975d2c50","ssdeep":"768:+TqLRR1O71vEgSSde0CAQLverzIlpKp5O466wab7q5Jzbj6HbltMUPtn0:YqLx4vEgW0CverzIluO466wabebX2sUm","tlshash":"6213f1b28880ef5bd00574b043df45a6c7eeed97abcd24e6d9f5710c188ad00bd24b69","first_seen":"2026-02-23T12:38:22.320626Z","last_seen":"2026-02-23T12:54:01.591024Z","times_seen":2,"resource_available":false,"data":null}},"time_used":659,"timings":{"blocked":305,"dns":0,"connect":0,"send":0,"wait":350,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gorevmerkezi.it.com/js/chunk-2d0d3e42.fb15c1a2.js","fqdn":"gorevmerkezi.it.com","domain":"gorevmerkezi.it.com","tld":"it.com"},"ip":{"addr":"148.66.8.114","port":443,"asn":45753,"as":"Netsec Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://gorevmerkezi.it.com/","date":"2026-02-23T12:37:46.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"gorevmerkezi.it.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Feb 2026 06:46:56 GMT","end":"Sun, 03 May 2026 06:46:55 GMT"},"fingerprint":{"sha1":"0A:FE:5B:AC:61:A1:D6:92:D3:80:A3:FF:02:DD:9B:DF:1D:BD:6D:92","sha256":"9C:08:09:70:12:E3:25:36:07:36:68:37:1C:88:FA:59:61:D5:81:11:BC:87:40:0A:C8:F7:03:63:F9:EC:88:A6"}}},"request":{"raw":"GET /js/chunk-2d0d3e42.fb15c1a2.js HTTP/1.1\r\nHost: gorevmerkezi.it.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gorevmerkezi.it.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Mon, 23 Feb 2026 12:37:46 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Sat, 31 Jan 2026 18:32:23 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nETag: W/\"697e4ab7-33af\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13231,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12985), with no line terminators","md5":"aff25d0edeb7ddd40d4f745cd32b75ed","sha1":"01b9b56947b295dd657541bef55a72c49f0d2456","sha256":"8a71b40b8413512d6716a7ffd4e998050c1c4172f45a7bb7af4cdf55ebf30516","sha512":"340ed47937e7de84c1a76ddc814478c66da15d5c483d5f8b520fbf9ed20f7811c567cc007f3572729a2a1cccd5f79a2bc9dbfa96ed16bf0a33705ac2de5f2456","ssdeep":"192:Ajt46CnVIZ5xHo9CBlWbY4XsjXYbQ3qNLqbpPtqI44PnC4QL0b/3Ps1I:AjC68VIZ5UlbKbN1nxPC4Ay3PsO","tlshash":"1c42c6ccb1d7f42946676231901f200af23e696ab40ac145f768c8e1e8b486e537bf7d","first_seen":"2025-04-17T22:27:18.820589Z","last_seen":"2026-06-01T10:56:00.204339Z","times_seen":204,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-02-23","alert":"Sinkholed","trigger":"gorevmerkezi.it.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}