{"report_id":"71dfa7f9-88f7-49d6-bc69-82c9b2b26a4c","version":6,"status":"done","tags":[],"date":"2025-08-30T03:28:28Z","url":{"schema":"http","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"title":"نتائج البحث: \u0026quot;مسلسل جودر الجزء الثاني اكوام\u0026quot; - Page 2"},"submit":{"url":{"schema":"http","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.80.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-04T03:28:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-29","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"waistcoatreferchemistry.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-08-27T05:03:54.731092Z","alert_count":1,"request_count":1,"received_data":377,"sent_data":383,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"hatwhipbesiege.com","ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":12,"request_count":12,"received_data":222405,"sent_data":16590,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"torchfriendlypay.com","ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-08-27T16:24:56.203714Z","alert_count":3,"request_count":3,"received_data":79843,"sent_data":1301,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-08-23T06:25:22.651006Z","alert_count":0,"request_count":2,"received_data":5630,"sent_data":926,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2025-08-27T18:43:56.966874Z","alert_count":4,"request_count":4,"received_data":10400,"sent_data":4728,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2025-08-27T15:34:43.182398Z","alert_count":0,"request_count":1,"received_data":830,"sent_data":1465,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mc.turkishasq.com","ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":33,"received_data":1422204,"sent_data":22385,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap:3.2.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery:1.11.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"BootstrapCDN:3.2.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-08-26T21:51:48.445996Z","alert_count":3,"request_count":3,"received_data":257889,"sent_data":1134,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-08-28T00:53:33.505682Z","alert_count":12,"request_count":12,"received_data":14272,"sent_data":10286,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.google.no","ip":{"addr":"142.250.74.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2025-08-27T15:47:22.247026Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":857,"comment":"","tags":null,"fingerprints":null},{"fqdn":"waistcoatreferchemistry.com","ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-07-16","domain_rank":3135281,"first_seen":"2025-08-04T06:04:12.066285Z","last_seen":"2025-08-26T21:36:45.910968Z","alert_count":2,"request_count":2,"received_data":138723,"sent_data":848,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-08-29T06:56:05.274955Z","alert_count":0,"request_count":7,"received_data":224256,"sent_data":3294,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-08-27T16:13:13.023893Z","alert_count":0,"request_count":1,"received_data":7787,"sent_data":396,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2025-08-27T15:53:10.061958Z","alert_count":0,"request_count":1,"received_data":20344,"sent_data":475,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-08-27T15:14:26.687687Z","alert_count":0,"request_count":2,"received_data":34862,"sent_data":860,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"netdna.bootstrapcdn.com","ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":41692,"first_seen":"2012-09-07T15:11:00Z","last_seen":"2025-08-29T05:35:09.555236Z","alert_count":0,"request_count":3,"received_data":125854,"sent_data":1408,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-08-27T15:44:28.417679Z","alert_count":0,"request_count":1,"received_data":96978,"sent_data":410,"comment":"","tags":null,"fingerprints":null},{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-08-29T11:41:00.632906Z","alert_count":0,"request_count":9,"received_data":274739,"sent_data":3946,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-08-27T15:11:05.791298Z","alert_count":0,"request_count":5,"received_data":195913,"sent_data":2708,"comment":"","tags":null,"fingerprints":null},{"fqdn":"professionaltrafficmonitor.com","ip":{"addr":"3.78.68.13","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-01-23","domain_rank":16376,"first_seen":"2025-01-25T08:56:07.448138Z","last_seen":"2025-08-29T14:53:30.388188Z","alert_count":0,"request_count":1,"received_data":426,"sent_data":420,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-08-27T15:12:56.836113Z","alert_count":0,"request_count":2,"received_data":425817,"sent_data":1697,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"c0cc0fb0141f52b9fc5bf5bf281531ac","sha1":"29942c5675c543f8d2edc686e80cf4bf0e10bb70","sha256":"74c38e29231738f71a0b9ebec39d21fcb041847dad58079457731f0481a6e7ea","sha512":"eb9d30ad0c9fd6374e265504ef02e47fd672e0fbc3f50a49fedc8791de73080c353f3b3af4c0deb9c225d460f5c88ce263149c2b48f41f30eb09f86b8baf7274","ssdeep":"","tlshash":"c3a024dc14c571fc4711c15054f353137304d441440700ccc510041034454cfdc7cd11","size":79,"data":"","first_seen":"2023-04-16T10:54:19Z","last_seen":"2026-04-04T21:55:16.202326Z","times_seen":182,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-04T22:45:20.97251Z","times_seen":330264,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"83ea01f59b05dfc47b3f249a73be26ed","sha1":"0ac861bc660e1a36d1e29f5f08e3ff9d13f68855","sha256":"967989796d1e60ea0d0ba994bfd13256b597ac4d4702857ae943a3d211a45b79","sha512":"e1a0c6119cbd9786aed49800d94258b5b8cbb01d7192f783ddc20d92032ec41eec961db878461d5ba3eb45d9178d31cc7ce1995675eabc8ee4749f145bd817f0","ssdeep":"","tlshash":"65c002f74c1b419e4b3020d8d00d6155ba6fc45e3fefc057e4cdca00c8508aa066e68c","size":182,"data":"","first_seen":"2025-08-30T03:28:36.905624Z","last_seen":"2025-08-30T03:28:36.905624Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"86a6965e541a781a37d669b260561c55","sha1":"d507b1712d0947c35ca109d78453ad0706543594","sha256":"d08064727885699b455486366ac7a1b6e9e298d7cb1d94d4e491088d0bb8ab94","sha512":"083bdf45ad8995c0ec36c921ed717a940848bf6490fb897aa3a9a9d98be61fe38d2f4284960bd6863558a922318a7a42ec756dbbda4a3e1511e1fb28ea3a15dc","ssdeep":"","tlshash":"a3f0270ab2a4993780b231885a5a4bf9766854cee508183230a8d78d1371dd4a2babb6","size":439,"data":"","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-04-03T17:07:22.659118Z","times_seen":456,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"17ae3ac7142050a969f575e60ac82fe0","sha1":"3607e17925b8f6f6b2df60ab6ccbc177f2bb6761","sha256":"7d0c47d73d8135f8e37ddccabfae159f4657cc0f7ecd5960c3aef464a3ec9d74","sha512":"0858df4d3b6cd41b3a03d2450c7053eef128978fdda4dcbd37f5b390540b573785dccb5a3132df3faad1ce87a68cc89feae817df76e59d41b2e7b6d6639f6a0e","ssdeep":"","tlshash":"5a0149356238023183f3d0f85a5fa68a52e7478db40991877078cb5a0ee0be4a2a55ea","size":659,"data":"","first_seen":"2025-08-30T03:28:36.908455Z","last_seen":"2025-08-30T03:28:36.908455Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"bf2e414a903131b4a2c3dd5301f4dfce","sha1":"f12965da05c2c55c09c83e1e0c9830560140c3b9","sha256":"0f454b7b92316d698b68a71e4ae883ff8fedc6cf67058200ed198a7a59af57f3","sha512":"c7fa36c0c6d9c1d5c79c06fd39eb438ab8e36ff459952c19fbbad270ca23f8d16815106b45764bacc3c912d699da727296cf11933bbb7f0db9509ac2b0a48c52","ssdeep":"","tlshash":"7ba002d668dab0bc1351970055772722b328d85588091198c5604115388908ee4b5e52","size":62,"data":"","first_seen":"2023-04-11T11:13:09Z","last_seen":"2026-04-04T10:25:58.603963Z","times_seen":1420,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"369ac55bfbb5a3159e5733a541d6f793","sha1":"b7f1f06adb097c636ee9b53bfbdcc9c245481c22","sha256":"ee908c4af7b7f26209185b90d982a94b053704364f0460dcdedb06dd9ccf8b89","sha512":"c7a8e5f09b189d7a8aa11a7390019dbf924c4f67999aa9123bd0a8975247715cb3400c7ea8807ca043d715c9be5b27be0c6e9d04bd297bb421f78c63399b14be","ssdeep":"","tlshash":"f3312e1913428a310ec324d39ecde4d7aee400eeb99bc8117429b4691bcfbcc00df196","size":1833,"data":"","first_seen":"2023-05-21T08:30:01Z","last_seen":"2026-03-29T20:18:02.253258Z","times_seen":221,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/jquery.plugins.b.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"675182442ff7fc67b2f9748b6ac99a40","sha1":"0b40b9937ae8018bf209ae7b10940f3b2a1411a1","sha256":"9c6d06fd83d0e274e7b3f06d9f6f3320cbb5fdc9a6248f556ca39eef95708a57","sha512":"a2811fb4f7c3e419bc7b39897208fb4ad0c9e7197c85f9d143814f11bff208d4bbbba3be81a2ca3e980b63f10ae5e85be39daa1cafab678ca37747d0ff03bdab","ssdeep":"192:+rqHYs1VpcjP3+RMCN+h2eVUUZCDq78JlwyDp/VQ3Sh:+rSI2CxaqFcdVdh","tlshash":"1e12f8a93352342a62bb5168101ff50ff3229526d08b8050e21899f43ef9c8e3767fb9","size":9509,"data":"","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-03-23T23:41:29.22203Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","size":5080,"data":"","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waistcoatreferchemistry.com/a6d737bcbce8af1bdecf3e3d5f6c8a78/invoke.js","fqdn":"waistcoatreferchemistry.com","domain":"waistcoatreferchemistry.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"4744c1978a12218b5a19c45b9297517f","sha1":"95030ae58978b8aea9845e670bdb81827ea62e9b","sha256":"5ce9f68742f92f278ea9a9bcb1bbd3e0f556d3ad697a8413719f0c44eaca2e32","sha512":"131856300e38a9bac371df6a6f55c54436ee42ea939d5d95890008416fd8fe8828e47a90681d30cfe3e0766f9f64f8fa130e4f9ffd0278c866b894004954fd77","ssdeep":"768:5daJfLHR9AJK/57czlGOHErLJEOlhPmT9:0LHRNah2c9","tlshash":"f5e2e8eb7f10b3bd129b9473263f440ae3391c02f5c8c75dd976d6952e8c30a896a6d8","size":31134,"data":"","first_seen":"2025-08-30T03:28:36.857461Z","last_seen":"2025-08-30T03:28:36.857461Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"cae6f8624c66f13833c0cb65d1a7d4f3","sha1":"38913a239bfe49bb031bc0bba5130fdde4a9dddd","sha256":"41557c099d9a65a2febcf471b7cc43a2fc76a213f40eb129e19d06c2f3d64ce0","sha512":"a4c05ed1e653a18b4212c644636b7430b83ea8d43acf19fd4da179f7ef4b03b520a794002b9686a1bb348abee8697e34559e79e09dc3e054af916ab5ee83688f","ssdeep":"","tlshash":"d29002956cd970b817519614563b3723631494658c051094c1514119394908ae8a5a52","size":56,"data":"","first_seen":"2023-04-16T10:54:19Z","last_seen":"2026-04-04T21:55:16.201768Z","times_seen":173,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"16cc35f022b068dc2aaa0cb6a26d84de","sha1":"3563a4ab6fce2638cab17adee938d0cd6a8616f8","sha256":"c2546dfa780807b0af1ba77c584d965af7a2cd65f192a02fc7e1b6aea4485056","sha512":"610cc679eba2fc19d4269b1095ae423fa06797baaee3a4cb8d9dc49f9322fb4d66afdd97c6d3f30b7f71145e851c2a742e6034f3fcc67b3ea14e373cde6c07a9","ssdeep":"","tlshash":"e311ab3999b126201167a0be433e163530b39223b164ca177e1e87802f44a2f52bebcc","size":925,"data":"","first_seen":"2025-08-30T03:28:36.913174Z","last_seen":"2026-01-07T19:00:53.121392Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b5c6ecfd31b214438c017f7840cab7d","sha1":"5b0d464bbab33735e654f6d0b47dd2bcd47f8e5c","sha256":"e0d679f66eea8fae589016f89ff238618cabb4b802add68fcbf4d70498356ea1","sha512":"c5bcf7b3ad3cd5e65ef4a944e7430ef7a9483af6f499f7e9359146112442aaa246c69fc09c9fd3d7eb0326eebb4b72d90859897d869d06b299c8b0b835473a7b","ssdeep":"","tlshash":"dad07d80ecfd56010a7b75392c79ef8f923331011f03451156a9281f4e84bc7b163475","size":291,"data":"","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-03-29T20:18:02.302583Z","times_seen":382,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c3d5e7ae44ebf7eec435c9325b6f676f","sha1":"8b6342ac0b9b097678cb23ae693917b91090b944","sha256":"6dab04cf1ed42a5675ee85fc766f21ccf9386c3e61f9081987b6de3ec7e7f23b","sha512":"5b005cc0eb966d2f33b5a73649d37bc6cc5f0fb2cf7232daae7d64d16015dd4318acdccbd7b4fef7836668839c44905b62504cd6a4618a34fe7479f8bfc1ea73","ssdeep":"","tlshash":"87718548f752242b617770fa4abf1706673a6012db07ac64b17e088d0bd7f38235b8a7","size":3483,"data":"","first_seen":"2023-03-07T13:15:21Z","last_seen":"2026-03-29T20:18:02.285771Z","times_seen":320,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f03e5a3bf534f4a738bc350631fd05bd","sha1":"37b1db88b57438f1072a8ebc7559c909c9d3a682","sha256":"aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947","sha512":"8eeeaefb86cf5f9d09426814f7b60e1805e644cac3f5ab382c4d393dd0b7ab272c1909a31a57e6d38d5acf207555f097a64a6dd62f60a97093e97bb184126d2a","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmm:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"1793d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","size":95992,"data":"","first_seen":"2023-03-07T01:02:11Z","last_seen":"2026-04-04T21:55:16.161795Z","times_seen":20613,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/jquery.plugins.a.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0f51c1849d59ceb7b240d9f0b9d695e3","sha1":"b40564175a78a0c0a6cca7ae7bd9c3cb01922ae4","sha256":"c5da67292da0cb7d7a40812de84e839ef1561c01cb9e0bd4e9bb15bfc64b0cb3","sha512":"4f93cb08c0ff8925218a3a8412fffba8920c88ecb7bacb674b10c43f6876d3446768124b196269dd2d2f7c346e8f151c82ac0942ecb821b174042544818e0115","ssdeep":"192:Vr5EO3dPvqWHg35HoY+HFuArszyuFPsrhLypbNIGRS:d5EONH9mebHAArszySPsYpb5S","tlshash":"d91250647140736246ef70a6e0af92cf9231a335474bd0c0c090faee6e3a97586d3d9d","size":9792,"data":"","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-03-23T23:41:29.223976Z","times_seen":70,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/melody.dev.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"16382a2673590ae717ee030d81e32fc5","sha1":"8139236171b763ddac3c3d2b6ee4214b2469bcda","sha256":"41af4a2fb3effba0f84cf21ea77ad4db2373086ee9bda4160dd7a4c14392c179","sha512":"a465abd68ba833790e826dd7b92a0d94375462ba880f09b340c3645923ea27ba44555568daed40d6c9606ce6ba5ee34f2619d81c63e6c625c012d364e07f785d","ssdeep":"192:IG7tGJhJ3zmp/OPGP0xBhS7LL5HuUIrT9dBsl1UwjYdBsl1Uwh:I0jp/OPGsxf1woXwoA","tlshash":"93f19558f7bc279998f730660d3e60880d3ec0535203d958bd3ca1941fddae52676baa","size":7677,"data":"","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-03-23T23:41:29.211292Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/melody.social.dev.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"639a764cf0803939a44b4ed071d06cfd","sha1":"6ed0df51782ae71e8c91107642f51c4baa0163eb","sha256":"0173f0564447a100169acdd6c70f7a02019b883ab999b65457243964bd8328d6","sha512":"3bee44b9944449833d55266098f73c32c6fc5bc4c926ab1e61053f4c0a6cc23ed2f1b14c7d1786dc005ab2c2ea67333e98ca7d694abee7c80ad2a9d0fffb8ca7","ssdeep":"96:PPJLY0nRotZ7yEc+tYmgFjyR1fP41VFGBbd9PHutropdhXcN0bdAWkXbddVbWl6w:PP1YGk7yFtsR1fH1Ko+R5ZpVGRfB","tlshash":"fc42988fb163b8365be76034981712072237b5873a8f6018f6e5a09d5db07e87a73e17","size":12925,"data":"","first_seen":"2023-07-22T16:46:30Z","last_seen":"2026-02-15T14:48:58.343669Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/60/4c/13/604c13fd8efa127c8ea9ec3804312c5d.js","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"08b56194d42a61a3868d4b488b09a8a6","sha1":"cb07af8c0ea5ae3f3b45018d27571c275a6ed242","sha256":"2e17aa40799e87fea8e45e158f400c3424592e8c86644910153fb304c104b625","sha512":"72a52bc159ac512671150e19f560a85eebb224daed35f4fed485510b4ab4d005da3b9c4805ffb849bbc8745792f2a0638915b7bfd0b4b129973c694c76911d52","ssdeep":"768:Y2bnYsm+j2qw648+QhS8u+Jcj/XcdNjNOmOdY08kUbTehzbcepw6f:Y2bn/N4x5O+jvcUdY0U3fE","tlshash":"6863c7483f91b27802e6b8fa712fa61af0261c1195d8e4d8f503f4deae66719f035f25","size":72614,"data":"","first_seen":"2025-08-30T03:28:36.80358Z","last_seen":"2025-08-30T03:28:36.80358Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"901d05a394689754b24c53a14ff0bb94","sha1":"16e6750d0db26beda439d20147af2cdf6ee85f6c","sha256":"c8d34bfa528cee7507080fac65baab9a6eacb046b4c097cc3201ff3bba0d09c1","sha512":"4ee2e549e7bf56480b4d2ffcbd59903b4f9f55ee6ee6b15ac161d70b08297ae3662e91f1cfdd2c6832601a30079245c722674147287d384efdcbe158048e63b9","ssdeep":"","tlshash":"44d0a738fc7da01104bd38ba38f74d487a36387020032845447c96e45b9aea44581c15","size":216,"data":"","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-04-03T17:07:22.65821Z","times_seen":455,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/79/fd/7d/79fd7dc2b6944b4ad7d53e4c0c4c5e79.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"e1b56425b9c9869ef900568598584541","sha1":"e7af1732e3b54cc311826807630d2aca4d982ec8","sha256":"d0213d6bc75c17828f232ecec3e849efc7f6d6bd6788a028dee351095494af63","sha512":"2dbd687048e6bfc1cccf6ae94b50ff85867eaf66298de6666fe976d36727e1231ed4237bf54e83bff1cf57315acbe88b3fcbe64c0c0278988a0c4e9c1e469880","ssdeep":"768:Y2bnYsmqjNqw648+QhS8u+Jcj/XcdNjNOmOdY08kUbTehzbcepwOf:Y2bn/e4x5O+jvcUdY0U3f4","tlshash":"b763c7483f91b27802e6b8fa712fa61af0265c0195d8e0d8f503f4deae66719f035f25","size":72643,"data":"","first_seen":"2025-08-30T03:28:36.879571Z","last_seen":"2025-08-30T03:28:36.879571Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"bf2e414a903131b4a2c3dd5301f4dfce","sha1":"f12965da05c2c55c09c83e1e0c9830560140c3b9","sha256":"0f454b7b92316d698b68a71e4ae883ff8fedc6cf67058200ed198a7a59af57f3","sha512":"c7fa36c0c6d9c1d5c79c06fd39eb438ab8e36ff459952c19fbbad270ca23f8d16815106b45764bacc3c912d699da727296cf11933bbb7f0db9509ac2b0a48c52","ssdeep":"","tlshash":"7ba002d668dab0bc1351970055772722b328d85588091198c5604115388908ee4b5e52","size":62,"data":"","first_seen":"2023-04-11T11:13:09Z","last_seen":"2026-04-04T10:25:58.603963Z","times_seen":1420,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JMRHR69VQJ","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b639365afbeafd77d27b56da3718843","sha1":"7600a35f9e3c5632c401387e44726cb929c54996","sha256":"0e8df0bbee6809f1dba8e2ff06f0e47bd2020ab06dfef56697dbf1c1a258e0a1","sha512":"9aa31a11a5d2b22d77ba9ecd89055b12be1e61797772afab8a546d1530edf1bd7c3fbd819de62cefa4ffe3f9db77b3eb4fced775d95c26c92d6faa01334b98de","ssdeep":"6144:hmukFixpjXLgL52RfvpP4UZeLEDOWvLsI:MzF8pjM3ED15","tlshash":"3a9428ce73d670269396f478503f018ba57b29a2b44dc899f189cce42e34a9a4177f7c","size":424219,"data":"","first_seen":"2025-08-30T03:28:36.798907Z","last_seen":"2025-08-30T03:28:36.798907Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/js/jquery.typewatch.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6915a93382a7b35f40987fd648b43f9d","sha1":"b78c77cc774594df414a7b1fb99c28083d85bb80","sha256":"1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b","sha512":"e88f5e62ae04a867b1b5ba979e2b653cab8348167c37cf897856d13558114dca318ac33b2c07d611ad3559014c57e60b847823421a46649a47f5328720eceac4","ssdeep":"","tlshash":"6c313f4cb152a15d87e263f6aa7616ee3a7ae3785a001184316512d0a078a8f63d7bd4","size":1745,"data":"","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-04-04T21:55:16.170701Z","times_seen":388,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/js/bootstrap-notify.min.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ba070af9d1b1a2782851940de30879f","sha1":"d33390fc88bf68bd23eb182d7dbc77f5227081b2","sha256":"a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450","sha512":"3d793cb731b6a060ea4b68dd622b76ee0db7f1ca5536fd4b4831b6f586c8f4f6634fcfc64d7dd93e85298225e9a4aba6d9d44ca3d8fabc2dfd365a02df60abe0","ssdeep":"96:YjcZsiBifeECqrETiqx8D6Eie9tJzg1YkwVgwIuIL3BMLbR7HdvxsyBvoPrrOLKE:kFi4f/7ETi7DcKtJ03LLkp1xs1O","tlshash":"a902768d7112926a825b9277a08e0300f536a615e517f63d3e3ac4e6bdb4de822173f6","size":8216,"data":"","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-04-04T21:55:16.108705Z","times_seen":495,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89492,"data":"","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-04T21:16:11.401734Z","times_seen":6516,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/theme.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d8176b4cb2798d51558fe707c55d7fbb","sha1":"2d49a0b8afb91121d20469c210566fb8d21e82d6","sha256":"497a2c9b733f23e5ec7ba08698be68a7cc7c121213e78be6a9db5ceb3943b8c9","sha512":"35bdf908dd7eeb6cbd0c3d6f746e3ef87b992bb188e16f4ccc4966c26c774086f866dd603978d9dbdc65fe3488c4bdd3346c78daad3b39da835f8d34a1514811","ssdeep":"768:sdsHXBe1s4RPwBTlttO81x93OD4JdbNC6vALeqny+C3s1pR7T8I5HDwLYPLAWyCt:sdS4D4JdbNzvweqny+CQpmeHMYPLNxn","tlshash":"4313ea883182b12787f761f5a05f620bb172a9a5a04da43df579d4d1bef4e881123ff8","size":44830,"data":"","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-03-29T20:18:02.125086Z","times_seen":284,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/jasny-bootstrap.min.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6b6e524d29d54ada53e4172b9d91cf7","sha1":"427153c7a2d83d2ca800e397779f29b857801ad2","sha256":"e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8","sha512":"13c01f28dd38a2b10ce27bc4dc60d510b2067e408ba1c0a26b0eb7fd39dd4300265278d529925e56d40bdc06a32d024558ca10a20d1ced6c186cc9ac263cc36d","ssdeep":"384:rKLCtf00Rd7HyeSOjjWhuU4AHL6JLeUxVM1MJsisNV+bocACk3N7K1nj:rbR00DHyNOjKhuVAWLxA1MJsisNV+boo","tlshash":"4e92664579b0225903ffa17601db4749f336eb28984a411cb4789ad76e39d0a72bbf3c","size":20042,"data":"","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-04-04T21:55:16.188519Z","times_seen":583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/jquery.cropit.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd82e0edbcecf087be901e8e7ed0d035","sha1":"2cedce9f87501152efa36eb1949d95c0ca4ff200","sha256":"b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840","sha512":"972ad1b4fe72296e7123bebe0c1e18aaf1fe1617ed41762b0e0b3afc9a7e58c0a4f9e5354094808d94bcebcd8f7c1d12b9c794ae17c47bc9cb3586ca9899193f","ssdeep":"384:b4Ku+vsSCLma/KSUOW5Gur0433Pfmoz8DKNzmavSbnCIjcIOHinWK0inVcaTJX5s:XWmaiSO5Gu/wemaybVtPJXm","tlshash":"4fc2b4193ba1367742a7f1a0760f800c1275e975e446e38cb638d8fa9af18148a77f76","size":27578,"data":"","first_seen":"2023-03-07T12:01:39Z","last_seen":"2026-04-04T21:55:16.140514Z","times_seen":607,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T22:29:14.199471Z","times_seen":94551,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3f2d086dcc6b5ab628040a6bc5bf114e","sha1":"922d392ecf18499c3a690e2ac00d8f84262667fa","sha256":"cffe0da17fcada50ea68bda168e20ebd2447feaa7d97d3557da12112a9da015c","sha512":"565b3861700361eb095101e84f2671eb201d5d8440e18bdc926f069cebd1885dae2ebe955c2e7176cee77989b06861a16ae407fc8a73e8035fe02bca310ced6b","ssdeep":"","tlshash":"d7c0c01f01d8350b0ee002286fb78c360cbd5d168c0353c1d47fb863292fd001070a0c","size":189,"data":"","first_seen":"2025-08-30T03:28:36.931403Z","last_seen":"2025-08-30T03:28:36.931403Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"29727d13fa2a206a7cc92a101c29ab33","sha1":"647b9b2f5532aaee7217e70850589ad673938fcb","sha256":"42ee5f253d773ac3a83d1fc0d0f922a4c502f66dddfb591593129586c4f2725a","sha512":"5917cf75cc80fb72cddea8cbbba81512d053c8cd265f38c81db939dbe3afe1d9bf4c81ca8ad387743873436144cd57b1f55d79f353be00b851b7a6e220e89b83","ssdeep":"","tlshash":"61c0227079dc5639807a71241dfea204ae1ba910b83a2140e02ca0b146ae63822b2c10","size":190,"data":"","first_seen":"2023-03-07T12:01:39Z","last_seen":"2026-03-29T20:18:02.292636Z","times_seen":376,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/jquery.readmore.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c6530ce1b280d087dc3a0714f7bb29f7","sha1":"c212826cbdd1d0c4d5290bbbed84727b56a9d8d1","sha256":"7dbbe700df964fa01b2e5685082d1f0a6fc5c8a9b9fcb18432fb3f31ac29b208","sha512":"7185fd001933ffcfa5839a223409b27574d084ea62985ca60d5f86bbdd61509d3dfe299868c65157b195dadc997d9b22f991c8d45fd290ab00fc8c9616a0ec4e","ssdeep":"","tlshash":"fd61df69b323f642c5a720e2705f534a663bf128835580547737dae86f7c80e7863a7e","size":3422,"data":"","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-03-23T23:41:29.21574Z","times_seen":119,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waistcoatreferchemistry.com/07/48/02/07480215b199138738a408914e7f4f8d.js","fqdn":"waistcoatreferchemistry.com","domain":"waistcoatreferchemistry.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"a320db4075323c194a6bd6c90441ab1b","sha1":"1b0aebde33761e7e26b3fb93e2cc1cfe66b8bf20","sha256":"cda50f39181a3c3cb936d26a3429032de306256344b9e5645039173f0717204d","sha512":"d900078e3c57564a56c0dda957afc7da1f7799a4461c5756a0bff9f86bc993de521b734ff9a757ce118cd50d74152a47a0b7af1639c9eaaf261e6178f038a267","ssdeep":"1536:dxIVgLSwVJi5sbaeBvat/xp1P2PNrdMCC2cevmiwB/BDMCHT5Y:bZVJi5s7ahxp521rcuZwHRu","tlshash":"8ba3a8487f90fcbe02566033663f951bf1aa0e815958c988d11afdb42a3c31bf63da75","size":105951,"data":"","first_seen":"2025-08-30T03:28:36.865706Z","last_seen":"2025-08-30T03:28:36.865706Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/9f/0a/74/9f0a74f78c5d3829cb6a4093293b8b22.js","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"3da530468f5b79adbfd388129aefe218","sha1":"ab3a2547ba214ecc28669764b8fb83444d6bee17","sha256":"6c6804907c65baa697893c52c97aab9449c718e1117fbf96d2d2817d73a144ba","sha512":"733222416c8caead6ec0f074af244d79385554320a1731340c42376316ec353f3fbfa02c661c81a692b9278a0ff45050f9e95e51e0b7dbde2269683fa4d99442","ssdeep":"1536:cmt7BMZUs9piv3i6In8noteGF1XF36y8T6GhS:ckdv3i6C8notJZFqnM","tlshash":"88a3e9887f50f47d02da6036233f962ae1ee4e42154ee158d026fde53a68317e63ddb8","size":105718,"data":"","first_seen":"2025-08-30T03:28:36.847924Z","last_seen":"2025-08-30T03:28:36.847924Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"2425bb1452fd672c3a820fd8e62318d8","sha1":"0a05a1311bba27cb2ef6572503a7c4875dc8c040","sha256":"7b00bdfd34705df94b2c45f28125cb8783ac1afbfd07a33bdf225d0770a4e657","sha512":"9ab1022a0d703c17d96e95e643dd3b8804b4622862c8cb28a8acc3d05e0c6ad66448e9879a5c0ebdc0be2dbcd83b900006395f32df96e8cd1b492e34e72cb54d","ssdeep":"","tlshash":"fcf0a92479544328d27fc16491bfb2ead3600b24c509072a641833672cbb6691ac5eda","size":564,"data":"","first_seen":"2025-08-30T03:28:36.936738Z","last_seen":"2025-08-30T03:28:36.936738Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"630dcccc27a891da316593a099d97944","sha1":"5256790297332f26e621ea7ecdd26d18eef02276","sha256":"0df0a03c5fdca8bea086c643eaab96e2d39512c90e207f5d3e3f71975e8ac496","sha512":"d439b8cd734481cfa267f93ba32708999d9b057ae94298234d6f4e70e7d4e3174afbd6c1c652477ed2f14f441f4f77f4b37eab131f878364e3faf3559a569450","ssdeep":"","tlshash":"f5d0eb2310e03e062bb0b8a2a04453310cb72ce808803bc0ea4a4481fe22a8a02700ac","size":281,"data":"","first_seen":"2025-08-30T03:28:36.94096Z","last_seen":"2025-08-30T03:28:36.94096Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/js/melody.dev.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e238acf58475d3cdb95d614582134b24","sha1":"b13c1da1f5254cb14f4f187bd5174ed0feb08a23","sha256":"f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab","sha512":"7209c4cb8692e5a1fce4c6bad8081361c857d45b179b935a7291b0682c514409584e10b29bb56905dafd5d3dc8831d82c78cf9895c7b59ac2239552f6abf1f2b","ssdeep":"384:krC7SV8zve0Nfenff87NLRld9gTSOW6VUH:krC7+860lRLRGTdK","tlshash":"f5a25405f2ed1e6600b334360cafa4853a3c99b798048d59fd5d21e85f6cb7ca972f4a","size":23108,"data":"","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-04-04T21:55:16.187289Z","times_seen":493,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c4ad53f94668146ed36e880a7586240","sha1":"7a2bcc51e750bc911726bfddb6ee8683b51b94c8","sha256":"60f8d598444e1377fa73017ecd0aace3cab94c9e71a2f0b59bbebcf5bfe70d0a","sha512":"224cae39b795d9d2ffe7e42978cdca522d2959e96370200466840d14f8d9a55077fdc0a17c967345bf6ab8a6e75cbc670ebe3da5a3576ffc236f9ebc0dcd49ba","ssdeep":"","tlshash":"4ae07dd934365db2a977aa4f976fb844f80176229481c53278a51300af20a17c28e8f4","size":328,"data":"","first_seen":"2025-08-30T03:28:36.944518Z","last_seen":"2025-08-30T03:28:36.944518Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-migrate-1.2.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb05d8d73b5b13d8d84308a4751ece96","sha1":"743052320809514fb788fe1d3df37fc87ce90452","sha256":"1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d","sha512":"7b68a43a22a41404a2ff58e0da6a237492cad0fc3e56d216980802b4d5fb483895262a7e049340d6670002bdf899ba88c319239e60d0aae1ac31d98556b0ad6e","ssdeep":"96:tBySz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:zySzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"3fe196dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","size":7199,"data":"","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-04-04T21:55:16.197626Z","times_seen":19815,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7bc2250f798e8dd30269772ee8cf4599","sha1":"3fb3ed5ea1a5c052fa3c26e45d4abd3e722b9700","sha256":"cda4eff9500a8b16f33a54c6cd1ce7d2ec3bf66cecddb63d9c736078916c5035","sha512":"3e8e0117e5160dcad1084a50b83f5226f5a9ac659d3e3dd68995bc2706b8c2ae482c3ce2692bab223ad149137a58d792df16a2c996bafd328280806b31ff1a4d","ssdeep":"","tlshash":"fa319946f72c1977663a14ab1c1930cc913e49b52c0426e7fcdc26a45d98f28c3ea99b","size":1833,"data":"","first_seen":"2023-03-07T12:01:39Z","last_seen":"2026-03-29T20:18:02.294258Z","times_seen":354,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5d0f0b5b79e9f10c796e8a416e57dd2d","sha1":"acca3a159098bbc8a6313d6f496cfeef362c3171","sha256":"452c276bbd878d6970a8f3a2b5ebea89fcc866c5aa58e5e56afcdc9c53c2b78f","sha512":"e27276b5b768d17d9973211aed03b558904dc0b9d04d39390bfe27493d783c5c64f98dd6b676bfad19f0060eab18fd0ef3d4ffb492b0353585c3b09253e7fcf6","ssdeep":"96:u+cdSxFAl+7furhwsTulBaahwlXYDIxCrh6sTuDHO65:uXdSxFAl+7mrhNulbwlXYDIxCrhzuD/","tlshash":"bab1b909ff7a4a9b996b316075dfb1ca435f6972f30b0e1afe215c1c12e4562e063a06","size":5271,"data":"","first_seen":"2023-03-07T12:01:39Z","last_seen":"2026-04-03T17:07:22.660317Z","times_seen":450,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js","fqdn":"netdna.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"abda843684d022f3bc22bc83927fe05f","sha1":"26908395e7a9a4eab607d80aa50a81d65f3017cb","sha256":"24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f","sha512":"3f1b46e9ea0fb6be507605a2783af406c6b4f885dedaa4401bff204b0fe9056656717411021594e2512e98a4e398e3238267a7deafeba1b57e443decab0477ea","ssdeep":"768:xoBFw1wl+WRydWDRQgn8WI0fBQLrX84XCqc:SAr2MRCqc","tlshash":"43e28446b23031a107dfb2e5515f020b723a6a6de906907c38b999f53db9c48727bf39","size":31819,"data":"","first_seen":"2023-03-07T01:03:23Z","last_seen":"2026-04-04T21:55:16.197094Z","times_seen":7143,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/css/animate.min.css","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/css/animate.min.css HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: text/css\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 25 Sep 2025 13:39:05 GMT\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sCvwEaVfBJD3Koz82r9R4CfvC4VFRoSfv3TLlhwoGUVKMxmd50wH860it0MxQv20jJ4DtcltmezDIV%2BImYLTqBdC%2FELhZyNi44Ul%2FRSP%2Fg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\nage: 258252\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b0afb569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":57990,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (319)","md5":"3d0a26b7c254da8c0d297e753ff23f65","sha1":"877d0bcad6716a05066d9b6dab07e264f631a5f0","sha256":"f1f0041c0c62f37ee475d174370f574a62afd842055e79a86dc4c722532de6bb","sha512":"cd0a8d03e95d1cc8cc7f9ea733b1ed7d6eaff7cc36baccbeee492b11e91aa10c165e43ac33f0e29990e5dcf7826a4b49b0b0409114da5b4822a4a5f7fb37d594","ssdeep":"768:dkZFpVIBIEwQ1oAhkIDz3gy65VraeX0UTGsXsV:dkZUwQ1oAhkIDz3gy65VraeX0UTS","tlshash":"b74346ae5891238a91674fa2c3dd5e64473dc67314621cee3381684b8f87f9e33da247","first_seen":"2023-04-07T18:47:56Z","last_seen":"2026-03-29T20:18:02.188656Z","times_seen":367,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JMRHR69VQJ","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:21:11 GMT","end":"Mon, 03 Nov 2025 19:21:10 GMT"},"fingerprint":{"sha1":"07:D4:DA:62:23:19:DE:C6:08:D3:6A:78:15:9D:A5:07:00:39:48:12","sha256":"B1:A9:08:B9:66:58:87:B4:23:94:8F:68:98:E7:F0:EE:8F:DA:A7:88:CC:7A:04:0E:80:74:B0:58:9E:A9:3E:D5"}}},"request":{"raw":"GET /gtag/js?id=G-JMRHR69VQJ HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\nexpires: Sat, 30 Aug 2025 03:28:07 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1106:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1106:0\r\nreport-to: {\"group\":\"ascgcycc:1106:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1106:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 140191\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":424219,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6006)","md5":"2b639365afbeafd77d27b56da3718843","sha1":"7600a35f9e3c5632c401387e44726cb929c54996","sha256":"0e8df0bbee6809f1dba8e2ff06f0e47bd2020ab06dfef56697dbf1c1a258e0a1","sha512":"9aa31a11a5d2b22d77ba9ecd89055b12be1e61797772afab8a546d1530edf1bd7c3fbd819de62cefa4ffe3f9db77b3eb4fced775d95c26c92d6faa01334b98de","ssdeep":"6144:hmukFixpjXLgL52RfvpP4UZeLEDOWvLsI:MzF8pjM3ED15","tlshash":"3a9428ce73d670269396f478503f018ba57b29a2b44dc899f189cce42e34a9a4177f7c","first_seen":"2025-08-30T03:28:36.798907Z","last_seen":"2025-08-30T03:28:36.798907Z","times_seen":1,"resource_available":true,"data":null}},"time_used":340,"timings":{"blocked":133,"dns":0,"connect":8,"send":0,"wait":27,"receive":23,"ssl":145},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:18:37 GMT","end":"Mon, 29 Sep 2025 15:18:36 GMT"},"fingerprint":{"sha1":"1A:27:71:C0:8E:44:D4:6B:F5:AA:49:F0:F1:AF:E5:5F:30:23:A4:D4","sha256":"84:6C:2E:D6:ED:8A:2F:33:05:CC:E9:F2:24:E5:5C:E0:80:C2:04:2D:C3:21:06:64:E1:0D:14:81:A1:9A:00:1B"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 348688a658a0d88b03d8fa1ffc4ed9eb\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":86,"dns":25,"connect":17,"send":0,"wait":17,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0","fqdn":"netdna.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 12 Jul 2025 02:43:39 GMT","end":"Fri, 10 Oct 2025 03:43:37 GMT"},"fingerprint":{"sha1":"C1:BD:D6:84:57:89:FE:9E:6D:F9:1F:26:76:1D:7C:45:E8:23:F6:35","sha256":"42:6A:B9:E6:CC:53:CB:12:2A:7A:43:B8:3D:90:FC:5E:4D:CA:A2:E0:3D:B4:2E:38:10:A6:6F:26:86:7F:D5:A0"}}},"request":{"raw":"GET /font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1\r\nHost: netdna.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://netdna.bootstrapcdn.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: font/woff2\r\ncf-ray: 9771323cac147127-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\netag: W/\"4b5a84aaf1c9485e060c503a0ff8cadb\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:54 GMT\r\ncdn-cachedat: 05/26/2025 07:57:59\r\ncdn-proxyver: 1.28\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1054\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 9dfb2c46260ee95100b49f3321c0801c\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 905959\r\npriority: u=4,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":64464,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 64464, version 4.262","md5":"4b5a84aaf1c9485e060c503a0ff8cadb","sha1":"574ea2698c03ae9477db2ea3baf460ee32f1a7ea","sha256":"3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019","sha512":"05196036c41398616c077925fc4bf252e81f11b6ebef8745047d75cb2c8b80441b8c3593f4d5b2617089e9f3d8d957f9edcdf8e43993661a277be8f4b6a32111","ssdeep":"1536:wOhGmmMET1VwoQNDerkOtxhncPvaAAGzw9jD8RlhANsK1q:JhkhVINDerkO+aAAGA/aANX1q","tlshash":"a753f162a0233101d19918bb7d39ffe22b01c1cee34659c7dda62c5338e5d5472abe2e","first_seen":"2023-04-05T03:42:19Z","last_seen":"2026-04-04T21:27:00.045337Z","times_seen":19433,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/60/4c/13/604c13fd8efa127c8ea9ec3804312c5d.js","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /60/4c/13/604c13fd8efa127c8ea9ec3804312c5d.js HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29364\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ef36fd8f08cf69a1a62073c71836045c\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72614,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"08b56194d42a61a3868d4b488b09a8a6","sha1":"cb07af8c0ea5ae3f3b45018d27571c275a6ed242","sha256":"2e17aa40799e87fea8e45e158f400c3424592e8c86644910153fb304c104b625","sha512":"72a52bc159ac512671150e19f560a85eebb224daed35f4fed485510b4ab4d005da3b9c4805ffb849bbc8745792f2a0638915b7bfd0b4b129973c694c76911d52","ssdeep":"768:Y2bnYsm+j2qw648+QhS8u+Jcj/XcdNjNOmOdY08kUbTehzbcepw6f:Y2bn/N4x5O+jvcUdY0U3fE","tlshash":"6863c7483f91b27802e6b8fa712fa61af0261c1195d8e4d8f503f4deae66719f035f25","first_seen":"2025-08-30T03:28:36.80358Z","last_seen":"2025-08-30T03:28:36.80358Z","times_seen":1,"resource_available":true,"data":null}},"time_used":822,"timings":{"blocked":307,"dns":26,"connect":97,"send":0,"wait":106,"receive":94,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/d8/b1/09/d8b109165fc0ec08002c14fd9e81f6ece67b955e786b918b73abb33e5be5188f.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 10 Jul 2025 02:33:11 GMT","end":"Wed, 08 Oct 2025 02:33:10 GMT"},"fingerprint":{"sha1":"06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9","sha256":"CF:05:58:46:C3:07:3F:B6:A6:8D:42:F2:3B:3D:91:36:93:10:CB:D5:89:47:A3:62:26:D2:F3:BA:AC:51:0E:B7"}}},"request":{"raw":"GET /si/d8/b1/09/d8b109165fc0ec08002c14fd9e81f6ece67b955e786b918b73abb33e5be5188f.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 57237\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 11 May 2025 14:02:30 GMT\r\netag: \"6820adf6-df95\"\r\nexpires: Mon, 01 Sep 2025 03:28:08 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57237,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced","md5":"423a240fbfb182d7805dad3bb9e822bb","sha1":"6a853689b2cc95a6c36b98e6938e598bf2a28d52","sha256":"da19475c70c6669a83473eb52dec1feb61e629e374fdd426dd02024080d0b1a6","sha512":"98e063f429420821aa55688891aa4426d16d9e7ffa44f92f8d9d7f3e3870007872a66a718185428f197db14d070b7254e92a2cc7734cc54c39034c808daa7c8f","ssdeep":"1536:BP5oFAaPeX990yL036TelNvY6lEFLXmLw2JR:FWqaPeXz0yLDe7luXyH","tlshash":"ab430224ff03e61784be24af91eae88f1f6421bfb5b092807770221445b7c6b4282463","first_seen":"2025-05-16T16:44:08.672031Z","last_seen":"2026-04-04T21:32:57.783078Z","times_seen":3531,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":105,"dns":48,"connect":19,"send":0,"wait":63,"receive":15,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/ac/0f/5e/ac0f5e4b7a3977ed4f53505760205bf8/1753452172.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 10 Jul 2025 02:33:11 GMT","end":"Wed, 08 Oct 2025 02:33:10 GMT"},"fingerprint":{"sha1":"06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9","sha256":"CF:05:58:46:C3:07:3F:B6:A6:8D:42:F2:3B:3D:91:36:93:10:CB:D5:89:47:A3:62:26:D2:F3:BA:AC:51:0E:B7"}}},"request":{"raw":"GET /cti/ac/0f/5e/ac0f5e4b7a3977ed4f53505760205bf8/1753452172.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 26361\r\nserver: nginx/1.21.6\r\nlast-modified: Fri, 25 Jul 2025 14:02:52 GMT\r\netag: \"68838e8c-66f9\"\r\nexpires: Mon, 01 Sep 2025 03:28:08 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26361,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:07:25 08:58:24], progressive, precision 8, 320x240, components 3","md5":"f9075ad0d4f643436b20bff229f39768","sha1":"9bc16499a30854e6e919a5d9a0b06edb1a3cad9f","sha256":"e4761c6655c4c293343f908cbcdda7af92346e3370df1bde6e55342a7e8440e9","sha512":"b6686b23a319c54762c1b935e84222ce76cfbdb823c76a1ed4a05267b982762073b913a63f6f6874b01ca9d06bbe3bc4a982edfcf10b8de767ae1481cb9afb4b","ssdeep":"384:i43FViiaF43FAnSp11YNg7yMbDpNrS60f6rIk/Hlo254zWxD:i43PiH43CmYyTp9PQWfxD","tlshash":"b5c28e3cab44df53f4d5a23948a0cba1e353ae1a97a33b927c0c75153b727c11ade246","first_seen":"2025-07-25T14:51:10.511008Z","last_seen":"2025-08-31T17:11:34.612554Z","times_seen":158,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":102,"dns":51,"connect":19,"send":0,"wait":63,"receive":8,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/uploads/thumbs/8f218756d-1.jpg","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /uploads/thumbs/8f218756d-1.jpg HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: image/jpeg\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 29 Aug 2026 23:24:43 GMT\r\nlast-modified: Mon, 18 Aug 2025 21:00:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x8NejunbSgyhpX7nyis0emVH3mEVN%2Bue3OH1OB%2BMoNp%2BjwhDV8lVvhu1i2iQ3kQJyrYGbGknxqR8y4T5zPmP7xHt0Xam9RstAsr9bsTibA%3D%3D\"}]}\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b3b04569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":76936,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 640x480, components 3","md5":"1db49a133ee9d0ffe06bea42bc438390","sha1":"46e5da57dc4ef0e2641b3eac16db6abe3f859967","sha256":"d6ebbb52e99cd641319e634880345963f638a0d38358ca92b0207d0f13c282e0","sha512":"f414553710169e7acdcdd8b46303a886761c730d711130da2b629f96c7ce5c20192eba484b52e70cc59e638dd54741b0e92291b89a796de62a1a14f9ff0212fb","ssdeep":"1536:xBdOMt8T/KcnW3Qc7ZMJEFLk/TqLwEsKghUayAZYsMQCCvHhgC9trvE9Q8pm:5OM+TSc4LMJEFLk/cbCh9HxMtCvHOur5","tlshash":"7373f10355524080837e61e98a9b77df3e287fa9e6069dcbaae913067a748bf1c0d0c0","first_seen":"2025-08-30T03:28:36.809872Z","last_seen":"2025-08-30T03:28:36.809872Z","times_seen":1,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/js/melody.dev.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /js/melody.dev.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: text/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nlast-modified: Mon, 18 Aug 2025 13:20:48 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=92WNjPxplqCB4QLw4Ax9CuRMmEkbxx0n37Rc9tnKNgJlG7%2F4rYFe2U0xFvX23FUZZvzMUPxMtRIziABukZDNXM8B3is1AJ4RKSTywwbQSQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\netag: \r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c6b11569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":23108,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"e238acf58475d3cdb95d614582134b24","sha1":"b13c1da1f5254cb14f4f187bd5174ed0feb08a23","sha256":"f3a4cbf3a8090b121a0d6d6dd8feda9f92831cdb5a070a7eb9ef58234c1f4eab","sha512":"7209c4cb8692e5a1fce4c6bad8081361c857d45b179b935a7291b0682c514409584e10b29bb56905dafd5d3dc8831d82c78cf9895c7b59ac2239552f6abf1f2b","ssdeep":"384:krC7SV8zve0Nfenff87NLRld9gTSOW6VUH:krC7+860lRLRGTdK","tlshash":"f5a25405f2ed1e6600b334360cafa4853a3c99b798048d59fd5d21e85f6cb7ca972f4a","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-04-04T21:55:16.187289Z","times_seen":493,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/uploads/thumbs/f2e300dee-1.jpg","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /uploads/thumbs/f2e300dee-1.jpg HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: image/jpeg\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 28 Aug 2026 13:25:39 GMT\r\nlast-modified: Mon, 18 Aug 2025 21:00:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h7yckregGmmQuf0rq%2B0of7w2s810Mdyyb0i4R0G6gg3MKuVVud5SG%2B%2BwmZKkqyYFU7Y%2F2mKSHiruB9m4bUkKymTj%2F7hM67yDvIL91LzzTA%3D%3D\"}]}\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b3b05569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76936,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 640x480, components 3","md5":"1db49a133ee9d0ffe06bea42bc438390","sha1":"46e5da57dc4ef0e2641b3eac16db6abe3f859967","sha256":"d6ebbb52e99cd641319e634880345963f638a0d38358ca92b0207d0f13c282e0","sha512":"f414553710169e7acdcdd8b46303a886761c730d711130da2b629f96c7ce5c20192eba484b52e70cc59e638dd54741b0e92291b89a796de62a1a14f9ff0212fb","ssdeep":"1536:xBdOMt8T/KcnW3Qc7ZMJEFLk/TqLwEsKghUayAZYsMQCCvHhgC9trvE9Q8pm:5OM+TSc4LMJEFLk/cbCh9HxMtCvHOur5","tlshash":"7373f10355524080837e61e98a9b77df3e287fa9e6069dcbaae913067a748bf1c0d0c0","first_seen":"2025-08-30T03:28:36.809872Z","last_seen":"2025-08-30T03:28:36.809872Z","times_seen":1,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":56,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/ntv.json?key=a6d737bcbce8af1bdecf3e3d5f6c8a78\u0026vstc=4\u0026uuid=3b9e679e-e0be-44e7-9465-58d7aba0ae41%3A1%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb=","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /ntv.json?key=a6d737bcbce8af1bdecf3e3d5f6c8a78\u0026vstc=4\u0026uuid=3b9e679e-e0be-44e7-9465-58d7aba0ae41%3A1%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb= HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: application/json\r\nContent-Length: 12468\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://mc.turkishasq.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; expires=Sat, 06 Sep 2025 03:28:08 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 31 Aug 2025 03:28:08 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 31 Aug 2025 03:28:08 GMT; path=/; secure; SameSite=None\npdhtkv49=true; expires=Sun, 31 Aug 2025 03:28:08 GMT; path=/; secure; SameSite=None\nuncs49=1; expires=Sun, 31 Aug 2025 03:28:08 GMT; path=/; secure; SameSite=None\nu_pl24547895=1; expires=Sun, 31 Aug 2025 03:28:08 GMT; path=/; secure; SameSite=None\nnleca6d737bcbce8af1bdecf3e3d5f6c8a78=[5941311]; expires=Sat, 30 Aug 2025 03:28:13 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 22\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 367a6d03973772d138ff42cf23d54af2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16314,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4dd5ef75f5dabaf7a9cccacbc25b4fed","sha1":"16856485122164107932c708e3b35b4bdcfcef3f","sha256":"ea17afbeca1b712faf28e8448b4a7a6920704ede8f42bdbeff160978dd7e1a84","sha512":"1561c3e54e4d1562a366826277ded3245ba70fddb611e86e7b0cf54675f914d5aafee3a5d4315f1d55ace54953356b7b4b5e2147e9f78760834a9c23759c4af4","ssdeep":"384:t6wJJkJdglPwaX6YvR1vHfn1DfiVLcZcA73Kq3unpvt:tpu+gUTV7vZHTKRpvt","tlshash":"6872d07b17e8563a4d48e0a8d157dbddbd915d8f74868b00b0accabc6c7569329212e0","first_seen":"2025-08-30T03:28:36.813838Z","last_seen":"2025-08-30T03:28:36.813838Z","times_seen":1,"resource_available":false,"data":null}},"time_used":786,"timings":{"blocked":287,"dns":1,"connect":93,"send":0,"wait":119,"receive":93,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"05:AF:87:21:D4:6B:A6:86:ED:A7:D2:07:92:06:E4:D4:79:84:27:E8","sha256":"F6:EC:75:67:99:66:34:CC:0C:0F:9D:D7:8B:6A:04:94:98:0C:7B:B5:47:E2:47:37:A6:F8:E2:08:99:72:AB:BE"}}},"request":{"raw":"GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 33507\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 28 Aug 2025 10:04:39 GMT\r\nexpires: Fri, 28 Aug 2026 10:04:39 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 149008\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":95992,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32038)","md5":"f03e5a3bf534f4a738bc350631fd05bd","sha1":"37b1db88b57438f1072a8ebc7559c909c9d3a682","sha256":"aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947","sha512":"8eeeaefb86cf5f9d09426814f7b60e1805e644cac3f5ab382c4d393dd0b7ab272c1909a31a57e6d38d5acf207555f097a64a6dd62f60a97093e97bb184126d2a","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmm:R+41ZqLTW8xRrqSb8qGH77da98Hr3","tlshash":"1793d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","first_seen":"2023-03-07T01:02:11Z","last_seen":"2026-04-04T21:55:16.161795Z","times_seen":20613,"resource_available":true,"data":null}},"time_used":501,"timings":{"blocked":228,"dns":1,"connect":8,"send":0,"wait":9,"receive":10,"ssl":243},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"05:AF:87:21:D4:6B:A6:86:ED:A7:D2:07:92:06:E4:D4:79:84:27:E8","sha256":"F6:EC:75:67:99:66:34:CC:0C:0F:9D:D7:8B:6A:04:94:98:0C:7B:B5:47:E2:47:37:A6:F8:E2:08:99:72:AB:BE"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 30 Aug 2025 03:28:10 GMT\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"e9d2e14beb088f37fae98294940a9dcd","sha1":"1dafc3c55550249c8c2d782d5616c7b445c8e005","sha256":"f2e491cc46d3fcba81f729065d622bd722751d4a2e7f80b479aa64a92c17b5c7","sha512":"64025ea9b660d5e1d45a593a27345e152ba6b5ef95daceee5e43201319a555eb5457cfe1ecdcc725202063a22c5f406f3ba4607863d5b714c378f144bcdea5f7","ssdeep":"384:pjf5jgjPjrjyUj/qY4+j4jYjpjfMj1jWj6jyhj/qY4XjNjtj4jfdjkjDj3jyQj/E:p90DXOU/R08toBy+Oh/EBpcZwPLOQ/VK","tlshash":"e5722291041740009b835ce223cebf35fe1f92117152d0b5abfd9b6badcbc66526939d","first_seen":"2025-06-02T17:27:24.212334Z","last_seen":"2026-01-19T16:22:17.33804Z","times_seen":5482,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 30 Aug 2025 03:28:11 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Sat, 07 May 2022 03:21:31 GMT\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VNyiKBawC7hI2U6qmMWVYdnuWLh%2Bh6CXhlsJvLO2paJyTltks8VfJPKpbA5MtdL2rkFHMcKBWLQkKAvZaJubmXpqX4%2BK1jglbh4XdMXr\"}]}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\netag: W/\"6275e5bb-17e\"\r\ncf-ray: 977132522e8c56bb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":382,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"4f5f05ab032dd8fc0db448fcf51a35e2","sha1":"78f94f93fdb792d95ea3ac293ac1b8e3bc13d609","sha256":"7fd8e9c0e5ca0c7123954a109fa8b7e8368c7e1262880925e2ac7b8c877a9e38","sha512":"66a1f6a4996b8a21631d4bbbe85654ee1a47562b478ebd97bac584e7efe9a9d431f59c52a495876295a1e59760f12adb083e299dc302bd15080e559e1adae206","ssdeep":"","tlshash":"f4e02b2052540234c3bbc19691cb6bcb6270451ad009050e641c575b1df2bb612c9e97","first_seen":"2023-05-19T20:45:50Z","last_seen":"2026-01-17T18:50:06.236167Z","times_seen":1120,"resource_available":false,"data":null}},"time_used":524,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":524,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-08-30T03:28:05.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2 HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: text/html; charset=utf-8\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding,User-Agent\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ECDMFE1Rk7fYwwHcF2m8thUJ%2FOmKq%2Fl1wDWprXEyz4BXIK%2F4NfXIMptf8sw94AtieoDxnVimq786P68ESHH05D1AOALyOrSLbtGu2I7cWg%3D%3D\"}]}\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\nexpect-ct: max-age=86400, enforce\r\nserver-timing: cfCacheStatus;desc=\"BYPASS\", cfEdge;dur=52,cfOrigin;dur=1103\r\ncontent-encoding: gzip\r\nset-cookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6; Secure; Path=/\r\ncf-ray: 97713231d9e70afe-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bootstrap:3.2.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"jQuery:1.11.3","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"BootstrapCDN:3.2.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]}],"data":{"size":61340,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (9534), with CRLF, LF line terminators","md5":"476d471837099a671adfba79936020f0","sha1":"0c99ba6a230828e216687e09d72abb5947bfb91a","sha256":"b447d10ee04f2012815ec62411502936c5ec4b26a333f13207d9fa76b7f8f7a1","sha512":"6cb67e2a81aafc5c7482b80c9b9d8ae6d0b02a70f4b3852c2ddcb8642e551d5d0b9b43050c4bb8b1389756b21153a1d0f92b7dbc43692009217a3ae440376e3a","ssdeep":"1536:ADVBayNa5zm6ttnqjFQ7naR1B6ahikBJchrHxXCtw9Xlt2Fi:KDayNa5zm6/nqRQ7n+1ts4chrHxXCtwB","tlshash":"b353c6736c1e5826067348d1e0993a09f01f9433e7abcd62f6ee49254fd3e66821f329","first_seen":"2025-08-30T03:28:36.818434Z","last_seen":"2025-08-30T03:28:36.818434Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1203,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":1162,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/css/echo.css","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/css/echo.css HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: text/css\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 25 Sep 2025 13:39:05 GMT\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d%2FnDvwU%2FARaPSMK%2BATDm52dlqcIZKELvkwH2pasQMfZ0Mk3KoruxjRCIm%2FFPkr4pwnQZeSIieVKndiLPNKYUgddeGn8xZoYFitlrw5Ct6g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\nage: 38988\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b0afa569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":316950,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"67d8c990d71b6fb282932cd9a3461673","sha1":"3ec6652f3b8d8ed618a7e5c80af64114b04614fd","sha256":"524dfb312ec81bb5680fbe5fafbea074a0416c2eaeeb8ee032fc689f6017803c","sha512":"adf50be62e47553915349bcb9acc8816bbd716c3d2477e4148d788aec9a7818695d7a320bc2558bd4c3084b0f1756c5e2628e3c25bf4cdc97e3f2b872ab6c1f1","ssdeep":"3072:vYhBxOqBPOUEdsz9nXJPEuuIoTnWTrhYb1p:vYhBxOqBPOBdsz9nXJPEuuPTWhYb1p","tlshash":"b86454d3aefa00402a12d0652697a7b5f72c4043d50acdbcb6de315cdfca6c955aeacc","first_seen":"2025-08-30T03:28:36.820585Z","last_seen":"2025-09-03T06:24:47.659042Z","times_seen":2,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/theme.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/js/theme.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: text/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nlast-modified: Tue, 26 Aug 2025 13:07:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1HCNruwR9YPGBe3XrMtl6amP231zcHvXH9ZdSnK2dQ3j715%2FGsRI%2Bg0ClgqwosgsKGyrfnjsBGtYmReMKbmpUKB8F4DCrAyayB2EdyOnjA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncontent-encoding: gzip\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c7b15569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":44830,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5357), with CRLF line terminators","md5":"d8176b4cb2798d51558fe707c55d7fbb","sha1":"2d49a0b8afb91121d20469c210566fb8d21e82d6","sha256":"497a2c9b733f23e5ec7ba08698be68a7cc7c121213e78be6a9db5ceb3943b8c9","sha512":"35bdf908dd7eeb6cbd0c3d6f746e3ef87b992bb188e16f4ccc4966c26c774086f866dd603978d9dbdc65fe3488c4bdd3346c78daad3b39da835f8d34a1514811","ssdeep":"768:sdsHXBe1s4RPwBTlttO81x93OD4JdbNC6vALeqny+C3s1pR7T8I5HDwLYPLAWyCt:sdS4D4JdbNzvweqny+CQpmeHMYPLNxn","tlshash":"4313ea883182b12787f761f5a05f620bb172a9a5a04da43df579d4d1bef4e881123ff8","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-03-29T20:18:02.125086Z","times_seen":284,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2570\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fa45961a1dfe140f724c0396da057a67\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5080,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5080), with no line terminators","md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"resource_available":true,"data":null}},"time_used":679,"timings":{"blocked":298,"dns":0,"connect":95,"send":0,"wait":95,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:11:38 GMT","end":"Mon, 29 Sep 2025 15:11:37 GMT"},"fingerprint":{"sha1":"F9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3","sha256":"D8:C9:87:B5:89:5E:D4:F4:8D:FD:98:3C:31:39:42:67:D3:20:27:14:A9:AD:F2:AB:97:A4:48:0F:94:F0:FF:A2"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 767168e321b1e8f57f3a44203957b077\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-29","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRSu2SweoiJG8eBpDh4UsrPd0z0_2gjBGFeCMQlJJKC51K_eLbe7q1PVPT2ZUzQQchzEg3rq-WaTjSYE9S7KrAclINh62UP24l8gwp6lJwMTH_R77-uvCr731bs1yQ-Ih5zuX_hAj1QU0fVOy2m-fkUlQhe2ee5y03VazonmFZV0_RPNYZ3M4E3X81vOG833JN_W623HdRzXcZsbyshQD9fnLFT6IHBbgdPy2y2342No_o9t3oClDYjBATkGJaoX_g4_huIzJPF3p6XdznR6_N04j2imDQZi98NkO9FFgnjZhqaBMNldnIa2FSFfrkAnu4sJoAc79QRgqiIrrzwGS3YXMsEGd54oZRFkAiaeRTGYQUYzKDoD1zehxB8E4ALnziOJ757TpqDXn7C0ZiuyevgvVFGR1ccvI4kfnorUsHlJR3mmdGIxDEuo4Qxqc4Y030M2WoEq9sCzz6DE72T98CySeOe8jTSU2H_NY4Hs9gK5Jh0m13xf9tYCv9tZ6_RFjzLqUOm7c4tUOAO1DeT1pxrIwwbytIFY7Dd9p-9zl3rdMBC85_jU94VkTtBvOw4NeA85r7WPkaVj8GgMbm4gNZ_eE15Peoz7E4ZtNYbJf4bdKmFFAzYjGIgShSQoLEFBCQpFUGQExaC8IyLbtuVdEdmcuYvaXlSvnOpsc0Lv6GxTJgTUjGFEuaPSa_YmeHZkOgqtmOo6UZaVU8pEOUkPyIu1w43B5z1sy_0m7Yqe12OccdmnocuE5KEnPdEJu7xPe31YVULZlbkvI1WRt366j1RV5Lmjz4PRPdhoD1w1QHMXtChBt0qMkodZbraV3aL2WovrGEKXSLNVZNcbk-iAvDp_5at__gPJH5FFgJsSqSnxifqFYDO6Pb2oC7JzUReWfH8-zVSsRrTegEsZzeQz374vrxfaiDOn7fibt3lN1O2Dy9JmZ2kiVLJpyf1TSghpNrThkvx4xl6R7EJut07lJsnTsxfe2TgTp0Zaq3QyA1UVOXpwHFxV5CW7Md9u_9YxKDODyUvE-VNa0xuw6RJbTWCiJWbpERR5OTVttvwZKYJILjFlJexTmC37qaH1barKib2NTbMKmt1EEpcYmBKDqASNxrD50WmWmkcnf_uqjq_BotUpi8zqDotM9EVFPrp3siJX_7Jzsyty9XAFVu03O23mdfv9rgy7IvSE1_ZE0HFk4NOg6wd-B5mttn7Qv_4XAAD___S4aX_KBAAA","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRSu2SweoiJG8eBpDh4UsrPd0z0_2gjBGFeCMQlJJKC51K_eLbe7q1PVPT2ZUzQQchzEg3rq-WaTjSYE9S7KrAclINh62UP24l8gwp6lJwMTH_R77-uvCr731bs1yQ-Ih5zuX_hAj1QU0fVOy2m-fkUlQhe2ee5y03VazonmFZV0_RPNYZ3M4E3X81vOG833JN_W623HdRzXcZsbyshQD9fnLFT6IHBbgdPy2y2342No_o9t3oClDYjBATkGJaoX_g4_huIzJPF3p6XdznR6_N04j2imDQZi98NkO9FFgnjZhqaBMNldnIa2FSFfrkAnu4sJoAc79QRgqiIrrzwGS3YXMsEGd54oZRFkAiaeRTGYQUYzKDoD1zehxB8E4ALnziOJ757TpqDXn7C0ZiuyevgvVFGR1ccvI4kfnorUsHlJR3mmdGIxDEuo4Qxqc4Y030M2WoEq9sCzz6DE72T98CySeOe8jTSU2H_NY4Hs9gK5Jh0m13xf9tYCv9tZ6_RFjzLqUOm7c4tUOAO1DeT1pxrIwwbytIFY7Dd9p-9zl3rdMBC85_jU94VkTtBvOw4NeA85r7WPkaVj8GgMbm4gNZ_eE15Peoz7E4ZtNYbJf4bdKmFFAzYjGIgShSQoLEFBCQpFUGQExaC8IyLbtuVdEdmcuYvaXlSvnOpsc0Lv6GxTJgTUjGFEuaPSa_YmeHZkOgqtmOo6UZaVU8pEOUkPyIu1w43B5z1sy_0m7Yqe12OccdmnocuE5KEnPdEJu7xPe31YVULZlbkvI1WRt366j1RV5Lmjz4PRPdhoD1w1QHMXtChBt0qMkodZbraV3aL2WovrGEKXSLNVZNcbk-iAvDp_5at__gPJH5FFgJsSqSnxifqFYDO6Pb2oC7JzUReWfH8-zVSsRrTegEsZzeQz374vrxfaiDOn7fibt3lN1O2Dy9JmZ2kiVLJpyf1TSghpNrThkvx4xl6R7EJut07lJsnTsxfe2TgTp0Zaq3QyA1UVOXpwHFxV5CW7Md9u_9YxKDODyUvE-VNa0xuw6RJbTWCiJWbpERR5OTVttvwZKYJILjFlJexTmC37qaH1barKib2NTbMKmt1EEpcYmBKDqASNxrD50WmWmkcnf_uqjq_BotUpi8zqDotM9EVFPrp3siJX_7Jzsyty9XAFVu03O23mdfv9rgy7IvSE1_ZE0HFk4NOg6wd-B5mttn7Qv_4XAAD___S4aX_KBAAA HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl24547895=1; nleca6d737bcbce8af1bdecf3e3d5f6c8a78=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 48b9573d9b06087ef2323238b850b9ee\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:09.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 29 Mar 2022 08:27:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pAYJGivqNR4fBc3Da9IFCNy3wUVfKpmLmYSENzlCYnQcnebI7SAL4kco8kkodPRfxjHCafPzqd5jJfSWk9AWxUJVy3cqnT6DhOMPGWU%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9771324e0c3cb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2977,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"027fddd0d322239ada2f2b8b93934fda","sha1":"6f99560bca5c6d8d747c802f26058344eb179cec","sha256":"a5b2073d8f57ef0469b777f73d6c3f4a85cc17b4c2ed2a53aa3f1acb2273dbd5","sha512":"2c2eff668f38734b17c8847dfe11b5b40027948a1ebf24d6a763c44ab0b0fc63d260f69f9b3e0eefd8d82646223d88df36a256155ab3b7c21078a697e052afc8","ssdeep":"","tlshash":"26517d101fa8cc3670b08128a7233e2a7b9f6083931a6764317d5c255f949ea777f6f1","first_seen":"2023-05-18T23:46:38Z","last_seen":"2026-01-17T18:50:06.211937Z","times_seen":1108,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":476,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Sat, 07 May 2022 03:21:31 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"6275e5bb-135d1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LyZBnvesfCkaO1k%2FF8btWoLzlr7yRt3MsEw0MC%2F1X%2BeVjOg4ncSn1vbdfClyrGB4ZH4tD%2FWPPcN1QD82%2B0dVBrI2DvJqlx50WKbIU4JF\"}]}\r\ncf-ray: 977132513cdd56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79313,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"fc638645a938f69e69360c75335ffd1a","sha1":"143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4","sha256":"7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90","sha512":"53aa35f68eede2f65b272821573513db8d2505a051c8af7fbf2350eee39d0103b8536740f5c0815dd4004bd82f7493276ad362f6f87715e281cbb1dd6297fa34","ssdeep":"384:ZNFu8uVWgnu5uLlFlH/O/Qu7u/sjzbg/jxXlIPfL4jKgZQMkL0Vvaj7Z:ZNFu8uEgnu5uBu7uhKgZQMkL0Vvaj7Z","tlshash":"27731fad2991148456638a1d83df8e68673ce573181a9cef73c2488bcf8bf9c67c9147","first_seen":"2023-04-05T09:47:15Z","last_seen":"2026-01-17T18:50:06.222826Z","times_seen":1884,"resource_available":false,"data":null}},"time_used":490,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":490,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/jquery.readmore.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/js/jquery.readmore.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: text/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rd84JEota%2F3bxMNc8Sn0wmk3aPU8jbyKrDbogJW71pJjsIbb%2BBFVaMMIcv%2BZZ970Ad2WsZLMjchqyFPajSM88H0QZgTXPL1TrBkcgMQqeA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncontent-encoding: gzip\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c6b0d569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3422,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (531)","md5":"c6530ce1b280d087dc3a0714f7bb29f7","sha1":"c212826cbdd1d0c4d5290bbbed84727b56a9d8d1","sha256":"7dbbe700df964fa01b2e5685082d1f0a6fc5c8a9b9fcb18432fb3f31ac29b208","sha512":"7185fd001933ffcfa5839a223409b27574d084ea62985ca60d5f86bbdd61509d3dfe299868c65157b195dadc997d9b22f991c8d45fd290ab00fc8c9616a0ec4e","ssdeep":"","tlshash":"fd61df69b323f642c5a720e2705f534a663bf128835580547737dae86f7c80e7863a7e","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-03-23T23:41:29.21574Z","times_seen":119,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/jasny-bootstrap.min.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/js/jasny-bootstrap.min.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: text/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RBYDLXwoESMe%2Bb7EkWiYlTNslu5lJ7z1IUEx3k9aHKezP7R1va6J0ksyg%2B6fo0pqwhgBO9QWE6JhWOs1N6mmMvmzPM848IGUUoPcHOJrWQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncontent-encoding: gzip\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c6b0f569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20042,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (343)","md5":"f6b6e524d29d54ada53e4172b9d91cf7","sha1":"427153c7a2d83d2ca800e397779f29b857801ad2","sha256":"e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8","sha512":"13c01f28dd38a2b10ce27bc4dc60d510b2067e408ba1c0a26b0eb7fd39dd4300265278d529925e56d40bdc06a32d024558ca10a20d1ced6c186cc9ac263cc36d","ssdeep":"384:rKLCtf00Rd7HyeSOjjWhuU4AHL6JLeUxVM1MJsisNV+bocACk3N7K1nj:rbR00DHyNOjKhuVAWLxA1MJsisNV+boo","tlshash":"4e92664579b0225903ffa17601db4749f336eb28984a411cb4789ad76e39d0a72bbf3c","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-04-04T21:55:16.188519Z","times_seen":583,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fjs%2Fscript.js\u0026l=444\u0026fd=512","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fjs%2Fscript.js\u0026l=444\u0026fd=512 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27124838=1; slec604c13fd8efa127c8ea9ec3804312c5d=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:10 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:11.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"F5:9E:5D:EB:46:9B:ED:9F:D2:D7:E8:D1:06:43:DF:9D:0C:13:7E:75","sha256":"AA:C4:C0:AF:38:AE:91:75:3F:86:CE:32:70:A9:8F:C4:2F:7F:D2:28:D1:34:AD:0A:C8:E2:6C:6E:4D:46:72:23"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 29 Aug 2025 11:06:50 GMT\r\nexpires: Sat, 29 Aug 2026 11:06:50 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nage: 58881\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T22:44:53.301995Z","times_seen":715385,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":8,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/css/custom2.css","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/css/custom2.css HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: text/css\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 25 Sep 2025 13:39:05 GMT\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=091EzjLOvAqEVfHW6mmXlAXfDPP%2BDrtaNdYVspt4T%2F%2FVOqJOAgibVv908S34rd7ra053JpFc2XtgZk1Qih6HuFc5ZQCtadursW%2B4ObVrjw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\nage: 258252\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b2aff569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":49886,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (6169)","md5":"7e1374d9b903e59e2bad40c24f76f8e6","sha1":"a66e6d4dc225f8b74e447279fc1d30abfa2f54bd","sha256":"b65a02c7f922de995efd8a1da2b02cf1ed95ba6b907bc202504b8f59aae0b3f7","sha512":"94503984ff59a5b15970738af9dfee700dd8a902c57b0ed1cbff9680ab7d13d7a3cfa32e4e368cb41ec4c6dae79b21429ad906e07a6091e468c770d848e2ccfa","ssdeep":"1536:/K45YA6IZEpA62gDKb89yaH+zWbAFB0az:y45YA70AJb89yaH+zWbmhz","tlshash":"8d23c7a2ea631d467027d1b96baa57c8232c4043e50bca7dbba572248fcd4d84573fcd","first_seen":"2025-08-30T03:28:36.830133Z","last_seen":"2025-08-30T03:28:36.830133Z","times_seen":1,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/uploads/thumbs/99a4d56b5-1.jpg","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /uploads/thumbs/99a4d56b5-1.jpg HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: image/jpeg\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 28 Aug 2026 14:40:34 GMT\r\nlast-modified: Mon, 18 Aug 2025 21:00:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4WxXch5EF5yHFIK2YAVGQ9GxRVDDp7TVPFHz0wNadD0vSctFuRwKhXte%2FxHyM6jt6P02do%2BB1ZXXCykFbHJT15k7JBEP55ZBKlNGIOsZSQ%3D%3D\"}]}\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b3b03569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":49485,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 720x405, components 3","md5":"65027cf5680c28027f57475d99853368","sha1":"45f62b2c636342f1c2b43e147da30a80d5a759d1","sha256":"80109ff7bbd247fdd7bca865339e1a151a53acb74cd69bc56778ce2a8c45d6e8","sha512":"919ed85a620ae9464accbcf263aab05703f359767069abc77970ceac1048a6d90368851347808ab542cf96c6c546d83cf02e7d5609867088963275c8a90b1b58","ssdeep":"1536:EeE4BahL4VGVtBd8qN6MfMlqOmPZQGcUUqy42:dTB24GtQsfMl8H5yr","tlshash":"cf23021cc463618f871b1b9a974c60def6c81c94256bf5a3029a1f244636bf499dc92e","first_seen":"2025-08-30T03:28:36.832672Z","last_seen":"2025-08-30T03:28:36.832672Z","times_seen":1,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js","fqdn":"netdna.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 12 Jul 2025 02:43:39 GMT","end":"Fri, 10 Oct 2025 03:43:37 GMT"},"fingerprint":{"sha1":"C1:BD:D6:84:57:89:FE:9E:6D:F9:1F:26:76:1D:7C:45:E8:23:F6:35","sha256":"42:6A:B9:E6:CC:53:CB:12:2A:7A:43:B8:3D:90:FC:5E:4D:CA:A2:E0:3D:B4:2E:38:10:A6:6F:26:86:7F:D5:A0"}}},"request":{"raw":"GET /bootstrap/3.2.0/js/bootstrap.min.js HTTP/1.1\r\nHost: netdna.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncf-ray: 9771323c7c047127-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"abda843684d022f3bc22bc83927fe05f\"\r\nlast-modified: Mon, 25 Jan 2021 22:03:57 GMT\r\ncdn-cachedat: 04/15/2025 20:24:26\r\ncdn-proxyver: 1.23\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1055\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: 2fa5e87e316d7b7ab6b76631d1291de7\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 89494\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31819,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (31650)","md5":"abda843684d022f3bc22bc83927fe05f","sha1":"26908395e7a9a4eab607d80aa50a81d65f3017cb","sha256":"24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f","sha512":"3f1b46e9ea0fb6be507605a2783af406c6b4f885dedaa4401bff204b0fe9056656717411021594e2512e98a4e398e3238267a7deafeba1b57e443decab0477ea","ssdeep":"768:xoBFw1wl+WRydWDRQgn8WI0fBQLrX84XCqc:SAr2MRCqc","tlshash":"43e28446b23031a107dfb2e5515f020b723a6a6de906907c38b999f53db9c48727bf39","first_seen":"2023-03-07T01:03:23Z","last_seen":"2026-04-04T21:55:16.197094Z","times_seen":7143,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"05:AF:87:21:D4:6B:A6:86:ED:A7:D2:07:92:06:E4:D4:79:84:27:E8","sha256":"F6:EC:75:67:99:66:34:CC:0C:0F:9D:D7:8B:6A:04:94:98:0C:7B:B5:47:E2:47:37:A6:F8:E2:08:99:72:AB:BE"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 30 Aug 2025 03:28:10 GMT\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"e9d2e14beb088f37fae98294940a9dcd","sha1":"1dafc3c55550249c8c2d782d5616c7b445c8e005","sha256":"f2e491cc46d3fcba81f729065d622bd722751d4a2e7f80b479aa64a92c17b5c7","sha512":"64025ea9b660d5e1d45a593a27345e152ba6b5ef95daceee5e43201319a555eb5457cfe1ecdcc725202063a22c5f406f3ba4607863d5b714c378f144bcdea5f7","ssdeep":"384:pjf5jgjPjrjyUj/qY4+j4jYjpjfMj1jWj6jyhj/qY4XjNjtj4jfdjkjDj3jyQj/E:p90DXOU/R08toBy+Oh/EBpcZwPLOQ/VK","tlshash":"e5722291041740009b835ce223cebf35fe1f92117152d0b5abfd9b6badcbc66526939d","first_seen":"2025-06-02T17:27:24.212334Z","last_seen":"2026-01-19T16:22:17.33804Z","times_seen":5482,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":60,"dns":1,"connect":21,"send":0,"wait":37,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/utility/social-media/instagram/new/4/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/utility/social-media/instagram/new/4/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BSXU9QqF%2FqADnn3P4VXIp4Tmh7SpZcgP6QvNnlY%2BxDtCiYsZRA2D8PER778Y40SJuwS9jnhBGHJmHYYd0y%2FMKIyA4WtF9qraY%2FxjRu52\"}]}\r\nage: 73468\r\ncf-cache-status: HIT\r\netag: W/\"65aa84ff-52a\"\r\ncontent-encoding: br\r\ncf-ray: 977132508c9856af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1322,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3edeb68064815a05dc25ee715b546048","sha1":"6ed43c4d875aa7d955e4897c9b78bab55ab4f735","sha256":"6d87b433d8a0e4648ae21a4491bf63848bf8bb19eb215399d5b6370cb0e6d48f","sha512":"bc27f8afeab37cd3649be7bee629251f5cdea1cb17fc2ceda9257c10ee00833c3da16e12bdf262eefaef5be057d806904f6596c535f46fd6331c332d47aa8eb7","ssdeep":"","tlshash":"772197d4658a2e3eb324fbf0c174157867e422b2bf10e54c739b386b7214a9304c8e14","first_seen":"2023-05-10T13:19:33Z","last_seen":"2025-12-22T04:22:03.444316Z","times_seen":708,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/css/jasny-bootstrap.min.css","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/css/jasny-bootstrap.min.css HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: text/css\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 25 Sep 2025 13:39:05 GMT\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kxgxEJwcoGMizTzKR%2BX3RzbPQwF99Ji%2FwWaOOTsbwk0tidyBNZ4xbCPlit1lXqylxbTFXy46Tgbqyxl1bopSV89rGlPhuqpueIYUfPAMnA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\nage: 258252\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b0af9569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13997,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13803)","md5":"35a0dfa4efebb6b615c601d89ca323b6","sha1":"122f43fb614d52d280cf8748af2ff47bd1f21fa3","sha256":"fe508673736191cbc01662c1392d0ee591106b93577f43f4cea0ca1731b06cb1","sha512":"825b665308a2d877ccfd3759372008cdaf861aea3bd892b231049674d81c9e51c24101b028ba4e6b5026005bf0c711b9592b0783720694779aecf0de16ebae33","ssdeep":"96:+jVRNThJA9SfqYUV3KSIu97RC1dCVHvQroKSccwHF964Uv8zc2aHn51P/CtEDBW6:63uSfZDHu97RC1QVHvKDUv8zc2adB97P","tlshash":"3352bdd17ca47a8a9e13820f90d5d6f0db1218519d982ab7f1b333894d0b78d82f9f2d","first_seen":"2023-04-09T16:37:56Z","last_seen":"2026-04-03T17:07:22.614529Z","times_seen":515,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/uploads/thumbs/07c4fcd94-1.jpg","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /uploads/thumbs/07c4fcd94-1.jpg HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: image/jpeg\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 27 Aug 2026 19:31:28 GMT\r\nlast-modified: Mon, 18 Aug 2025 21:00:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vy4TG1yAthq8IUpAUCYeIebJXqMettEQ9vuD7IdS9y7lDANR%2Bx20SOkq%2BJzCBKf29bdf%2B3be5o53t2OgxXV7Qy1o8%2BY%2FO2C6UVnb99PIGg%3D%3D\"}]}\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b2b01569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":49485,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 720x405, components 3","md5":"65027cf5680c28027f57475d99853368","sha1":"45f62b2c636342f1c2b43e147da30a80d5a759d1","sha256":"80109ff7bbd247fdd7bca865339e1a151a53acb74cd69bc56778ce2a8c45d6e8","sha512":"919ed85a620ae9464accbcf263aab05703f359767069abc77970ceac1048a6d90368851347808ab542cf96c6c546d83cf02e7d5609867088963275c8a90b1b58","ssdeep":"1536:EeE4BahL4VGVtBd8qN6MfMlqOmPZQGcUUqy42:dTB24GtQsfMl8H5yr","tlshash":"cf23021cc463618f871b1b9a974c60def6c81c94256bf5a3029a1f244636bf499dc92e","first_seen":"2025-08-30T03:28:36.832672Z","last_seen":"2025-08-30T03:28:36.832672Z","times_seen":1,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/favicons/android-icon-192x192.png","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /favicons/android-icon-192x192.png HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: image/png\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 26 Aug 2026 13:39:08 GMT\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\nage: 185049\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=blMFhu9jdeSlOWgt%2BEGbTCj6AzLtR3%2BluhnLTC49XAfXihalv5destPLDt4KBlA3jkRu4%2BKryZl02%2FFTIEqaOzTtREX9KxhJgsOX3sNs%2FQ%3D%3D\"}]}\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323f0b1a569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":22310,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"dcf7d645053c0bb7e0edd25960004324","sha1":"5951f5ffde7d819e499f69540b0d95cc39d0a8bd","sha256":"ce2f656adb31855d7886fbcf54add26d85fe22f49a1712cde1779bc905384700","sha512":"5efcf7a1990b99d91aa138dd3f9705178718cc56cefcfe3174ff94877d7ac938d0c16de3ea8cbfd67f03048b44ba96a4dfe72286949e2fb94f3c2a8de5b82a01","ssdeep":"384:XSmE2Pqr48wcPGh660ANCE8PR5gs+bGHmVz4LugXdy8HAs+7GZtOaEMT:CHLrPq6xAQE8PosqFV0LZkr7GZtOan","tlshash":"57a2e2d24beea9ab9075097b9435e604f80e049f7f640c941f4ee68fb53a94c561c03b","first_seen":"2023-05-02T11:02:06Z","last_seen":"2026-03-29T20:18:02.172675Z","times_seen":189,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-JMRHR69VQJ\u0026cid=1122192133.1756524488\u0026gtm=45je58r1v9189573968za200zd9189573968\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104779684~104948811~104948813~105427542~105427544\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104779684~104948811~104948813~105427542~105427544\u0026z=1118513706","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.250.74.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:24:13 GMT","end":"Mon, 03 Nov 2025 19:24:12 GMT"},"fingerprint":{"sha1":"3E:B0:C4:B4:FA:2D:97:13:C0:5D:54:A5:36:F9:1A:59:D9:9D:92:F1","sha256":"C8:E0:35:A7:3B:00:18:A7:E6:50:B0:3B:2D:68:A1:CF:44:9C:22:64:BF:69:EE:FC:44:C6:95:AC:45:E7:7C:BA"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-JMRHR69VQJ\u0026cid=1122192133.1756524488\u0026gtm=45je58r1v9189573968za200zd9189573968\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104779684~104948811~104948813~105427542~105427544\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104779684~104948811~104948813~105427542~105427544\u0026z=1118513706 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-04T22:47:02.045502Z","times_seen":764083,"resource_available":true,"data":null}},"time_used":189,"timings":{"blocked":82,"dns":2,"connect":8,"send":0,"wait":22,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:11.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"F5:9E:5D:EB:46:9B:ED:9F:D2:D7:E8:D1:06:43:DF:9D:0C:13:7E:75","sha256":"AA:C4:C0:AF:38:AE:91:75:3F:86:CE:32:70:A9:8F:C4:2F:7F:D2:28:D1:34:AD:0A:C8:E2:6C:6E:4D:46:72:23"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 29 Aug 2025 11:06:50 GMT\r\nexpires: Sat, 29 Aug 2026 11:06:50 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nage: 58881\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T22:44:53.301995Z","times_seen":715385,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/css/bootstrap.min.css","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/css/bootstrap.min.css HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: text/css\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 25 Sep 2025 13:39:05 GMT\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rFaBNc28cfJq%2BOkskAUDYrv2sd5zD0dbVzP9BiG1SbJ0twXDY0PHcrnTe6x7MBYJyFGOxktME1L3E1%2Bss99wKcvKvXZW8Bg3gfa5ZgFf3Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\nage: 258252\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b0af8569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":121247,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65366)","md5":"c9d317002dc0bde5bd228cc2eda74972","sha1":"2524e48df454d491928e9e19b88292d87eddcf79","sha256":"a4864a1dc26c66b5c9c0091afd5d9c5b52709bc023b66b5a3c6fe9e38af6e506","sha512":"5259c619929741a0df4054b6e52786b1343be1b7396aa736f11db805fef2cf8ed48dfeb8e9ac46a88551b445809c0dea265a73b4c3d8cfdfe34f23475dc00455","ssdeep":"768:O5Gxw/jc/+WlJxtQ8IuiHlsLmzI4X8OAduFKbv2ctg2Bd8JP7ec8VvH1F1:Bw/oXBIuiHlsLmN8lDbNmPbW","tlshash":"bfc3c7a0f21031ea7333c55a75d0ed872219a153e66a4fb7f22f25d88f845ca1673f1a","first_seen":"2023-04-11T10:43:19Z","last_seen":"2026-03-23T23:41:29.226531Z","times_seen":72,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/ren.gif?sid=H4sIAAAAAAAC_1RSTYgcRRSuWQcPURF_8OBpDh4UsrPd0z0_bYRgjJFgTEISCWgu9de75XR3daq6pycDQjQgOQ7iQXPq-WaTjSYE9S7KrAclINh62UP24sWrCDlLbwYmPuj33tdfFXzvq_fZLN8nHnK6d_Y9PVFRRDe6baf16kWVCF3Y1ukLLddpO0daF1XS84-0xnUyo9ddz287r7XekXyoNzqO6ziu47ZOKCNDPd44YKHSu4HbDpy232m7XR9j839s8wYsbUCM9snzUKJ69q_wQyi-QBJ_e1zaYabTw2_HeUQzbTASO-8nw0QXCeJVG5oGwmRneRraVoR8uQad7CwngB5t1xOAqYqsvfQALNlZygQb3XyklEWQCZh4CsVoARktoOgCXF-DEr8TgAucPoMkvnVam4JeecTSmq1I8-G_UEVFmg9eRBLfOxapceu8jvJM6cRiHJZQ4wXU5gJpvotssgZV7IJnn0KJ38jGw1NI4u0zNtJQYu8VjwWy1w_kunSYXPd92V8P_F53vTsQfcqoQ6XvHlikwgWobSCvP9VAHjaQpw3EYq_lOwOfu9TrhYHgfcenvi8kc4JBx3FowPvIea19iiydgkdTcHMVqfnktvD60mPcnzEM1RQm_wl2q4QVDdiMYCRKFJKgsAQFJSgUQZERFKPypohsx5a3RGRz5i5rZ1m9cq6zzRm9qbNNmRBQM4UR5bZKL9tr4NkT80loxVzXibKsnFMmylm6T56rHW6MPu9jKPdatCf6Xp9xxuWAhi4Tkoee9EQ37PEB7Q9gVQll1w58maiKvPHjHaSqIk8fegaM7sJGu-CqAZq7oEUJulViktzLcjNUdovay22uYwhdIs2ayK40ZtE-efnglS89XIPk98kywE2J1JT4SP1MsBldn5_TBdk-pwtLvjuTZipWE1pvwPmMZvLJb96VVwptxMnjdvr1m7wm6vbuBWmzUzQRKtm05M4xJYQ0J7Thkvxw0l6U7Gxut47lJsnTU2ffOnEyTo20VulkAaoqcmj_MLiqyAsfzw-227_xN5RZwOQl4vwxrelV2HSFrSYw0QqztIkiL-emw1Y_I0UQyRWmrIR9DLNVPze0vk1VObPXsWmaoNk1JHGJkSkxikrQaAqbH5pnqbl_9Nev6rgBFjXnLDLNbRaZ6IuKfHD7aEUu_WkrcumPfx45btVeq9thXm8w6MmwJ0JPeB1PBF1HBj4Nen7gd5HZaut7_ct_AQAA__-Z1nmQygQAAA==","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSTYgcRRSuWQcPURF_8OBpDh4UsrPd0z0_bYRgjJFgTEISCWgu9de75XR3daq6pycDQjQgOQ7iQXPq-WaTjSYE9S7KrAclINh62UP24sWrCDlLbwYmPuj33tdfFXzvq_fZLN8nHnK6d_Y9PVFRRDe6baf16kWVCF3Y1ukLLddpO0daF1XS84-0xnUyo9ddz287r7XekXyoNzqO6ziu47ZOKCNDPd44YKHSu4HbDpy232m7XR9j839s8wYsbUCM9snzUKJ69q_wQyi-QBJ_e1zaYabTw2_HeUQzbTASO-8nw0QXCeJVG5oGwmRneRraVoR8uQad7CwngB5t1xOAqYqsvfQALNlZygQb3XyklEWQCZh4CsVoARktoOgCXF-DEr8TgAucPoMkvnVam4JeecTSmq1I8-G_UEVFmg9eRBLfOxapceu8jvJM6cRiHJZQ4wXU5gJpvotssgZV7IJnn0KJ38jGw1NI4u0zNtJQYu8VjwWy1w_kunSYXPd92V8P_F53vTsQfcqoQ6XvHlikwgWobSCvP9VAHjaQpw3EYq_lOwOfu9TrhYHgfcenvi8kc4JBx3FowPvIea19iiydgkdTcHMVqfnktvD60mPcnzEM1RQm_wl2q4QVDdiMYCRKFJKgsAQFJSgUQZERFKPypohsx5a3RGRz5i5rZ1m9cq6zzRm9qbNNmRBQM4UR5bZKL9tr4NkT80loxVzXibKsnFMmylm6T56rHW6MPu9jKPdatCf6Xp9xxuWAhi4Tkoee9EQ37PEB7Q9gVQll1w58maiKvPHjHaSqIk8fegaM7sJGu-CqAZq7oEUJulViktzLcjNUdovay22uYwhdIs2ayK40ZtE-efnglS89XIPk98kywE2J1JT4SP1MsBldn5_TBdk-pwtLvjuTZipWE1pvwPmMZvLJb96VVwptxMnjdvr1m7wm6vbuBWmzUzQRKtm05M4xJYQ0J7Thkvxw0l6U7Gxut47lJsnTU2ffOnEyTo20VulkAaoqcmj_MLiqyAsfzw-227_xN5RZwOQl4vwxrelV2HSFrSYw0QqztIkiL-emw1Y_I0UQyRWmrIR9DLNVPze0vk1VObPXsWmaoNk1JHGJkSkxikrQaAqbH5pnqbl_9Nev6rgBFjXnLDLNbRaZ6IuKfHD7aEUu_WkrcumPfx45btVeq9thXm8w6MmwJ0JPeB1PBF1HBj4Nen7gd5HZaut7_ct_AQAA__-Z1nmQygQAAA== HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl24547895=1; nleca6d737bcbce8af1bdecf3e3d5f6c8a78=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5ac5a1cbd50733bcc3dd28f97d94b65a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/sbar.json?key=79fd7dc2b6944b4ad7d53e4c0c4c5e79\u0026uuid=3b9e679e-e0be-44e7-9465-58d7aba0ae41%3A1%3A1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:09.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /sbar.json?key=79fd7dc2b6944b4ad7d53e4c0c4c5e79\u0026uuid=3b9e679e-e0be-44e7-9465-58d7aba0ae41%3A1%3A1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:09 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4851\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://mc.turkishasq.com\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; expires=Sat, 06 Sep 2025 03:28:09 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 31 Aug 2025 03:28:09 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 31 Aug 2025 03:28:09 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Sun, 31 Aug 2025 03:28:09 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Sun, 31 Aug 2025 03:28:09 GMT; path=/; secure; SameSite=None\nu_pl27062639=1; expires=Sun, 31 Aug 2025 03:28:09 GMT; path=/; secure; SameSite=None\nslec79fd7dc2b6944b4ad7d53e4c0c4c5e79=[6116560]; expires=Sat, 30 Aug 2025 03:28:14 GMT; path=/; secure; SameSite=None\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ea7f87702e932a894f295ae036aa71be\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6235,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"e2e8609bba31b9e91c61a091da8cecb2","sha1":"27bee2c4157a25bbaa5a442997f939190bf1bb85","sha256":"42af2e7bb5977463ea95fa818f1fb3f4f6eeedf7b3812dcb31a9a8d7ca2c2130","sha512":"9ef05b0dedca81688938d5218adfcd050d07581305f998b130f4b4ea24090ca4ccf738d85ff33c8ed598b608376ea4c806a27783e896e14f1f8c0a20ef599b8f","ssdeep":"192:9z2Eyvx9JrspVaeK6JReKd/Dm3vTQyI9czR:9z2je3IcDmUn9C","tlshash":"31d18e5d9ecd7dd285e25a1a92036efc2cf4249baf4d2b4cc1a6424f9d01dc42f404ad","first_seen":"2025-08-30T03:28:36.841297Z","last_seen":"2025-08-30T03:28:36.841297Z","times_seen":1,"resource_available":false,"data":null}},"time_used":903,"timings":{"blocked":299,"dns":14,"connect":92,"send":0,"wait":304,"receive":1,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css\u0026l=79313\u0026fd=505","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css\u0026l=79313\u0026fd=505 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27124838=1; slec604c13fd8efa127c8ea9ec3804312c5d=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:11 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":492,"timings":{"blocked":92,"dns":0,"connect":0,"send":0,"wait":400,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/ajax.php?p=stats\u0026do=show\u0026aid=2\u0026at=1","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /ajax.php?p=stats\u0026do=show\u0026aid=2\u0026at=1 HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: image/gif\r\nexpect-ct: max-age=86400, enforce\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\npragma: no-cache\r\nexpires: Wed, 5 Feb 1986 06:06:06 GMT\r\ncache-control: max-age=16070400, must-revalidate\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\nlast-modified: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v%2F327I6RMbyqgBYcxEeKxLlGvm5MzLiuepwK%2BXgsnjHIy3YF5lcGPZ%2F5Gbf0xg74EKHScuH7S3TO6Uguf2CZ1TQ9L6n6chzSjc7kgFErgg%3D%3D\"}]}\r\ncf-ray: 9771323b3b07569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"9b5e8704c89f018cff215cb5ed3e0128","sha1":"2a9fa3661b326c503e492b89cdd9130d12ead03d","sha256":"b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d","sha512":"fe365546202b36090aff7ea43d3ff0ef03e277cea36cad6dab6056758622a7e4f519198b6a2826d348632f2779d624926ba570a2bdcbe5c0c18e772b54211a7b","ssdeep":"","tlshash":"06900003cac8c022c2a0c0300a0c03002bba88300228030ec03c30fcec2a3a38c02000","first_seen":"2023-04-13T18:31:38Z","last_seen":"2026-04-04T22:16:02.562398Z","times_seen":2810,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/jquery.plugins.a.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/js/jquery.plugins.a.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: text/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4WdHC%2FstKvikvhQFxoI1f6ZFTxgwx7y5XN6qziOkSkxGocjAyNN4OJwDp%2B9xj9mdWer3g9k%2FH5Ev1xP20L8LmvIS3qtpjpyU7GSJdkXEXA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncontent-encoding: gzip\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c6b14569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":9792,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5325)","md5":"0f51c1849d59ceb7b240d9f0b9d695e3","sha1":"b40564175a78a0c0a6cca7ae7bd9c3cb01922ae4","sha256":"c5da67292da0cb7d7a40812de84e839ef1561c01cb9e0bd4e9bb15bfc64b0cb3","sha512":"4f93cb08c0ff8925218a3a8412fffba8920c88ecb7bacb674b10c43f6876d3446768124b196269dd2d2f7c346e8f151c82ac0942ecb821b174042544818e0115","ssdeep":"192:Vr5EO3dPvqWHg35HoY+HFuArszyuFPsrhLypbNIGRS:d5EONH9mebHAArszySPsYpb5S","tlshash":"d91250647140736246ef70a6e0af92cf9231a335474bd0c0c090faee6e3a97586d3d9d","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-03-23T23:41:29.223976Z","times_seen":70,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/ren.gif?sid=H4sIAAAAAAAC_1RSzYsc1Rd9NZlVfj8RQ3DhqhcuFJyeqq7qjzJCMMaEYExCEgloNu-rZp5TVa_yXlXXpN1EByTLRlyoq5rTk0xMQlD3YuhxoQQES0FmkQHxLxAhuJTqNLReqHvvqfMenHve_Xi7OCA-Crp_4W09UnFMV7ttt_XSFZUKXdrWucstz227x1pXVNoLjrU2m2SGr3p-0HZfbp2WfEOvdlzPdT3Xa51SRkZ6c3XGQmX3Q68duu2g0_a6ATbNf7EtHFjqQAwPyBEoUT_7R_QeFJ8iTb46Ke1GrrNX3kyKmObaYCh230k3Ul2mSBZtZBxE6e78NLStCflsCTrdnU8APdxpJgBTNVl6_jFYujuXCTa89VQpiyFTMPE_lMMpZDyFolNwvQUlfiYAFzh3Hmly-5w2Jb3-lKUNW5PlJ39BlTVZfnwUafLgRKw2W5d0XORKpxabUQW1OYVamyIr9pCPlqDKPfD8IyjxE1l9chZpsnPexhpK7L_os1D2-qFckS6TK0Eg-yth0OuudAeiTxl1qQy8mUUqmoJaB0XzKQdF5KDIHCRivxW4g4B71O9FoeB9N6BBICRzw0HHdWnI-yh4o32MPBuDx2NwcwOZ-fCO8PvSZzzYZthQY5jiIex6BSsc2JxgKCqUkqC0BCUlKBVBmROUw-qWiG3HVrdFbAvmzWtnXv1qovO1bXpL52syJaBmDCOqHZVds1vg-aHJKLJioptEWV5NKBPVdnZAnmscdoaf9LEh91u0J_p-n3HG5YBGHhOSR770RTfq8QHtD2BVBWWXZr6MVE1e--4eMlWT_x9-BozuwcZ74MoBLTzQsgJdrzBKH-SF2VB2ndprba4TCF0hy5eRX3e24wPywuyV371zHJI_Op6Pfj_94OgH4KZCZiq8r74nWItvTi7qkuxc1KUlX5_PcpWoEW024FJOc3no7lvyeqmNOHPSjr98nTdE096_LG1-lqZCpWuW3DuhhJDmlDZckm_P2CuSXSjs-onCpEV29sIbp84kmZHWKp1OQVVNDj-8C65qcuS3rdl2-6f_hjJTmKJCUjwi8wDPbsBmC2w1gYkXmGUOyqKamA5b_IwVQSwXmLIK9l-YLfqJoc1tqqptexNrZhk030KaVBiaCsO4Ao3HsMXhSZ6ZR8d__LyJL8Di5QmLzfIOi0386czimlz91dbk6i9_1uTqkyVYtd_qdpjfGwx6MuqJyBd-xxdh15VhQMNeEAZd5LZe_0b_8E8AAAD___9RqUHKBAAA","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSzYsc1Rd9NZlVfj8RQ3DhqhcuFJyeqq7qjzJCMMaEYExCEgloNu-rZp5TVa_yXlXXpN1EByTLRlyoq5rTk0xMQlD3YuhxoQQES0FmkQHxLxAhuJTqNLReqHvvqfMenHve_Xi7OCA-Crp_4W09UnFMV7ttt_XSFZUKXdrWucstz227x1pXVNoLjrU2m2SGr3p-0HZfbp2WfEOvdlzPdT3Xa51SRkZ6c3XGQmX3Q68duu2g0_a6ATbNf7EtHFjqQAwPyBEoUT_7R_QeFJ8iTb46Ke1GrrNX3kyKmObaYCh230k3Ul2mSBZtZBxE6e78NLStCflsCTrdnU8APdxpJgBTNVl6_jFYujuXCTa89VQpiyFTMPE_lMMpZDyFolNwvQUlfiYAFzh3Hmly-5w2Jb3-lKUNW5PlJ39BlTVZfnwUafLgRKw2W5d0XORKpxabUQW1OYVamyIr9pCPlqDKPfD8IyjxE1l9chZpsnPexhpK7L_os1D2-qFckS6TK0Eg-yth0OuudAeiTxl1qQy8mUUqmoJaB0XzKQdF5KDIHCRivxW4g4B71O9FoeB9N6BBICRzw0HHdWnI-yh4o32MPBuDx2NwcwOZ-fCO8PvSZzzYZthQY5jiIex6BSsc2JxgKCqUkqC0BCUlKBVBmROUw-qWiG3HVrdFbAvmzWtnXv1qovO1bXpL52syJaBmDCOqHZVds1vg-aHJKLJioptEWV5NKBPVdnZAnmscdoaf9LEh91u0J_p-n3HG5YBGHhOSR770RTfq8QHtD2BVBWWXZr6MVE1e--4eMlWT_x9-BozuwcZ74MoBLTzQsgJdrzBKH-SF2VB2ndprba4TCF0hy5eRX3e24wPywuyV371zHJI_Op6Pfj_94OgH4KZCZiq8r74nWItvTi7qkuxc1KUlX5_PcpWoEW024FJOc3no7lvyeqmNOHPSjr98nTdE096_LG1-lqZCpWuW3DuhhJDmlDZckm_P2CuSXSjs-onCpEV29sIbp84kmZHWKp1OQVVNDj-8C65qcuS3rdl2-6f_hjJTmKJCUjwi8wDPbsBmC2w1gYkXmGUOyqKamA5b_IwVQSwXmLIK9l-YLfqJoc1tqqptexNrZhk030KaVBiaCsO4Ao3HsMXhSZ6ZR8d__LyJL8Di5QmLzfIOi0386czimlz91dbk6i9_1uTqkyVYtd_qdpjfGwx6MuqJyBd-xxdh15VhQMNeEAZd5LZe_0b_8E8AAAD___9RqUHKBAAA HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl24547895=1; nleca6d737bcbce8af1bdecf3e3d5f6c8a78=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3c7505dcfd7b03586980794751f80ae9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/ren.gif?sid=H4sIAAAAAAAC_1RSzYsc1Rd9Pb_ht4iK-IELV71woZDpqeqq_igjBGMcicYkJJGAZvO-aubZVfUq71V1dXoVDYQsG3GhrqpPTzLRhKDuRelxoQQESzezyGz8C0TIWqrT0PFC3XtPnffg3PPujWl-SDzk9ODc-3qsoohudlpO89VLKhG6sM0zF5uu03KONS-ppOsfa47qZIavu57fcl5rviP5QG-2HddxXMdtbikjQz3aXLBQ6b3AbQVOy2-33I6PkfkvtnkDljYghofkeShRPftX-BEUnyOJvz0p7SDT6dG34zyimTYYir0PkkGiiwTxqg1NA2GytzwNbStCvliDTvaWE0APd-sJwFRF1l56CJbsLWWCDW89VsoiyARMPIViOIeM5lB0Dq6vQ4nfCcAFzpxFEt8-o01Brz5mac1WZP3RP1BFRdYfvogkvn8iUqPmBR3lmdKJxSgsoUZzqO050nwf2XgNqtgHzz6FEr-RzUenkcS7Z22kocTBKx4LZLcXyA3pMLnh-7K3EfjdzkanL3qUUYdK311YpMI5qG0grz_VQB42kKcNxOKg6Tt9n7vU64aB4D3Hp74vJHOCfttxaMB7yHmtfYIsnYBHE3BzDan55I7wetJj3J8yDNQEJv8JdqeEFQ3YjGAoShSSoLAEBSUoFEGRERTD8paIbNuWt0Vkc-Yua3tZvXKms-0pvaWzbZkQUDOBEeWuSq_Y6-DZ_2bj0IqZrhNlWTmjTJTT9JA8VzvcGH7Ww0AeNGlX9Lwe44zLPg1dJiQPPemJTtjlfdrrw6oSyq4tfBmrirzx412kqiJPH3kGjO7DRvvgqgGau6BFCbpTYpzcz3IzUHaH2istrmMIXSLN1pFdbUyjQ_Ly4pUv_2kh-QOyDHBTIjUlPlY_E2xHN2fndUF2z-vCku_OppmK1ZjWG3Aho5n8_zfvyauFNuLUSTv5-k1eE3V776K02WmaCJVsW3L3hBJCmi1tuCQ_nLKXJDuX250TuUny9PS5t7ZOxamR1iqdzEFVRY4cHgVXFXnBbi2227_xLpSZw-Ql4vwJrek12HSFrSYw0QqzdA1FXs5Mm61-RoogkitMWQn7BGarfmZofZuqcmpvYtusg2bXkcQlhqbEMCpBowlsfmSWpebB8V-_rOMrsGh9xiKzvssiE31ekQ_vHF_4XJHLf_xdkcuP1mDVQbPTZl633-_KsCtCT3htTwQdRwY-Dbp-4HeQ2Wrne_3LvwEAAP__exnH48oEAAA=","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSzYsc1Rd9Pb_ht4iK-IELV71woZDpqeqq_igjBGMcicYkJJGAZvO-aubZVfUq71V1dXoVDYQsG3GhrqpPTzLRhKDuRelxoQQESzezyGz8C0TIWqrT0PFC3XtPnffg3PPujWl-SDzk9ODc-3qsoohudlpO89VLKhG6sM0zF5uu03KONS-ppOsfa47qZIavu57fcl5rviP5QG-2HddxXMdtbikjQz3aXLBQ6b3AbQVOy2-33I6PkfkvtnkDljYghofkeShRPftX-BEUnyOJvz0p7SDT6dG34zyimTYYir0PkkGiiwTxqg1NA2GytzwNbStCvliDTvaWE0APd-sJwFRF1l56CJbsLWWCDW89VsoiyARMPIViOIeM5lB0Dq6vQ4nfCcAFzpxFEt8-o01Brz5mac1WZP3RP1BFRdYfvogkvn8iUqPmBR3lmdKJxSgsoUZzqO050nwf2XgNqtgHzz6FEr-RzUenkcS7Z22kocTBKx4LZLcXyA3pMLnh-7K3EfjdzkanL3qUUYdK311YpMI5qG0grz_VQB42kKcNxOKg6Tt9n7vU64aB4D3Hp74vJHOCfttxaMB7yHmtfYIsnYBHE3BzDan55I7wetJj3J8yDNQEJv8JdqeEFQ3YjGAoShSSoLAEBSUoFEGRERTD8paIbNuWt0Vkc-Yua3tZvXKms-0pvaWzbZkQUDOBEeWuSq_Y6-DZ_2bj0IqZrhNlWTmjTJTT9JA8VzvcGH7Ww0AeNGlX9Lwe44zLPg1dJiQPPemJTtjlfdrrw6oSyq4tfBmrirzx412kqiJPH3kGjO7DRvvgqgGau6BFCbpTYpzcz3IzUHaH2istrmMIXSLN1pFdbUyjQ_Ly4pUv_2kh-QOyDHBTIjUlPlY_E2xHN2fndUF2z-vCku_OppmK1ZjWG3Aho5n8_zfvyauFNuLUSTv5-k1eE3V776K02WmaCJVsW3L3hBJCmi1tuCQ_nLKXJDuX250TuUny9PS5t7ZOxamR1iqdzEFVRY4cHgVXFXnBbi2227_xLpSZw-Ql4vwJrek12HSFrSYw0QqzdA1FXs5Mm61-RoogkitMWQn7BGarfmZofZuqcmpvYtusg2bXkcQlhqbEMCpBowlsfmSWpebB8V-_rOMrsGh9xiKzvssiE31ekQ_vHF_4XJHLf_xdkcuP1mDVQbPTZl633-_KsCtCT3htTwQdRwY-Dbp-4HeQ2Wrne_3LvwEAAP__exnH48oEAAA= HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl24547895=1; nleca6d737bcbce8af1bdecf3e3d5f6c8a78=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2dcb53e4362e2514dbe2ed6f4a36f700\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=2605\u0026rd=2605\u0026fd=567\u0026bv=25.8.5278\u0026tmpl=70","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=2605\u0026rd=2605\u0026fd=567\u0026bv=25.8.5278\u0026tmpl=70 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":773,"timings":{"blocked":340,"dns":14,"connect":102,"send":0,"wait":104,"receive":0,"ssl":209},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/9f/0a/74/9f0a74f78c5d3829cb6a4093293b8b22.js","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /9f/0a/74/9f0a74f78c5d3829cb6a4093293b8b22.js HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38541\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8d46eb8b6ed211d334b16f4419d77ac4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105718,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3da530468f5b79adbfd388129aefe218","sha1":"ab3a2547ba214ecc28669764b8fb83444d6bee17","sha256":"6c6804907c65baa697893c52c97aab9449c718e1117fbf96d2d2817d73a144ba","sha512":"733222416c8caead6ec0f074af244d79385554320a1731340c42376316ec353f3fbfa02c661c81a692b9278a0ff45050f9e95e51e0b7dbde2269683fa4d99442","ssdeep":"1536:cmt7BMZUs9piv3i6In8noteGF1XF36y8T6GhS:ckdv3i6C8notJZFqnM","tlshash":"88a3e9887f50f47d02da6036233f962ae1ee4e42154ee158d026fde53a68317e63ddb8","first_seen":"2025-08-30T03:28:36.847924Z","last_seen":"2025-08-30T03:28:36.847924Z","times_seen":1,"resource_available":true,"data":null}},"time_used":873,"timings":{"blocked":330,"dns":24,"connect":102,"send":0,"wait":105,"receive":103,"ssl":207},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzubkD8QfKAjCHDwomEnPTM9M2hXUdV0JxiTsRnIQD_WrJ-V0d_VWdU9P5hQMyB7Hm4KHzjfJBt1lUe-iTLxIVHQEIYfNQf8CFfYsPRkYfdDvva-_Kvje9-qjg-ycNJDRs8139ECFIV1uVt3KC9sqFjq3lfWtSs2tupcr2ypueZcr_TKZ3su1hld1X6y8JXlXL9fdmuvW3FrlmjIy0P3lKQuV3PVrVd-tevVqremhb_6PbebAUgeid06egBKTx_4M3oPiY8TRl1el7aY6eenNKAtpqg164vjduBvrPEY0bwPjIIiPZ6eh7YSQTxag4-PZBNC9w3ICMDUhC0_fB4uPZzLBekcXSlkIGYOJh5H3xpDhGIqOwfU-lPiVAFxgfQNxdHtdm5zuXrC0ZCdk8cE_UPmELN5_CnF070qo-pUbOsxSpWOLflBA9cdQnTGS7ATpYAEqPwFPP4QSP5PlB2uIo8MNG2oocfZ8g_my1fblknSZXPI82V7yvVZzqbki2pRRl0qvNrVIBWNQ6yArP-UgCxxkiYNInFU8d8XjNdpoBb7gbdejnickc_2VuutSn7eR8VL7EGkyBA-H4GYPidlDVw1hsu9gdwpY4cCmBD1RIJcEuSXIKUGuCPKUIO8VRyK0dVvcFqHNWG1W67PaKEY67RzQI512ZExAzRBGFIcquWn3wdNLo0FgxUiXibK0GFEmioPknDxe2up89pdGV55V2n4g2oLXWcv3POZR0RbNhvS4yz3elG0fVhVQdmFqxkBNyCvf3kGiJuSRhx4Foyew4Qm4ckCz50DzAnSnwCC-l2amq-wOtTerXEcQukCSLiLddQ7Cc_LsdLXvb_0CyU9fW_yxjJ_ATYHEFPhAfU_QCW-NruucHF7XuSVfbSSpitSAlmu_kdJUXvribbmbayNWr9rh56_zkijbu1vSpms0FiruWHLnihJCmmvacEm-WbXbkm1mdudKZuIsWdt849pqlBhprdLxGFRNiPO3AVcT8uSnz0yftPf7H1BmDJMViLJTMgvwZA82mWu3msCEc54lDvKsGJk6m_8MFUEo55iyAvY_mM37kaHlbaqKA3sLHeOApvuIowI9U6AXFqDhEDa7NEoTc_rqb41pgIXOiIXGOWShCT--sNiqs0qzzhqtlZWWDFoiaIhGvSH8pit9j_otz_eaSO1k52v9w78BAAD__8_jUwywBAAA","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:09.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzubkD8QfKAjCHDwomEnPTM9M2hXUdV0JxiTsRnIQD_WrJ-V0d_VWdU9P5hQMyB7Hm4KHzjfJBt1lUe-iTLxIVHQEIYfNQf8CFfYsPRkYfdDvva-_Kvje9-qjg-ycNJDRs8139ECFIV1uVt3KC9sqFjq3lfWtSs2tupcr2ypueZcr_TKZ3su1hld1X6y8JXlXL9fdmuvW3FrlmjIy0P3lKQuV3PVrVd-tevVqremhb_6PbebAUgeid06egBKTx_4M3oPiY8TRl1el7aY6eenNKAtpqg164vjduBvrPEY0bwPjIIiPZ6eh7YSQTxag4-PZBNC9w3ICMDUhC0_fB4uPZzLBekcXSlkIGYOJh5H3xpDhGIqOwfU-lPiVAFxgfQNxdHtdm5zuXrC0ZCdk8cE_UPmELN5_CnF070qo-pUbOsxSpWOLflBA9cdQnTGS7ATpYAEqPwFPP4QSP5PlB2uIo8MNG2oocfZ8g_my1fblknSZXPI82V7yvVZzqbki2pRRl0qvNrVIBWNQ6yArP-UgCxxkiYNInFU8d8XjNdpoBb7gbdejnickc_2VuutSn7eR8VL7EGkyBA-H4GYPidlDVw1hsu9gdwpY4cCmBD1RIJcEuSXIKUGuCPKUIO8VRyK0dVvcFqHNWG1W67PaKEY67RzQI512ZExAzRBGFIcquWn3wdNLo0FgxUiXibK0GFEmioPknDxe2up89pdGV55V2n4g2oLXWcv3POZR0RbNhvS4yz3elG0fVhVQdmFqxkBNyCvf3kGiJuSRhx4Foyew4Qm4ckCz50DzAnSnwCC-l2amq-wOtTerXEcQukCSLiLddQ7Cc_LsdLXvb_0CyU9fW_yxjJ_ATYHEFPhAfU_QCW-NruucHF7XuSVfbSSpitSAlmu_kdJUXvribbmbayNWr9rh56_zkijbu1vSpms0FiruWHLnihJCmmvacEm-WbXbkm1mdudKZuIsWdt849pqlBhprdLxGFRNiPO3AVcT8uSnz0yftPf7H1BmDJMViLJTMgvwZA82mWu3msCEc54lDvKsGJk6m_8MFUEo55iyAvY_mM37kaHlbaqKA3sLHeOApvuIowI9U6AXFqDhEDa7NEoTc_rqb41pgIXOiIXGOWShCT--sNiqs0qzzhqtlZWWDFoiaIhGvSH8pit9j_otz_eaSO1k52v9w78BAAD__8_jUwywBAAA HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27062639=1; slec79fd7dc2b6944b4ad7d53e4c0c4c5e79=[6116560]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9373877a257553af3cc83310fb318738\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbs?c=1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:11.433Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27124838=1; slec604c13fd8efa127c8ea9ec3804312c5d=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:11 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/uploads/thumbs/b6d7e708c-1.jpg","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /uploads/thumbs/b6d7e708c-1.jpg HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: image/jpeg\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 30 Aug 2026 03:23:04 GMT\r\nlast-modified: Mon, 18 Aug 2025 20:59:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5X7MejTDuXmRqN5YEnTOcvMAyiKkS4THgghVFOooudCi18qbR57oG3NDzpvAPro1ZN4tkui5COkHJLFJe2LKXee0oKdJlA21dY2y2fmXmg%3D%3D\"}]}\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b2b02569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":49485,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 720x405, components 3","md5":"65027cf5680c28027f57475d99853368","sha1":"45f62b2c636342f1c2b43e147da30a80d5a759d1","sha256":"80109ff7bbd247fdd7bca865339e1a151a53acb74cd69bc56778ce2a8c45d6e8","sha512":"919ed85a620ae9464accbcf263aab05703f359767069abc77970ceac1048a6d90368851347808ab542cf96c6c546d83cf02e7d5609867088963275c8a90b1b58","ssdeep":"1536:EeE4BahL4VGVtBd8qN6MfMlqOmPZQGcUUqy42:dTB24GtQsfMl8H5yr","tlshash":"cf23021cc463618f871b1b9a974c60def6c81c94256bf5a3029a1f244636bf499dc92e","first_seen":"2025-08-30T03:28:36.832672Z","last_seen":"2025-08-30T03:28:36.832672Z","times_seen":1,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/jquery.cropit.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/js/jquery.cropit.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: text/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vgw3JUTlYT%2BhEgAIVaA%2BhPQo6dXb%2B1TqYpygjErI0hSoaVYbedeEuZZ3Iy3w7RGnjbR4Gm1rV0T24XSpoHFflvr0sycfs%2FKtgud0dZpf8w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncontent-encoding: gzip\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c6b0b569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":27578,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (27266)","md5":"cd82e0edbcecf087be901e8e7ed0d035","sha1":"2cedce9f87501152efa36eb1949d95c0ca4ff200","sha256":"b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840","sha512":"972ad1b4fe72296e7123bebe0c1e18aaf1fe1617ed41762b0e0b3afc9a7e58c0a4f9e5354094808d94bcebcd8f7c1d12b9c794ae17c47bc9cb3586ca9899193f","ssdeep":"384:b4Ku+vsSCLma/KSUOW5Gur0433Pfmoz8DKNzmavSbnCIjcIOHinWK0inVcaTJX5s:XWmaiSO5Gu/wemaybVtPJXm","tlshash":"4fc2b4193ba1367742a7f1a0760f800c1275e975e446e38cb638d8fa9af18148a77f76","first_seen":"2023-03-07T12:01:39Z","last_seen":"2026-04-04T21:55:16.140514Z","times_seen":607,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/melody.social.dev.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/js/melody.social.dev.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: text/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tAaXpvgy9R6QwAdfBzgZS1TCNi3yHQvzCTBXt%2FW3kMCE0qz9dJWArVrwwWrJwh%2BZrq8r78QsxxckBp59EuE40BuSw5dmkueuBvM5%2FTFphg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncontent-encoding: gzip\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c6b0c569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12925,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (8862)","md5":"639a764cf0803939a44b4ed071d06cfd","sha1":"6ed0df51782ae71e8c91107642f51c4baa0163eb","sha256":"0173f0564447a100169acdd6c70f7a02019b883ab999b65457243964bd8328d6","sha512":"3bee44b9944449833d55266098f73c32c6fc5bc4c926ab1e61053f4c0a6cc23ed2f1b14c7d1786dc005ab2c2ea67333e98ca7d694abee7c80ad2a9d0fffb8ca7","ssdeep":"96:PPJLY0nRotZ7yEc+tYmgFjyR1fP41VFGBbd9PHutropdhXcN0bdAWkXbddVbWl6w:PP1YGk7yFtsR1fH1Ko+R5ZpVGRfB","tlshash":"fc42988fb163b8365be76034981712072237b5873a8f6018f6e5a09d5db07e87a73e17","first_seen":"2023-07-22T16:46:30Z","last_seen":"2026-02-15T14:48:58.343669Z","times_seen":11,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-migrate-1.2.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-migrate-1.2.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1c1f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\nage: 2127188\r\nx-served-by: cache-lga21931-LGA, cache-hel1410029-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 5, 90968\r\nx-timer: S1756524487.196974,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 3063\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":7199,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (7085)","md5":"eb05d8d73b5b13d8d84308a4751ece96","sha1":"743052320809514fb788fe1d3df37fc87ce90452","sha256":"1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d","sha512":"7b68a43a22a41404a2ff58e0da6a237492cad0fc3e56d216980802b4d5fb483895262a7e049340d6670002bdf899ba88c319239e60d0aae1ac31d98556b0ad6e","ssdeep":"96:tBySz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:zySzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"3fe196dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","first_seen":"2023-03-07T01:02:56Z","last_seen":"2026-04-04T21:55:16.197626Z","times_seen":19815,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":48,"dns":10,"connect":14,"send":0,"wait":13,"receive":1,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzubkD8QfKAjCHDwomEn3dM-PdgV1XVcW1yTsRnIQD9VV1ZNyurt6q7qnJ3MKBmSP400PQuebZIPusqh3USZeJCrsCEIOm8v6FyjsWXoyMPqg33tff1Xwve_VZ_v5GXGR09OND9RQRhFdbdbt2itbMuGqMLW1zZpj1-2LtS2ZtLyLtUGVdP91x_Xq9qu19wTrqdWG7di2Yzu1K1KLUA1WZyxketd36r5d9xp1p-lhoP-PTW7BUAu8f0aegeTTpx6GH0GyCZL428vC9DKVvvZunEc0Uxp9fvRh0ktUkSBetKG2ECZH89NQZkrIF0tQydF8Aqj-QTUBAjklS88_QJAczWUi6B-eKw0iiAQBfxxFfwIRTSDpBEztQfL7BGAca-tI4ttrShd055ylFTsly4_-gSymZPnBc0jie5ciOajdUFGeSZUYDMIScjCB7E6Q5sfIhkuQxTFY9ikk_52sPrqGJD5YN5GC5Kcvu4EvWm1frAg7ECueJ9orvtdqrjQ7vE0DalPhOTOLZDgBNRby6pMW8tBCnlqI-WnNszsec6jbCn3O2rZHPY-LwPY7DdumPmsjZ5X2EbJ0BBaNwPQuUr2LnhxB5z_BbJcw3ILJCPq8RCEICkNQUIJCEhQZQdEvD3lkGqa8zSOTB868NubVLccq6-7TQ5V1RUJA9QialwcyvWn2wLIL42Fo-FhViQZZOaYBL_fTM_J0Zav11V8heuK01rI95rgh74iQOo026wjqC-Z2bM91GqzJYWQJaZZmZgzllLzx4x2kckqeeOxJBPQYJjoGkxZo_hJoUYJulxgm97Jc96TZpuZmnakYXJVIs2VkO9Z-dEZenK324837EOzkreVfq_gNTJdIdYlP5M8E3ejW-LoqyMF1VRjy3XqayVgOabX2GxnNxIVv3hc7hdL86mUz-vptVhFVe3dTmOwaTbhMuobcuSQ5F_qK0kyQH66aLRFs5Gb7Uq6TPL228c6Vq3GqhTFSJRNQOSXW3xpMTsmzX74we9Lenw8h9QQ6LxHnJ2QeYOkuTLrQbhSBjhZ8kFoo8nKsG8HiZyQJIrHANChh_oODRT_WtLpNZblvbqGrLdBsD0lcoq9L9KMSNBrB5BfGWapP3vzDnQWCyBoHkbYOgkhHn59bbORprdkI3Fan0xJhi4cudxsu95u28D3qtzzfayIz0-3v1S__BgAA___eOGd1sAQAAA==","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:09.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzubkD8QfKAjCHDwomEn3dM-PdgV1XVcW1yTsRnIQD9VV1ZNyurt6q7qnJ3MKBmSP400PQuebZIPusqh3USZeJCrsCEIOm8v6FyjsWXoyMPqg33tff1Xwve_VZ_v5GXGR09OND9RQRhFdbdbt2itbMuGqMLW1zZpj1-2LtS2ZtLyLtUGVdP91x_Xq9qu19wTrqdWG7di2Yzu1K1KLUA1WZyxketd36r5d9xp1p-lhoP-PTW7BUAu8f0aegeTTpx6GH0GyCZL428vC9DKVvvZunEc0Uxp9fvRh0ktUkSBetKG2ECZH89NQZkrIF0tQydF8Aqj-QTUBAjklS88_QJAczWUi6B-eKw0iiAQBfxxFfwIRTSDpBEztQfL7BGAca-tI4ttrShd055ylFTsly4_-gSymZPnBc0jie5ciOajdUFGeSZUYDMIScjCB7E6Q5sfIhkuQxTFY9ikk_52sPrqGJD5YN5GC5Kcvu4EvWm1frAg7ECueJ9orvtdqrjQ7vE0DalPhOTOLZDgBNRby6pMW8tBCnlqI-WnNszsec6jbCn3O2rZHPY-LwPY7DdumPmsjZ5X2EbJ0BBaNwPQuUr2LnhxB5z_BbJcw3ILJCPq8RCEICkNQUIJCEhQZQdEvD3lkGqa8zSOTB868NubVLccq6-7TQ5V1RUJA9QialwcyvWn2wLIL42Fo-FhViQZZOaYBL_fTM_J0Zav11V8heuK01rI95rgh74iQOo026wjqC-Z2bM91GqzJYWQJaZZmZgzllLzx4x2kckqeeOxJBPQYJjoGkxZo_hJoUYJulxgm97Jc96TZpuZmnakYXJVIs2VkO9Z-dEZenK324837EOzkreVfq_gNTJdIdYlP5M8E3ejW-LoqyMF1VRjy3XqayVgOabX2GxnNxIVv3hc7hdL86mUz-vptVhFVe3dTmOwaTbhMuobcuSQ5F_qK0kyQH66aLRFs5Gb7Uq6TPL228c6Vq3GqhTFSJRNQOSXW3xpMTsmzX74we9Lenw8h9QQ6LxHnJ2QeYOkuTLrQbhSBjhZ8kFoo8nKsG8HiZyQJIrHANChh_oODRT_WtLpNZblvbqGrLdBsD0lcoq9L9KMSNBrB5BfGWapP3vzDnQWCyBoHkbYOgkhHn59bbORprdkI3Fan0xJhi4cudxsu95u28D3qtzzfayIz0-3v1S__BgAA___eOGd1sAQAAA== HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27124838=1; slec604c13fd8efa127c8ea9ec3804312c5d=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f12c9c1329d8efd404a86fb0ccf8f881\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2Fd3%2F55%2Ffb%2Fd355fb06fa4f4907609b7d285fa07f7a%2F1664530003.html\u0026l=1175\u0026fd=524","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2Fd3%2F55%2Ffb%2Fd355fb06fa4f4907609b7d285fa07f7a%2F1664530003.html\u0026l=1175\u0026fd=524 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27124838=1; slec604c13fd8efa127c8ea9ec3804312c5d=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:10 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=530","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=530 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27124838=1; slec604c13fd8efa127c8ea9ec3804312c5d=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:10 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":85,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Sat, 30 Aug 2025 04:16:06 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: same-origin\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GjZFyj1cEGFJV8fzvBq9Td5a99953cVxkmwFALvHF0LyF9GKulO2WhOKqNvundpdz9WwMvAdeELCzAxBy%2BYz2TBUK6JLza91mUiFSwrFmA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncf-ray: 9771323b3b08569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-04T22:29:14.199471Z","times_seen":94551,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waistcoatreferchemistry.com/a6d737bcbce8af1bdecf3e3d5f6c8a78/invoke.js","fqdn":"waistcoatreferchemistry.com","domain":"waistcoatreferchemistry.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"waistcoatreferchemistry.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Wed, 16 Jul 2025 11:07:23 GMT","end":"Tue, 14 Oct 2025 11:07:22 GMT"},"fingerprint":{"sha1":"04:B7:49:7D:05:88:55:0E:97:9E:B1:0C:BD:16:B7:BF:C5:FE:2A:66","sha256":"15:C6:11:CF:88:26:9C:E2:B9:11:CF:EE:D3:B4:7D:FF:D3:EC:49:2C:B7:CF:6E:33:EA:AE:26:A9:2A:5F:08:63"}}},"request":{"raw":"GET /a6d737bcbce8af1bdecf3e3d5f6c8a78/invoke.js HTTP/1.1\r\nHost: waistcoatreferchemistry.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 12588\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: waistcoatreferchemistry.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3318459a0bc0a6b08ffe5dac05a95d24\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31134,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (31132), with no line terminators","md5":"4744c1978a12218b5a19c45b9297517f","sha1":"95030ae58978b8aea9845e670bdb81827ea62e9b","sha256":"5ce9f68742f92f278ea9a9bcb1bbd3e0f556d3ad697a8413719f0c44eaca2e32","sha512":"131856300e38a9bac371df6a6f55c54436ee42ea939d5d95890008416fd8fe8828e47a90681d30cfe3e0766f9f64f8fa130e4f9ffd0278c866b894004954fd77","ssdeep":"768:5daJfLHR9AJK/57czlGOHErLJEOlhPmT9:0LHRNah2c9","tlshash":"f5e2e8eb7f10b3bd129b9473263f440ae3391c02f5c8c75dd976d6952e8c30a896a6d8","first_seen":"2025-08-30T03:28:36.857461Z","last_seen":"2025-08-30T03:28:36.857461Z","times_seen":1,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"waistcoatreferchemistry.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/ntv.json?key=a6d737bcbce8af1bdecf3e3d5f6c8a78\u0026vstc=4\u0026uuid=3b9e679e-e0be-44e7-9465-58d7aba0ae41%3A1%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb=","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /ntv.json?key=a6d737bcbce8af1bdecf3e3d5f6c8a78\u0026vstc=4\u0026uuid=3b9e679e-e0be-44e7-9465-58d7aba0ae41%3A1%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb= HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: application/json\r\nContent-Length: 12504\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://mc.turkishasq.com\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; expires=Sat, 06 Sep 2025 03:28:08 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 31 Aug 2025 03:28:08 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 31 Aug 2025 03:28:08 GMT; path=/; secure; SameSite=None\npdhtkv49=true; expires=Sun, 31 Aug 2025 03:28:08 GMT; path=/; secure; SameSite=None\nuncs49=1; expires=Sun, 31 Aug 2025 03:28:08 GMT; path=/; secure; SameSite=None\nu_pl24547895=1; expires=Sun, 31 Aug 2025 03:28:08 GMT; path=/; secure; SameSite=None\nnleca6d737bcbce8af1bdecf3e3d5f6c8a78=[5941311]; expires=Sat, 30 Aug 2025 03:28:13 GMT; path=/; secure; SameSite=None\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: dbb3571c0003371036c88786262746b8\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16358,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"16765516066e11e9200e518d57026f50","sha1":"b2f9bf45068d5a6ac36061f48d203487324fe3ad","sha256":"8c42cf26638e8756bf6116e435055fc617cf4c096f5956b67ab4914b6586708c","sha512":"4301f4c5e21ca32ff4502c8162e53f31e7a2c76c09f3a69077e0b2533fd68e07494608256e4aa20b9384f260514e1e4bc168fce77a9334a90f759961ca8cd356","ssdeep":"384:tjl9GBA6vx62+oesvub/FOtzCEzFviDjbsfZrZJMvuu0r/E:tR56Z62+ivXzjzFxrrMvIw","tlshash":"2a72bff454acacfb29c911c4380eb9fd2c58360e49caca58e5b587ef3678ac35a7144d","first_seen":"2025-08-30T03:28:36.86023Z","last_seen":"2025-08-30T03:28:36.86023Z","times_seen":1,"resource_available":false,"data":null}},"time_used":809,"timings":{"blocked":303,"dns":25,"connect":92,"send":0,"wait":105,"receive":92,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/ren.gif?sid=H4sIAAAAAAAC_1RSzYsc1Rd9PRl-i_wUMYoLV71woZDpqeqq_igjBGMcCcYkJJGAZvO-auY5VfUq71V1dXoVDYQsG3GhrqpPTzLRhKDuRelxoQQEy9UsMhv_AhFn5UKq09DxQt17T5334Nzz7q1JfkA85HT_wnt6pKKIrndaTvPVKyoRurDNc5ebrtNyTjSvqKTrn2gO62QGr7ue33Jea74j-bZebzuu47iO29xQRoZ6uD5nodIHgdsKnJbfbrkdH0PzX2zzBixtQAwOyDEoUT33R_ghFJ8hib85Le12ptPjb8d5RDNtMBC77yfbiS4SxMs2NA2Eye7iNLStCPl8BTrZXUwAPdipJwBTFVl56TFYsruQCTa480QpiyATMPF_FIMZZDSDojNwfRNK_EYALnDuPJL47jltCnr9CUtrtiKrh39BFRVZffwikvjhqUgNm5d0lGdKJxbDsIQazqA2Z0jzPWSjFahiDzz7BEr8StYPzyKJd87bSEOJ_Vc8FshuL5Br0mFyzfdlby3wu521Tl_0KKMOlb47t0iFM1DbQF5_qoE8bCBPG4jFftN3-j53qdcNA8F7jk99X0jmBP2249CA95DzWvsYWToGj8bg5gZS8_E94fWkx7g_YdhWY5j8R9itElY0YDOCgShRSILCEhSUoFAERUZQDMo7IrJtW94Vkc2Zu6jtRfXKqc42J_SOzjZlQkDNGEaUOyq9Zm-CZ0emo9CKqa4TZVk5pUyUk_SAPF873Bh82sO23G_Sruh5PcYZl30aukxIHnrSE52wy_u014dVJZRdmfsyUhV544f7SFVFnjn6LBjdg432wFUDNHdBixJ0q8QoeZjlZlvZLWqvtbiOIXSJNFtFdr0xiQ7Iy_NXvvr7n5D8EVkEuCmRmhIfqZ8INqPb04u6IDsXdWHJt-fTTMVqROsNuJTRTP7v63fl9UIbcea0HX_1Jq-Jun1wWdrsLE2ESjYtuX9KCSHNhjZcku_P2CuSXcjt1qncJHl69sJbG2fi1EhrlU5moKoiRw-Og6uKvGA35tvt3zoGZWYweYk4f0pregM2XWKrCUy0xCw9giIvp6bNlj8jRRDJJaashH0Ks2U_NbS-TVU5sbexaVZBs5tI4hIDU2IQlaDRGDY_Os1S8-jkL1_U8SVYtDplkVndYZGJPqvIB_dOVuTq3__Mza7I1cMVWLXf7LSZ1-33uzLsitATXtsTQceRgU-Drh_4HWS22vpO__xvAAAA__-HFjlpygQAAA==","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSzYsc1Rd9PRl-i_wUMYoLV71woZDpqeqq_igjBGMcCcYkJJGAZvO-auY5VfUq71V1dXoVDYQsG3GhrqpPTzLRhKDuRelxoQQEy9UsMhv_AhFn5UKq09DxQt17T5334Nzz7q1JfkA85HT_wnt6pKKIrndaTvPVKyoRurDNc5ebrtNyTjSvqKTrn2gO62QGr7ue33Jea74j-bZebzuu47iO29xQRoZ6uD5nodIHgdsKnJbfbrkdH0PzX2zzBixtQAwOyDEoUT33R_ghFJ8hib85Le12ptPjb8d5RDNtMBC77yfbiS4SxMs2NA2Eye7iNLStCPl8BTrZXUwAPdipJwBTFVl56TFYsruQCTa480QpiyATMPF_FIMZZDSDojNwfRNK_EYALnDuPJL47jltCnr9CUtrtiKrh39BFRVZffwikvjhqUgNm5d0lGdKJxbDsIQazqA2Z0jzPWSjFahiDzz7BEr8StYPzyKJd87bSEOJ_Vc8FshuL5Br0mFyzfdlby3wu521Tl_0KKMOlb47t0iFM1DbQF5_qoE8bCBPG4jFftN3-j53qdcNA8F7jk99X0jmBP2249CA95DzWvsYWToGj8bg5gZS8_E94fWkx7g_YdhWY5j8R9itElY0YDOCgShRSILCEhSUoFAERUZQDMo7IrJtW94Vkc2Zu6jtRfXKqc42J_SOzjZlQkDNGEaUOyq9Zm-CZ0emo9CKqa4TZVk5pUyUk_SAPF873Bh82sO23G_Sruh5PcYZl30aukxIHnrSE52wy_u014dVJZRdmfsyUhV544f7SFVFnjn6LBjdg432wFUDNHdBixJ0q8QoeZjlZlvZLWqvtbiOIXSJNFtFdr0xiQ7Iy_NXvvr7n5D8EVkEuCmRmhIfqZ8INqPb04u6IDsXdWHJt-fTTMVqROsNuJTRTP7v63fl9UIbcea0HX_1Jq-Jun1wWdrsLE2ESjYtuX9KCSHNhjZcku_P2CuSXcjt1qncJHl69sJbG2fi1EhrlU5moKoiRw-Og6uKvGA35tvt3zoGZWYweYk4f0pregM2XWKrCUy0xCw9giIvp6bNlj8jRRDJJaashH0Ks2U_NbS-TVU5sbexaVZBs5tI4hIDU2IQlaDRGDY_Os1S8-jkL1_U8SVYtDplkVndYZGJPqvIB_dOVuTq3__Mza7I1cMVWLXf7LSZ1-33uzLsitATXtsTQceRgU-Drh_4HWS22vpO__xvAAAA__-HFjlpygQAAA== HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl24547895=1; nleca6d737bcbce8af1bdecf3e3d5f6c8a78=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3393b1d9ac3e351085ca543cdf3e1aca\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:09.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 30 Sep 2022 09:26:48 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BzqHUCXDm9dDXcj3ZVzywBJjcifv%2BuhkTZeFraCpRRJZFgkllCbIFoVa3DMa0pmnjB8wcJ4AjSgFQw62WPRBIPCR%2B%2FV1ApmMBTv58cg%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9771324c7b8cb503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1175,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"4cadfafa63acfac77d51a9e8d602fd56","sha1":"59d686d83b171e39e607a1223cd6dced146a785a","sha256":"51ce9d4f3e78c378cf86521d43deafdb23e01a4c859b72e2ca7bef73736ceaac","sha512":"51c92a795bf48cd528dd5805f58ee2fd93afce26668870d4111c359c03b3b51df12f88314d4f82c51891689ba83ae73bad80f87359c73f506034f94d35df046b","ssdeep":"","tlshash":"6d213d516ee9c537029350c07b706f2be881d583894e9d407bbc49588fd5ec1c967407","first_seen":"2023-04-05T23:50:36Z","last_seen":"2025-12-22T04:22:03.434904Z","times_seen":708,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":24,"dns":6,"connect":1,"send":0,"wait":490,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Sat, 07 May 2022 05:43:05 GMT\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wCt1TzYPPMgYZn3lMrXcb7B0ifPqbIiB15n15IDbNmw%2F1XUNOf5gIAdFQgGLrSkJs8ITw1%2F4W4Die3kJbgpF%2FluVCHoFSyn39z4Rcm%2BY\"}]}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 163724\r\ncf-cache-status: HIT\r\netag: W/\"627606e9-15d94\"\r\ncf-ray: 97713251de7e712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":89492,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"561acb3e541133bbdd2c0c19f8ee35a1","sha1":"ffd1353cf3f77d25f801c84d8208613eb0d3d548","sha256":"9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc","sha512":"8a647ed6f56b4da93c7a034609060991cc8080350f057f4f2af2c369f18af066db3b4e77701fc017027fd774264a6d0f84927239d7d2f693edc6f7d6a0917be3","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakV:YYh8eip3hXuf6IidlrvakdtQ47GKl","tlshash":"f993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:04:00Z","last_seen":"2026-04-04T21:16:11.401734Z","times_seen":6516,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waistcoatreferchemistry.com/07/48/02/07480215b199138738a408914e7f4f8d.js","fqdn":"waistcoatreferchemistry.com","domain":"waistcoatreferchemistry.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.429Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"waistcoatreferchemistry.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Wed, 16 Jul 2025 11:07:23 GMT","end":"Tue, 14 Oct 2025 11:07:22 GMT"},"fingerprint":{"sha1":"04:B7:49:7D:05:88:55:0E:97:9E:B1:0C:BD:16:B7:BF:C5:FE:2A:66","sha256":"15:C6:11:CF:88:26:9C:E2:B9:11:CF:EE:D3:B4:7D:FF:D3:EC:49:2C:B7:CF:6E:33:EA:AE:26:A9:2A:5F:08:63"}}},"request":{"raw":"GET /07/48/02/07480215b199138738a408914e7f4f8d.js HTTP/1.1\r\nHost: waistcoatreferchemistry.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:07 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38542\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: waistcoatreferchemistry.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6e7e051b1d8e03442edfd5e6f47b0e72\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105951,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a320db4075323c194a6bd6c90441ab1b","sha1":"1b0aebde33761e7e26b3fb93e2cc1cfe66b8bf20","sha256":"cda50f39181a3c3cb936d26a3429032de306256344b9e5645039173f0717204d","sha512":"d900078e3c57564a56c0dda957afc7da1f7799a4461c5756a0bff9f86bc993de521b734ff9a757ce118cd50d74152a47a0b7af1639c9eaaf261e6178f038a267","ssdeep":"1536:dxIVgLSwVJi5sbaeBvat/xp1P2PNrdMCC2cevmiwB/BDMCHT5Y:bZVJi5s7ahxp521rcuZwHRu","tlshash":"8ba3a8487f90fcbe02566033663f951bf1aa0e815958c988d11afdb42a3c31bf63da75","first_seen":"2025-08-30T03:28:36.865706Z","last_seen":"2025-08-30T03:28:36.865706Z","times_seen":1,"resource_available":true,"data":null}},"time_used":856,"timings":{"blocked":329,"dns":51,"connect":91,"send":0,"wait":105,"receive":92,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"waistcoatreferchemistry.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/css/bootstrap.min.rtl.css","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/css/bootstrap.min.rtl.css HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: text/css\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 25 Sep 2025 13:39:05 GMT\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=01TyHQcRhSFVbyLZJsR7m6VRRUWbOh%2B0iK4TUxd5G6tQ%2BQkLEo9Pb2cvfio3QUzRH%2Bh5rz0kdTuOMR7nTQp6g6KBnq6OM86s0OxgRhaLpw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\nage: 185049\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b0afc569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":33283,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (540)","md5":"8e65c5cc3bcf7ef96ea90473d0ae2468","sha1":"a2aa9e160648970336a6519e428372e59faa95d7","sha256":"498dd6154e8e5089c7002c183235b7e1471668f8935c328de6a09962bca4d609","sha512":"02385079f2c8e23ed4dfb555e1ff49817bde8bfaed20d3b5e2891d856f2e5b676cfd310226f8c9427092d91ed6aa7dece1517db7216fb1fcd0f4a5fc65d85d00","ssdeep":"768:+DCsvIr72OHhwZSuWX6NLmLGuBeGYDCvVJiuKMHsDPGG71YNieaPsy03QbL++3Zm:iXyZ7J","tlshash":"b0e2accc9a722949b136c5efb5658c4363486407627fec73b6e13e60ff485468863b8b","first_seen":"2023-04-14T07:40:47Z","last_seen":"2026-03-17T09:06:03.801956Z","times_seen":43,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/ajax.php?p=stats\u0026do=show\u0026aid=1\u0026at=1","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /ajax.php?p=stats\u0026do=show\u0026aid=1\u0026at=1 HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\npragma: no-cache\r\ncontent-type: image/gif\r\nexpires: Wed, 5 Feb 1986 06:06:06 GMT\r\ncache-control: max-age=16070400, must-revalidate\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-turbo-charged-by: LiteSpeed\r\nexpect-ct: max-age=86400, enforce\r\nlast-modified: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-encoding: gzip\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Agi97gTvfGKnKMXuDuaKdn0lcr9q%2B2mpEAxLI4YwrXFVeRse5xMeNGgD%2BPL8yVNEOrYk7cfEp07UDF6AeJK5ctcdsCkwV9NQOzaS%2Be2QUA%3D%3D\"}]}\r\ncf-ray: 9771323b2b00569a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"9b5e8704c89f018cff215cb5ed3e0128","sha1":"2a9fa3661b326c503e492b89cdd9130d12ead03d","sha256":"b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d","sha512":"fe365546202b36090aff7ea43d3ff0ef03e277cea36cad6dab6056758622a7e4f519198b6a2826d348632f2779d624926ba570a2bdcbe5c0c18e772b54211a7b","ssdeep":"","tlshash":"06900003cac8c022c2a0c0300a0c03002bba88300228030ec03c30fcec2a3a38c02000","first_seen":"2023-04-13T18:31:38Z","last_seen":"2026-04-04T22:16:02.562398Z","times_seen":2810,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/js/bootstrap-notify.min.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /js/bootstrap-notify.min.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: text/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nlast-modified: Mon, 18 Aug 2025 13:20:48 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IkPC%2FHQsu%2Fc0P7wxDYfTLu7g7REoUfSX6r1saDQ0Vk8nqpZ126a9VZ8KV5thR88N2ldXVs8HUd2qqXDwucDDlWmBPhXLQqneeBsIm%2FAxVA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncontent-encoding: gzip\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c6b13569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":8216,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (595)","md5":"5ba070af9d1b1a2782851940de30879f","sha1":"d33390fc88bf68bd23eb182d7dbc77f5227081b2","sha256":"a13a07b242c80b57e0cbbacc6cfedb538d4d331ff1f9dff370519ec57407e450","sha512":"3d793cb731b6a060ea4b68dd622b76ee0db7f1ca5536fd4b4831b6f586c8f4f6634fcfc64d7dd93e85298225e9a4aba6d9d44ca3d8fabc2dfd365a02df60abe0","ssdeep":"96:YjcZsiBifeECqrETiqx8D6Eie9tJzg1YkwVgwIuIL3BMLbR7HdvxsyBvoPrrOLKE:kFi4f/7ETi7DcKtJ03LLkp1xs1O","tlshash":"a902768d7112926a825b9277a08e0300f536a615e517f63d3e3ac4e6bdb4de822173f6","first_seen":"2023-03-07T12:59:18Z","last_seen":"2026-04-04T21:55:16.108705Z","times_seen":495,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/css/fonts/Material-Icon-PHP-Melody.ttf?206bv4","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/css/fonts/Material-Icon-PHP-Melody.ttf?206bv4 HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/templates/3arbserv/css/echo.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: font/ttf\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=16070400\r\nexpires: Tue, 02 Sep 2025 13:40:27 GMT\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sXe62xwXNWZqyH3eVByf0j0RNZXVxIvXNCIxeGyyS57%2FzOHG3XbP0vqVNNSnpbv%2F%2BHjhPGUgcnXmGDEUmIvlD2AkR6njEpxqKFo9%2F8JFWQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\nage: 91392\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c8b16569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":126808,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, Material-Icon-PHP-Melody","md5":"c66525c487d980ccda56d4668eccd47b","sha1":"e9b984773ce1a225a851ac1769875b57e2e4a3f9","sha256":"48ab864568194da965b383bf041943f4fbd6d13e5e7f60da9556c4667eb052f6","sha512":"af4684cf0c159b2a166b781d80b0d557c4dbee268f1c8b77be76aff304397305cf9f805724d78f317fd2c782026c1890939320237342a1594e69efc656ef7755","ssdeep":"1536:7gGdj76E2oK5LDS1K2bd9kG/Wn5z7Qk7ir7q627CeDY+d324xLTFg:Lj76E2r55UqnJs29xw4X","tlshash":"3bc3c580d765bc16ee0d5234d4dae31ad7fcb725eb56939a8dcaa80ccd1b4f2c98c150","first_seen":"2023-04-27T21:11:40Z","last_seen":"2026-03-25T16:51:17.189007Z","times_seen":142,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Mon, 21 Feb 2022 08:25:04 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"62134c60-1209\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Y0UB1ttKscKi%2F0c56JmwPw2wkde8bDrwE8D0%2BNkN70P%2BbVg0hiI8vHRCJW0S%2BENcVgSMCpgVMoeRmyiaUyeAAeL01Gb1bWHbVzl0nHG0\"}]}\r\ncf-ray: 977132513cdb56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4617,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"630f303dfe147dec2c4a226287393b69","sha1":"3e9f8270b84e09595181bd55de6785a89f53ba10","sha256":"967d085a33a12064d83cb38f582c3e418e021a2d523dd9597bb75dc00589fec7","sha512":"aa41feb60ccd79d5e3499f58fcdee9d8b14312a885901990af21f8b15cc21e84e57edf843c9dc69e8146b7151c4d010d0c2d2b4cf8dd46a312266bf73d88359d","ssdeep":"96:ynjK1CQxCqyjG+6VE1VOCXYAX5yIvcMpzsFuTOKoMGMp9h815/SgarZnA3AG5Nbd:QjK1C1qiG+6VE1VOib5yIvdpzsFuTOK+","tlshash":"a491eea202e70a40ea0bd5631bec4b027b7504c32e0ace59badd194c9fc197893d39b2","first_seen":"2023-05-18T19:42:30Z","last_seen":"2026-01-17T18:50:06.19479Z","times_seen":1110,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-JMRHR69VQJ\u0026gtm=45je58r1v9189573968za200zd9189573968\u0026_p=1756524487387\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104779684~104948811~104948813~105427542~105427544\u0026cid=1122192133.1756524488\u0026ecid=31457629\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026sid=1756524487\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fmc.turkishasq.com%2Ftag.php%3Ft%3D%25D9%2585%25D8%25B3%25D9%2584%25D8%25B3%25D9%2584-%25D8%25AC%25D9%2588%25D8%25AF%25D8%25B1-%25D8%25A7%25D9%2584%25D8%25AC%25D8%25B2%25D8%25A1-%25D8%25A7%25D9%2584%25D8%25AB%25D8%25A7%25D9%2586%25D9%258A-%25D8%25A7%25D9%2583%25D9%2588%25D8%25A7%25D9%2585%26page%3D2\u0026dt=%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D8%A8%D8%AD%D8%AB%3A%20%26quot%3B%D9%85%D8%B3%D9%84%D8%B3%D9%84%20%D8%AC%D9%88%D8%AF%D8%B1%20%D8%A7%D9%84%D8%AC%D8%B2%D8%A1%20%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A%20%D8%A7%D9%83%D9%88%D8%A7%D9%85%26quot%3B%20-%20Page%202\u0026en=page_view\u0026_fv=2\u0026_nsi=1\u0026_ss=2\u0026_c=1\u0026_ee=1\u0026ep.anonymize_ip=true\u0026tfd=2223","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:21:11 GMT","end":"Mon, 03 Nov 2025 19:21:10 GMT"},"fingerprint":{"sha1":"07:D4:DA:62:23:19:DE:C6:08:D3:6A:78:15:9D:A5:07:00:39:48:12","sha256":"B1:A9:08:B9:66:58:87:B4:23:94:8F:68:98:E7:F0:EE:8F:DA:A7:88:CC:7A:04:0E:80:74:B0:58:9E:A9:3E:D5"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-JMRHR69VQJ\u0026gtm=45je58r1v9189573968za200zd9189573968\u0026_p=1756524487387\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104779684~104948811~104948813~105427542~105427544\u0026cid=1122192133.1756524488\u0026ecid=31457629\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026sid=1756524487\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fmc.turkishasq.com%2Ftag.php%3Ft%3D%25D9%2585%25D8%25B3%25D9%2584%25D8%25B3%25D9%2584-%25D8%25AC%25D9%2588%25D8%25AF%25D8%25B1-%25D8%25A7%25D9%2584%25D8%25AC%25D8%25B2%25D8%25A1-%25D8%25A7%25D9%2584%25D8%25AB%25D8%25A7%25D9%2586%25D9%258A-%25D8%25A7%25D9%2583%25D9%2588%25D8%25A7%25D9%2585%26page%3D2\u0026dt=%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D8%A8%D8%AD%D8%AB%3A%20%26quot%3B%D9%85%D8%B3%D9%84%D8%B3%D9%84%20%D8%AC%D9%88%D8%AF%D8%B1%20%D8%A7%D9%84%D8%AC%D8%B2%D8%A1%20%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A%20%D8%A7%D9%83%D9%88%D8%A7%D9%85%26quot%3B%20-%20Page%202\u0026en=page_view\u0026_fv=2\u0026_nsi=1\u0026_ss=2\u0026_c=1\u0026_ee=1\u0026ep.anonymize_ip=true\u0026tfd=2223 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: null\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:158:0\r\nreport-to: {\"group\":\"ascnsrsggc:158:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":35,"dns":0,"connect":8,"send":0,"wait":19,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:11:38 GMT","end":"Mon, 29 Sep 2025 15:11:37 GMT"},"fingerprint":{"sha1":"F9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3","sha256":"D8:C9:87:B5:89:5E:D4:F4:8D:FD:98:3C:31:39:42:67:D3:20:27:14:A9:AD:F2:AB:97:A4:48:0F:94:F0:FF:A2"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5b4a81ef78cb5dbf13ed5727b3c6da11\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":82,"dns":27,"connect":17,"send":0,"wait":24,"receive":18,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-29","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html\u0026l=2977\u0026fd=488","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html\u0026l=2977\u0026fd=488 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27124838=1; slec604c13fd8efa127c8ea9ec3804312c5d=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:10 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css","fqdn":"netdna.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 12 Jul 2025 02:43:39 GMT","end":"Fri, 10 Oct 2025 03:43:37 GMT"},"fingerprint":{"sha1":"C1:BD:D6:84:57:89:FE:9E:6D:F9:1F:26:76:1D:7C:45:E8:23:F6:35","sha256":"42:6A:B9:E6:CC:53:CB:12:2A:7A:43:B8:3D:90:FC:5E:4D:CA:A2:E0:3D:B4:2E:38:10:A6:6F:26:86:7F:D5:A0"}}},"request":{"raw":"GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1\r\nHost: netdna.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncf-ray: 9771323b5d055690-OSL\r\ncdn-pullzone: 252412\r\ncdn-uid: b1941f61-b576-4f40-80de-5677acb38f74\r\ncdn-requestcountrycode: US\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"0831cba6a670e405168b84aa20798347\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:54 GMT\r\ncdn-cachedat: 11/11/2024 14:10:46\r\ncdn-proxyver: 1.06\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1111\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 1\r\ncdn-requestid: f2e02cde60d8fda1ac50833fedf7eb85\r\ncdn-cache: HIT\r\ncf-cache-status: HIT\r\nage: 2581525\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26711,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (26548)","md5":"0831cba6a670e405168b84aa20798347","sha1":"05ea25bc9b3ac48993e1fee322d3bc94b49a6e22","sha256":"936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829","sha512":"655f4a6b01b62de824c29de7025c4b21516e7536ae5ae0690b5d2e11a7cc1d82f449aaebcf903b1bbf645e1e7ee7ec28c50e47339e7d5d7d94663309dfa5a996","ssdeep":"384:/i5yWeTUKW+KlkJ5de2UYmydfwYUas8l8yQ/7:klr+Klk3YlKfwYUf8l8yQ/7","tlshash":"5ec240e8e54c01d66731c48bff85b36862b6f73dd5804da9f01f690c29d22a522c5fba","first_seen":"2023-04-05T03:42:18Z","last_seen":"2026-04-04T21:34:01.285116Z","times_seen":16050,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":6,"dns":4,"connect":1,"send":0,"wait":12,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/jquery.plugins.b.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/js/jquery.plugins.b.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: text/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=egiFmDGBkBwca1odvXWZQsSL5fc26ZwZOBMBp3HayeWEJ53a9Pvx4wXsKDOL%2FylCLkE54dQbbWMYbjGKYn9W6lnjY7ERCXCJOcW3puYMlg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncontent-encoding: gzip\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c6b0e569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":9509,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5838)","md5":"675182442ff7fc67b2f9748b6ac99a40","sha1":"0b40b9937ae8018bf209ae7b10940f3b2a1411a1","sha256":"9c6d06fd83d0e274e7b3f06d9f6f3320cbb5fdc9a6248f556ca39eef95708a57","sha512":"a2811fb4f7c3e419bc7b39897208fb4ad0c9e7197c85f9d143814f11bff208d4bbbba3be81a2ca3e980b63f10ae5e85be39daa1cafab678ca37747d0ff03bdab","ssdeep":"192:+rqHYs1VpcjP3+RMCN+h2eVUUZCDq78JlwyDp/VQ3Sh:+rSI2CxaqFcdVdh","tlshash":"1e12f8a93352342a62bb5168101ff50ff3229526d08b8050e21899f43ef9c8e3767fb9","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-03-23T23:41:29.22203Z","times_seen":73,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/js/melody.dev.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/js/melody.dev.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: text/javascript\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jHrmI1VqF2W3YPho2THaEVf2OMtB1StMCQayRCQAaCgFeSDvUP5ZZ1%2F8wfl9QL5YyPEHRIUvpgCjfqL7%2FDPHAgXH%2FvCZaMOmPZlb8fwnCw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncontent-encoding: gzip\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c6b10569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":7677,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"16382a2673590ae717ee030d81e32fc5","sha1":"8139236171b763ddac3c3d2b6ee4214b2469bcda","sha256":"41af4a2fb3effba0f84cf21ea77ad4db2373086ee9bda4160dd7a4c14392c179","sha512":"a465abd68ba833790e826dd7b92a0d94375462ba880f09b340c3645923ea27ba44555568daed40d6c9606ce6ba5ee34f2619d81c63e6c625c012d364e07f785d","ssdeep":"192:IG7tGJhJ3zmp/OPGP0xBhS7LL5HuUIrT9dBsl1UwjYdBsl1Uwh:I0jp/OPGsxf1woXwoA","tlshash":"93f19558f7bc279998f730660d3e60880d3ec0535203d958bd3ca1941fddae52676baa","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-03-23T23:41:29.211292Z","times_seen":69,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/79/fd/7d/79fd7dc2b6944b4ad7d53e4c0c4c5e79.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /79/fd/7d/79fd7dc2b6944b4ad7d53e4c0c4c5e79.js HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 29374\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c81169c053754ddb90d4e16d70e18d9d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72643,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"e1b56425b9c9869ef900568598584541","sha1":"e7af1732e3b54cc311826807630d2aca4d982ec8","sha256":"d0213d6bc75c17828f232ecec3e849efc7f6d6bd6788a028dee351095494af63","sha512":"2dbd687048e6bfc1cccf6ae94b50ff85867eaf66298de6666fe976d36727e1231ed4237bf54e83bff1cf57315acbe88b3fcbe64c0c0278988a0c4e9c1e469880","ssdeep":"768:Y2bnYsmqjNqw648+QhS8u+Jcj/XcdNjNOmOdY08kUbTehzbcepwOf:Y2bn/e4x5O+jvcUdY0U3f4","tlshash":"b763c7483f91b27802e6b8fa712fa61af0265c0195d8e0d8f503f4deae66719f035f25","first_seen":"2025-08-30T03:28:36.879571Z","last_seen":"2025-08-30T03:28:36.879571Z","times_seen":1,"resource_available":true,"data":null}},"time_used":771,"timings":{"blocked":290,"dns":10,"connect":92,"send":0,"wait":96,"receive":93,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"professionaltrafficmonitor.com/stats","fqdn":"professionaltrafficmonitor.com","domain":"professionaltrafficmonitor.com","tld":"com"},"ip":{"addr":"3.78.68.13","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"protrafficinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 01 Jul 2025 00:00:00 GMT","end":"Thu, 30 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6","sha256":"49:03:4C:2C:1B:23:D8:D6:CB:AE:F0:54:61:99:C2:20:F4:FF:87:5E:0B:72:B1:6B:D8:AB:21:49:2D:F2:EC:4A"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: professionaltrafficmonitor.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:08 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://mc.turkishasq.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; expires=Tue, 28 Aug 2035 03:28:08 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"2e8019490a5bd664a395f15527622cf4","sha1":"563d064cde38cec76689a9b26dc296de696ee38a","sha256":"7f759b0c1fe4d33395e9674a4a1072b37fdbae198c25895d4b61d9cba5c85e42","sha512":"797ceebb8114b2cff7d50b6efaed9ee7a0833086ead8e0cad3d2ac34f17736e0651ed266ec6ceb8454caa1c3f74476e00cf9a605a4d00591052703531b40107b","ssdeep":"","tlshash":"179004cc5d1345040d000d1f034001747dc40414470300543405d5514511517d47c175","first_seen":"2025-08-30T03:28:36.88116Z","last_seen":"2025-08-30T03:28:36.88116Z","times_seen":1,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":79,"dns":12,"connect":21,"send":0,"wait":22,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 02:39:12 GMT","end":"Sat, 22 Nov 2025 03:39:06 GMT"},"fingerprint":{"sha1":"B4:6C:D2:16:CA:52:EE:BD:22:D7:B4:2C:64:FF:A5:EF:67:D8:E1:F8","sha256":"FF:3A:23:84:D6:B2:73:DF:50:6E:1A:45:A4:AB:03:37:0B:C4:4A:8E:82:12:99:10:80:A2:F7:FC:71:E3:BA:1D"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9771323b5efab505-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-04T22:45:20.97251Z","times_seen":330264,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":2,"connect":1,"send":0,"wait":11,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/a?v=3\u0026t=l\u0026pid=378891782\u0026rv=58r1\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104779684~104948811~104948813~105427542~105427544\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026gtm=45je58r1v9189573968za200zd9189573968\u0026cl=2.3.2\u0026ccid=189573968\u0026cid=G-JMRHR69VQJ\u0026l=L2038.S25.Y2.B64.E659.I1502.TC19.HTC0~gtm.init_consent.S2.V1.E63~gtm.init.S1.V1.E72.TS5ogt1pdatav2.TI13.TE3.TS5ccdgaregscope.TI27.TE3.TS5ccdemdownload.TI25.TE3.TS5ccdemform.TI24.TE3.TS5ccdemoutboundclick.TI23.TE1.TS5ccdempageview.TI22.TE2.TS5ccdemsitesearch.TI20.TE1.TS5ccdemvideo.TI19.TE1.TS5ccdconversionmarking.TI18.TE1.TS5ccdadd1pdata.TI17.TE2.TS5ccdgalast.TI15.TE1.TS5ccdgafirst.TI30.TE56.TS5setproductsettings.TI29.TE55.TS5ogtgooglesignals.TI28.TE55.TS5ccdaddecs.TI26.TE52.TS5ccdemscroll.TI21.TE49.TS5ccdautoredact.TI16.TE43~gtm.js.S2.V1.E43.TS5gct.TI5.TE40.TS5zone.TI7.TE40~gtm.dom.S2.V2.E17~gtm.load.S1.E15~GA187","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:21:11 GMT","end":"Mon, 03 Nov 2025 19:21:10 GMT"},"fingerprint":{"sha1":"07:D4:DA:62:23:19:DE:C6:08:D3:6A:78:15:9D:A5:07:00:39:48:12","sha256":"B1:A9:08:B9:66:58:87:B4:23:94:8F:68:98:E7:F0:EE:8F:DA:A7:88:CC:7A:04:0E:80:74:B0:58:9E:A9:3E:D5"}}},"request":{"raw":"GET /a?v=3\u0026t=l\u0026pid=378891782\u0026rv=58r1\u0026tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104779684~104948811~104948813~105427542~105427544\u0026u=AAAAAAAAAAAAAIA\u0026h=Ag\u0026gtm=45je58r1v9189573968za200zd9189573968\u0026cl=2.3.2\u0026ccid=189573968\u0026cid=G-JMRHR69VQJ\u0026l=L2038.S25.Y2.B64.E659.I1502.TC19.HTC0~gtm.init_consent.S2.V1.E63~gtm.init.S1.V1.E72.TS5ogt1pdatav2.TI13.TE3.TS5ccdgaregscope.TI27.TE3.TS5ccdemdownload.TI25.TE3.TS5ccdemform.TI24.TE3.TS5ccdemoutboundclick.TI23.TE1.TS5ccdempageview.TI22.TE2.TS5ccdemsitesearch.TI20.TE1.TS5ccdemvideo.TI19.TE1.TS5ccdconversionmarking.TI18.TE1.TS5ccdadd1pdata.TI17.TE2.TS5ccdgalast.TI15.TE1.TS5ccdgafirst.TI30.TE56.TS5setproductsettings.TI29.TE55.TS5ogtgooglesignals.TI28.TE55.TS5ccdaddecs.TI26.TE52.TS5ccdemscroll.TI21.TE49.TS5ccdautoredact.TI16.TE43~gtm.js.S2.V1.E43.TS5gct.TI5.TE40.TS5zone.TI7.TE40~gtm.dom.S2.V2.E17~gtm.load.S1.E15~GA187 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:922:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:922:0\r\nreport-to: {\"group\":\"ascgcycc:922:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:922:0\"}],}\r\ndate: Sat, 30 Aug 2025 03:28:08 GMT\r\ncontent-type: text/html\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/img/icon-play-32.png","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/img/icon-play-32.png HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/templates/3arbserv/css/echo.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: image/png\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 26 Aug 2026 13:39:06 GMT\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\nage: 185049\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m2h%2FeEUwbOoiBhS60CZ3weuScTfvQKXF1H0DvDLNmLvYEqqgNk9tvu6yiasxruabQ1%2BhBp4jP%2BBPN%2FxOmjj6MUWMEnscxG2EWx3%2Bi3DwPA%3D%3D\"}]}\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323c5b0a569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2413,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"35bd95e97ff446debcc363482550378d","sha1":"91c8d90e0524e5346aa4f3ae0806893db5d95959","sha256":"eee224146191f9cc5fabac0a105fe5b9b34750f8afe16823dbb593259d8a1d75","sha512":"cb1e95ff009f563b6d436c90b3b10c9efd2d6be53fcd8938d8c027c4839e3c94cdb8994441ee44c1af35b06611912903ba7e66f258b58af8943e7fee632d8ad5","ssdeep":"","tlshash":"8041e84dfe422c30c288e5727de4a093a8375cc482c0a563bcdcc16398b04fbb92cad2","first_seen":"2023-05-09T02:55:10Z","last_seen":"2026-03-29T20:18:02.14383Z","times_seen":235,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 01 Jul 2025 15:11:38 GMT","end":"Mon, 29 Sep 2025 15:11:37 GMT"},"fingerprint":{"sha1":"F9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3","sha256":"D8:C9:87:B5:89:5E:D4:F4:8D:FD:98:3C:31:39:42:67:D3:20:27:14:A9:AD:F2:AB:97:A4:48:0F:94:F0:FF:A2"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 31568aeb38e9b2da3f12e7f183be747f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-29","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/4b/75/3b/4b753b437ff8f56901e837fea0e6bca359fe1e90bff265f8a8bfba1802d37813.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 10 Jul 2025 02:33:11 GMT","end":"Wed, 08 Oct 2025 02:33:10 GMT"},"fingerprint":{"sha1":"06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9","sha256":"CF:05:58:46:C3:07:3F:B6:A6:8D:42:F2:3B:3D:91:36:93:10:CB:D5:89:47:A3:62:26:D2:F3:BA:AC:51:0E:B7"}}},"request":{"raw":"GET /si/4b/75/3b/4b753b437ff8f56901e837fea0e6bca359fe1e90bff265f8a8bfba1802d37813.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 6423\r\nserver: nginx/1.21.6\r\nlast-modified: Fri, 15 Aug 2025 01:09:01 GMT\r\netag: \"689e88ad-1917\"\r\nexpires: Mon, 01 Sep 2025 03:28:10 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6423,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"d8f143c53ef89fe568fb4f86eaaadd76","sha1":"57435a41ae46252e83eaa425e86c8d004fc82287","sha256":"2939c9713939fc59e054d5101edbb46015515ea52bd362372aeb6475d0a67a26","sha512":"1344497a4e548bea8882be8acbb9384fa7dcc15e31194cc670622945ba95d60825d069dffb2d3cd3a659c21df65909b3780e377c55202560be35db2aec41b680","ssdeep":"96:IElbw+iukgvhR4EpfmZe4iM/B+bNpqt9TJu5FY67pz97OPhk7fIOA+e1vRvzo:9wtwRfunBKMt9eY2pz9qa6RZvE","tlshash":"73d18e4a94192ba1ee9a49f8e8d73f03d22876716e66b63420830cfdbb12dfc4144741","first_seen":"2025-08-15T07:53:25.315072Z","last_seen":"2025-12-22T04:22:03.419479Z","times_seen":1333,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzubkD8QfKAjCHDwomEn3dM8vV1DjGgnGJOxGchAP1VXVk3K6u3qruqcncwoGZI_jTQ9C55tkg-6yqHdRJl4kKuwIQg6by_oXKOxZejIw-qDfe19_VfC979Vnh9kFcZHR860P1ECGIV2uV-3KKzsy5io3lY3timNX7auVHRk3vKuVfpl073XH9ar2q5X3BOuq5Zrt2LZjO5VVqUWg-stTFjK523aqbbvq1apO3UNf_x-bzIKhFnjvgjwDySdPPQw-gmRjxNG314Tppip57d0oC2mqNHr85MO4G6s8RjRvA20hiE9mp6HMhJAvFqDik9kEUL2jcgL4ckIWnn8APz6ZyYTfO75U6ocQMXz-OPLeGCIcQ9IxmDqA5PcJwDg2NhFHtzeUzuneJUtLdkIWH_0DmU_I4oPnEEf3VkLZr9xQYZZKFRv0gwKyP4bsjJFkp0gHC5D5KVj6KST_nSw_WkccHW2aUEHy85ddvy0azbZYErYvljxPNJfaXqO-VG_xJvWpTYXnTC2SwRjUWMjKT1rIAgtZYiHi5xXPbnnMoW4jaHPWtD3qeVz4drtVs23aZk1krNQ-RJoMwcIhmN5HovfRlUPo7CeY3QKGWzApQY8XyAVBbghySpBLgjwlyHvFMQ9NzRS3eWgy35nV2qy6xUilnUN6rNKOiAmoHkLz4kgmN80BWHplNAgMH6kyUT8tRtTnxWFyQZ4ubbW--itAV5xXGrbHHDfgLRFQp9ZkLUHbgrkt23OdGqtzGFlAmoWpGQM5IW_8eAeJnJAnHnsSPj2FCU_BpAWavQSaF6C7BQbxvTTTXWl2qblZZSoCVwWSdBHpnnUYXpAXp6v9ePs-BDt7a_HXMn4D0wUSXeAT-TNBJ7w1uq5ycnRd5YZ8t5mkMpIDWq79RkpTceWb98VerjRfu2aGX7_NSqJs724Lk67TmMu4Y8idFcm50KtKM0F-WDM7wt_KzO5KpuMsWd96Z3UtSrQwRqp4DConxPpbg8kJefbLF6ZP2vvzIaQeQ2cFouyMzAIs2YdJ5tqNItDhnPcTC3lWjHTNn_8MJUEo5pj6Bcx_sD_vR5qWt6ksDs0tdLQFmh4gjgr0dIFeWICGQ5jsyihN9Nmbf7jTgB9aIz_U1pEf6vDzS4uNPK8Erqgx2241G47bCoTjepwF9ZbX5g1qu65Aaia736tf_g0AAP__IlD3q7AEAAA=","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:11.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzubkD8QfKAjCHDwomEn3dM8vV1DjGgnGJOxGchAP1VXVk3K6u3qruqcncwoGZI_jTQ9C55tkg-6yqHdRJl4kKuwIQg6by_oXKOxZejIw-qDfe19_VfC979Vnh9kFcZHR860P1ECGIV2uV-3KKzsy5io3lY3timNX7auVHRk3vKuVfpl073XH9ar2q5X3BOuq5Zrt2LZjO5VVqUWg-stTFjK523aqbbvq1apO3UNf_x-bzIKhFnjvgjwDySdPPQw-gmRjxNG314Tppip57d0oC2mqNHr85MO4G6s8RjRvA20hiE9mp6HMhJAvFqDik9kEUL2jcgL4ckIWnn8APz6ZyYTfO75U6ocQMXz-OPLeGCIcQ9IxmDqA5PcJwDg2NhFHtzeUzuneJUtLdkIWH_0DmU_I4oPnEEf3VkLZr9xQYZZKFRv0gwKyP4bsjJFkp0gHC5D5KVj6KST_nSw_WkccHW2aUEHy85ddvy0azbZYErYvljxPNJfaXqO-VG_xJvWpTYXnTC2SwRjUWMjKT1rIAgtZYiHi5xXPbnnMoW4jaHPWtD3qeVz4drtVs23aZk1krNQ-RJoMwcIhmN5HovfRlUPo7CeY3QKGWzApQY8XyAVBbghySpBLgjwlyHvFMQ9NzRS3eWgy35nV2qy6xUilnUN6rNKOiAmoHkLz4kgmN80BWHplNAgMH6kyUT8tRtTnxWFyQZ4ubbW--itAV5xXGrbHHDfgLRFQp9ZkLUHbgrkt23OdGqtzGFlAmoWpGQM5IW_8eAeJnJAnHnsSPj2FCU_BpAWavQSaF6C7BQbxvTTTXWl2qblZZSoCVwWSdBHpnnUYXpAXp6v9ePs-BDt7a_HXMn4D0wUSXeAT-TNBJ7w1uq5ycnRd5YZ8t5mkMpIDWq79RkpTceWb98VerjRfu2aGX7_NSqJs724Lk67TmMu4Y8idFcm50KtKM0F-WDM7wt_KzO5KpuMsWd96Z3UtSrQwRqp4DConxPpbg8kJefbLF6ZP2vvzIaQeQ2cFouyMzAIs2YdJ5tqNItDhnPcTC3lWjHTNn_8MJUEo5pj6Bcx_sD_vR5qWt6ksDs0tdLQFmh4gjgr0dIFeWICGQ5jsyihN9Nmbf7jTgB9aIz_U1pEf6vDzS4uNPK8Erqgx2241G47bCoTjepwF9ZbX5g1qu65Aaia736tf_g0AAP__IlD3q7AEAAA= HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27124838=1; slec604c13fd8efa127c8ea9ec3804312c5d=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:11 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+6ea5fd35a359176a5d40b0ca04965ff4=6116561; expires=Sun, 31 Aug 2025 03:28:11 GMT; path=/; secure; SameSite=None\niprc_l:6116561=3; expires=Sun, 31 Aug 2025 03:28:11 GMT; path=/; secure; SameSite=None\niprc_a+4e822b0e2a7e202e9170b5089d1dc52a=127602; expires=Mon, 01 Sep 2025 03:28:11 GMT; path=/; secure; SameSite=None\niprc_a:127602=1; expires=Mon, 01 Sep 2025 03:28:11 GMT; path=/; secure; SameSite=None\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2f5116b94c2ce04d1a1d8b571e2e00eb\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"F5:9E:5D:EB:46:9B:ED:9F:D2:D7:E8:D1:06:43:DF:9D:0C:13:7E:75","sha256":"AA:C4:C0:AF:38:AE:91:75:3F:86:CE:32:70:A9:8F:C4:2F:7F:D2:28:D1:34:AD:0A:C8:E2:6C:6E:4D:46:72:23"}}},"request":{"raw":"GET /ea/droidarabickufi/v6/DroidKufi-Regular.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 31248\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 29 Aug 2025 08:02:39 GMT\r\nexpires: Sat, 29 Aug 2026 08:02:39 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 13 Aug 2014 16:50:04 GMT\r\ncontent-type: font/woff2\r\nvary: Accept-Encoding\r\nage: 69928\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":31248,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 31248, version 1.0","md5":"436938da6ed799ca17110e719e4d2e51","sha1":"b7ef31b6085a9f0963dffe7939abca527724d389","sha256":"a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2","sha512":"7e4d6769197b05994e2ee2d8570e66d235a5322e8250179f97e501dc6bcd7c0d5f9f07e270670977812e9d72d652b736ef5c81c587d180ead66cd83aa4a10f99","ssdeep":"768:FJtbpWa4AHdCpfyRcVsjmk4h348ZOtsQivESLbxl:L6nAHdC86Vs6k4hVZvhl","tlshash":"b6e2e1539eb17dca103a71f14ed1be97c5c148729229a9741ca7b4f820ce49b72fb287","first_seen":"2023-04-11T00:32:28Z","last_seen":"2026-04-04T16:48:19.615587Z","times_seen":1388,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":151,"dns":3,"connect":8,"send":0,"wait":8,"receive":9,"ssl":153},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/58/a8/a6/58a8a6d8dc52f29dec9927aeb7a1f585/1753452990.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 10 Jul 2025 02:33:11 GMT","end":"Wed, 08 Oct 2025 02:33:10 GMT"},"fingerprint":{"sha1":"06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9","sha256":"CF:05:58:46:C3:07:3F:B6:A6:8D:42:F2:3B:3D:91:36:93:10:CB:D5:89:47:A3:62:26:D2:F3:BA:AC:51:0E:B7"}}},"request":{"raw":"GET /cti/58/a8/a6/58a8a6d8dc52f29dec9927aeb7a1f585/1753452990.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:09 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 35961\r\nserver: nginx/1.21.6\r\nlast-modified: Fri, 25 Jul 2025 14:16:30 GMT\r\netag: \"688391be-8c79\"\r\nexpires: Mon, 01 Sep 2025 03:28:09 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35961,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:07:25 09:01:27], progressive, precision 8, 320x240, components 3","md5":"4068a03843d3afb2fd3113c4bf40b522","sha1":"263064dd192dffc8e6f900b089545e0c1f0544cc","sha256":"2ea6de8389b086220da36068ba59e322641db82fe29322a57e6b325c5cc16d6e","sha512":"93f299d41c6b41377b40846a21e2786f8c7b1f5511617c8afb7083670e21d68f36cdc54bf00eacfba7e62fbb6fc4e1e1291008c0e4a695532089421d9741a81f","ssdeep":"768:6LNWiBLN1+9YyIMJiz6f4UhjbzI3kiI9OWO:Q+9dgzG4UeIFO","tlshash":"d6f2cf282fd58e23f8f6237569a1e3e2b3615b48e3536b123ccc74593f39681985d706","first_seen":"2025-07-25T15:42:34.631998Z","last_seen":"2025-08-31T17:26:19.589673Z","times_seen":162,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/ed/28/33/ed2833b89553ef402a38a96074051ae1/1753977054.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 10 Jul 2025 02:33:11 GMT","end":"Wed, 08 Oct 2025 02:33:10 GMT"},"fingerprint":{"sha1":"06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9","sha256":"CF:05:58:46:C3:07:3F:B6:A6:8D:42:F2:3B:3D:91:36:93:10:CB:D5:89:47:A3:62:26:D2:F3:BA:AC:51:0E:B7"}}},"request":{"raw":"GET /cti/ed/28/33/ed2833b89553ef402a38a96074051ae1/1753977054.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 57523\r\nserver: nginx/1.21.6\r\nlast-modified: Thu, 31 Jul 2025 15:50:55 GMT\r\netag: \"688b90df-e0b3\"\r\nexpires: Mon, 01 Sep 2025 03:28:08 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57523,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:07:30 12:29:24], progressive, precision 8, 320x240, components 3","md5":"0b3e14cdd0808aaf62da48339194fa9a","sha1":"f887a986cca9ba9b9b349daba4c119b6963487a7","sha256":"293deba8e0f12aea52f43e39b10aca741d55dcaef9102b5387a69457ea05afae","sha512":"c817f1d9348a676ac844ba6daa4421f2555273e2acdf7b1ee6c96b3714ce658ac2598839b1199bf44c0a56bb7cea1b19eb998ea44b605d8ba1863cfc9b2f83a6","ssdeep":"768:b+aiF+SlYy94uJEgKxeqPuDvS4RB95Ld1aXHbm/EZRnsi6BmZ:CmSlRzg9Mybm/eRnYBa","tlshash":"8c43e1a6ef029de2f8e0523cd492c3bb1525cc14b663b6417cce6c97b7f7290ca1a245","first_seen":"2025-07-31T18:26:59.747186Z","last_seen":"2025-09-02T13:07:47.708803Z","times_seen":199,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":98,"dns":50,"connect":19,"send":0,"wait":52,"receive":17,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/7e/c0/ce/7ec0cee9c9eddc0313c7224f4bb9c235dcceed35221c66d90032359ec2e4b6ab.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 10 Jul 2025 02:33:11 GMT","end":"Wed, 08 Oct 2025 02:33:10 GMT"},"fingerprint":{"sha1":"06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9","sha256":"CF:05:58:46:C3:07:3F:B6:A6:8D:42:F2:3B:3D:91:36:93:10:CB:D5:89:47:A3:62:26:D2:F3:BA:AC:51:0E:B7"}}},"request":{"raw":"GET /si/7e/c0/ce/7ec0cee9c9eddc0313c7224f4bb9c235dcceed35221c66d90032359ec2e4b6ab.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 6423\r\nserver: nginx/1.21.6\r\nlast-modified: Fri, 15 Aug 2025 01:09:57 GMT\r\netag: \"689e88e5-1917\"\r\nexpires: Mon, 01 Sep 2025 03:28:10 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6423,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3","md5":"d8f143c53ef89fe568fb4f86eaaadd76","sha1":"57435a41ae46252e83eaa425e86c8d004fc82287","sha256":"2939c9713939fc59e054d5101edbb46015515ea52bd362372aeb6475d0a67a26","sha512":"1344497a4e548bea8882be8acbb9384fa7dcc15e31194cc670622945ba95d60825d069dffb2d3cd3a659c21df65909b3780e377c55202560be35db2aec41b680","ssdeep":"96:IElbw+iukgvhR4EpfmZe4iM/B+bNpqt9TJu5FY67pz97OPhk7fIOA+e1vRvzo:9wtwRfunBKMt9eY2pz9qa6RZvE","tlshash":"73d18e4a94192ba1ee9a49f8e8d73f03d22876716e66b63420830cfdbb12dfc4144741","first_seen":"2025-08-15T07:53:25.315072Z","last_seen":"2025-12-22T04:22:03.419479Z","times_seen":1333,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbs?c=1","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:11.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27062639=1; slec79fd7dc2b6944b4ad7d53e4c0c4c5e79=[6116560]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:11 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":658,"timings":{"blocked":280,"dns":1,"connect":92,"send":0,"wait":95,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/uploads/thumbs/cc84eaa48-1.jpg","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /uploads/thumbs/cc84eaa48-1.jpg HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: image/jpeg\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=31536000\r\nexpires: Fri, 28 Aug 2026 14:40:34 GMT\r\nlast-modified: Mon, 18 Aug 2025 20:59:59 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nvkwlk9East3buJb5oOmbrcoH975kwGiftbTGlOO2UBMqiJkWLYXOu4qvhGvMdplVzP3WtwCaGxDynQ7GPgcEW3fEBnoBwPwcOgSaQbMKA%3D%3D\"}]}\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b3b06569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76936,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality\", baseline, precision 8, 640x480, components 3","md5":"1db49a133ee9d0ffe06bea42bc438390","sha1":"46e5da57dc4ef0e2641b3eac16db6abe3f859967","sha256":"d6ebbb52e99cd641319e634880345963f638a0d38358ca92b0207d0f13c282e0","sha512":"f414553710169e7acdcdd8b46303a886761c730d711130da2b629f96c7ce5c20192eba484b52e70cc59e638dd54741b0e92291b89a796de62a1a14f9ff0212fb","ssdeep":"1536:xBdOMt8T/KcnW3Qc7ZMJEFLk/TqLwEsKghUayAZYsMQCCvHhgC9trvE9Q8pm:5OM+TSc4LMJEFLk/cbCh9HxMtCvHOur5","tlshash":"7373f10355524080837e61e98a9b77df3e287fa9e6069dcbaae913067a748bf1c0d0c0","first_seen":"2025-08-30T03:28:36.809872Z","last_seen":"2025-08-30T03:28:36.809872Z","times_seen":1,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRSu3uwpKmIIHjzNwYOCO9s93fOjjRCMMSEYk5BEAppL_erdcru7OlXd05vxEl2QHAfxoJ56v9lkYxKCehfDrAclINgeZA9ZEP8CERcPHqQ3A6MP-r339VcF3_vqfbxZ7BEfBd298LYeqTimy92223rpikqFLm3r3OWW57bdY60rKu0Fx1rrTTLDVz0_aLsvt05LvqaXO67nup7rtU4pIyO9vnzAQmX3Q68duu2g0_a6AdbN_7EtHFjqQAz3yBEoUT_7e_QeFJ8iTb46Ke1arrNX3kyKmObaYCi230nXUl2mSOZtZBxE6fbsNLStCflsATrdnk0APdxqJgBTNVl4_jFYuj2TCTa89UQpiyFTMPEUyuEUMp5C0Sm43oASPxOAC5w7jzS5fU6bkl5_wtKGrcni_p9QZU0WHx9Fmjw4Eav11iUdF7nSqcV6VEGtT6FWpsiKHeSjBahyBzz_CEr8RJb3zyJNts7bWEOJ3Rd9FspeP5RL0mVyKQhkfykMet2l7kD0KaMulYF3YJGKpqDWQdF8ykEROSgyB4nYbQXuIOAe9XtRKHjfDWgQCMnccNBxXRryPgreaB8jz8bg8Rjc3EBmPrwj_L70GQ82GdbUGKZ4CLtawQoHNicYigqlJCgtQUkJSkVQ5gTlsLolYtux1W0R24J5s9qZVb-a6Hxlk97S-YpMCagZw4hqS2XX7AZ4fmgyiqyY6CZRllcTykS1me2R5xqHneEnfazJ3Rbtib7fZ5xxOaCRx4TkkS990Y16fED7A1hVQdmFA19GqiavfXcPmarJ04efAaM7sPEOuHJACw-0rEBXK4zSB3lh1pRdpfZam-sEQlfI8kXk153NeI-8cPDK7945DskfHc9Hv51-cPQDcFMhMxXeV98TrMQ3Jxd1SbYu6tKSr89nuUrUiDYbcCmnuTx09y15vdRGnDlpx1--zhuiae9fljY_S1Oh0hVL7p1QQkhzShsuybdn7BXJLhR29URh0iI7e-GNU2eSzEhrlU6noKomhx_eBVc1OfLrxsF2-6f_hjJTmKJCUjwiswDPbsBmc2w1gYnnmGUOyqKamA6b_4wVQSznmLIK9j-YzfuJoc1tqqpNexMrZhE030CaVBiaCsO4Ao3HsMXhSZ6ZR8d__LyJL8DixQmLzeIWi0386YHFNbn61z81ufrLHzW5ur8Aq3Zb3Q7ze4NBT0Y9EfnC7_gi7LoyDGjYC8Kgi9zWq9_oH_4NAAD__4z_-VfKBAAA","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRSu3uwpKmIIHjzNwYOCO9s93fOjjRCMMSEYk5BEAppL_erdcru7OlXd05vxEl2QHAfxoJ56v9lkYxKCehfDrAclINgeZA9ZEP8CERcPHqQ3A6MP-r339VcF3_vqfbxZ7BEfBd298LYeqTimy92223rpikqFLm3r3OWW57bdY60rKu0Fx1rrTTLDVz0_aLsvt05LvqaXO67nup7rtU4pIyO9vnzAQmX3Q68duu2g0_a6AdbN_7EtHFjqQAz3yBEoUT_7e_QeFJ8iTb46Ke1arrNX3kyKmObaYCi230nXUl2mSOZtZBxE6fbsNLStCflsATrdnk0APdxqJgBTNVl4_jFYuj2TCTa89UQpiyFTMPEUyuEUMp5C0Sm43oASPxOAC5w7jzS5fU6bkl5_wtKGrcni_p9QZU0WHx9Fmjw4Eav11iUdF7nSqcV6VEGtT6FWpsiKHeSjBahyBzz_CEr8RJb3zyJNts7bWEOJ3Rd9FspeP5RL0mVyKQhkfykMet2l7kD0KaMulYF3YJGKpqDWQdF8ykEROSgyB4nYbQXuIOAe9XtRKHjfDWgQCMnccNBxXRryPgreaB8jz8bg8Rjc3EBmPrwj_L70GQ82GdbUGKZ4CLtawQoHNicYigqlJCgtQUkJSkVQ5gTlsLolYtux1W0R24J5s9qZVb-a6Hxlk97S-YpMCagZw4hqS2XX7AZ4fmgyiqyY6CZRllcTykS1me2R5xqHneEnfazJ3Rbtib7fZ5xxOaCRx4TkkS990Y16fED7A1hVQdmFA19GqiavfXcPmarJ04efAaM7sPEOuHJACw-0rEBXK4zSB3lh1pRdpfZam-sEQlfI8kXk153NeI-8cPDK7945DskfHc9Hv51-cPQDcFMhMxXeV98TrMQ3Jxd1SbYu6tKSr89nuUrUiDYbcCmnuTx09y15vdRGnDlpx1--zhuiae9fljY_S1Oh0hVL7p1QQkhzShsuybdn7BXJLhR29URh0iI7e-GNU2eSzEhrlU6noKomhx_eBVc1OfLrxsF2-6f_hjJTmKJCUjwiswDPbsBmc2w1gYnnmGUOyqKamA6b_4wVQSznmLIK9j-YzfuJoc1tqqpNexMrZhE030CaVBiaCsO4Ao3HsMXhSZ6ZR8d__LyJL8DixQmLzeIWi0386YHFNbn61z81ufrLHzW5ur8Aq3Zb3Q7ze4NBT0Y9EfnC7_gi7LoyDGjYC8Kgi9zWq9_oH_4NAAD__4z_-VfKBAAA HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl24547895=1; nleca6d737bcbce8af1bdecf3e3d5f6c8a78=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8ae863999480c47c82c718237469340e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/ren.gif?sid=H4sIAAAAAAAC_1RSTYgcVRd9PV_zLaIi_uDCVS9cKGR6qrqqf8oIwRgjwZiEJBLQbN5fzTy7ql7lvaquToMQDUiWjbjQrKpPTzLRhKDuRelxoQQEy9UsMhs3bkXMyoXUpKHjhbr3njrvwbnn3U9m-T7xkNO9s-_oiYoiutFtO62XL6pE6MK2Tl9ouU7bOdK6qJKef6Q1rpMZvep6ftt5pfWW5EO90XFcx3Edt3VCGRnq8cYBC5XeDdx24LT9Ttvt-hib_2KbN2BpA2K0T56FEtXTv4fvQ_EFkvjr49IOM50efjPOI5ppg5HYeTcZJrpIEK_a0DQQJjvL09C2IuTzNehkZzkB9Gi7ngBMVWTthQdgyc5SJtjo5iOlLIJMwMQTKEYLyGgBRRfg-hqU-JUAXOD0GSTxrdPaFPTKI5bWbEWaD_-CKirSfPA8kvjesUiNW-d1lGdKJxbjsIQaL6A2F0jzXWSTNahiFzz7GEr8QjYenkISb5-xkYYSey95LJC9fiDXpcPkuu_L_nrg97rr3YHoU0YdKn33wCIVLkBtA3n9qQbysIE8bSAWey3fGfjcpV4vDATvOz71fSGZEww6jkMD3kfOa-1TZOkUPJqCm6tIzUe3hdeXHuP-jGGopjD5D7BbJaxowGYEI1GikASFJSgoQaEIioygGJU3RWQ7trwlIpszd1k7y-qVc51tzuhNnW3KhICaKYwot1V62V4Dz_43n4RWzHWdKMvKOWWinKX75Jna4cbo0z6Gcq9Fe6Lv9RlnXA5o6DIheehJT3TDHh_Q_gBWlVB27cCXiarIa9_fQaoq8uShp8DoLmy0C64aoLkLWpSgWyUmyb0sN0Nlt6i93OY6htAl0qyJ7EpjFu2TFw9e-dLDNUh-nywD3JRITYkP1I8Em9H1-TldkO1zurDkmzNppmI1ofUGnM9oJv__1dvySqGNOHncTr98nddE3d69IG12iiZCJZuW3DmmhJDmhDZcku9O2ouSnc3t1rHcJHl66uwbJ07GqZHWKp0sQFVFDu0fBlcVee7D-cF2-zf-gDILmLxEnD-mNb0Km66w1QQmWmGWNlHk5dx02OpnpAgiucKUlbCPYbbq54bWt6kqZ_Y6Nk0TNLuGJC4xMiVGUQkaTWHzQ_MsNfeP_vxFHTfAouacRaa5zSITfVaR924frcilv_-pyKXf_nzkuFV7rW6Heb3BoCfDngg94XU8EXQdGfg06PmB30Vmq61v9U__BgAA___qeCmGygQAAA==","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSTYgcVRd9PV_zLaIi_uDCVS9cKGR6qrqqf8oIwRgjwZiEJBLQbN5fzTy7ql7lvaquToMQDUiWjbjQrKpPTzLRhKDuRelxoQQEy9UsMhs3bkXMyoXUpKHjhbr3njrvwbnn3U9m-T7xkNO9s-_oiYoiutFtO62XL6pE6MK2Tl9ouU7bOdK6qJKef6Q1rpMZvep6ftt5pfWW5EO90XFcx3Edt3VCGRnq8cYBC5XeDdx24LT9Ttvt-hib_2KbN2BpA2K0T56FEtXTv4fvQ_EFkvjr49IOM50efjPOI5ppg5HYeTcZJrpIEK_a0DQQJjvL09C2IuTzNehkZzkB9Gi7ngBMVWTthQdgyc5SJtjo5iOlLIJMwMQTKEYLyGgBRRfg-hqU-JUAXOD0GSTxrdPaFPTKI5bWbEWaD_-CKirSfPA8kvjesUiNW-d1lGdKJxbjsIQaL6A2F0jzXWSTNahiFzz7GEr8QjYenkISb5-xkYYSey95LJC9fiDXpcPkuu_L_nrg97rr3YHoU0YdKn33wCIVLkBtA3n9qQbysIE8bSAWey3fGfjcpV4vDATvOz71fSGZEww6jkMD3kfOa-1TZOkUPJqCm6tIzUe3hdeXHuP-jGGopjD5D7BbJaxowGYEI1GikASFJSgoQaEIioygGJU3RWQ7trwlIpszd1k7y-qVc51tzuhNnW3KhICaKYwot1V62V4Dz_43n4RWzHWdKMvKOWWinKX75Jna4cbo0z6Gcq9Fe6Lv9RlnXA5o6DIheehJT3TDHh_Q_gBWlVB27cCXiarIa9_fQaoq8uShp8DoLmy0C64aoLkLWpSgWyUmyb0sN0Nlt6i93OY6htAl0qyJ7EpjFu2TFw9e-dLDNUh-nywD3JRITYkP1I8Em9H1-TldkO1zurDkmzNppmI1ofUGnM9oJv__1dvySqGNOHncTr98nddE3d69IG12iiZCJZuW3DmmhJDmhDZcku9O2ouSnc3t1rHcJHl66uwbJ07GqZHWKp0sQFVFDu0fBlcVee7D-cF2-zf-gDILmLxEnD-mNb0Km66w1QQmWmGWNlHk5dx02OpnpAgiucKUlbCPYbbq54bWt6kqZ_Y6Nk0TNLuGJC4xMiVGUQkaTWHzQ_MsNfeP_vxFHTfAouacRaa5zSITfVaR924frcilv_-pyKXf_nzkuFV7rW6Heb3BoCfDngg94XU8EXQdGfg06PmB30Vmq61v9U__BgAA___qeCmGygQAAA== HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl24547895=1; nleca6d737bcbce8af1bdecf3e3d5f6c8a78=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:09 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: aea52a3c86829df3c9d610400c9b504f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":654,"timings":{"blocked":273,"dns":1,"connect":94,"send":0,"wait":95,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/chat/mob/ssp/1/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 5982\r\nlast-modified: Sat, 07 May 2022 04:02:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6275ef48-175e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 7933\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dUjz34nGJn42qReDRAdxeRPhjoX0S02w%2FODimt1U0lFIA4%2BMFDaBTSS5%2BbtSE3ICLB76ohvhc0e81vlLmdUxIC9oBfTg7pexsvOoSdTm\"}]}\r\nvary: accept-encoding\r\ncf-ray: 97713251de7d712a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced","md5":"c489ce2c491a22ee37a55e26a92dfd73","sha1":"2fa588ab09e94dd902e5bd24b48f98ad1949c9d6","sha256":"1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd","sha512":"fe6a53296238283eac984b1912bfe7fbbdf5f0692f59f86e7e1ca989555a81be786ff29b9f8644443b2ace8137d412b6d9a92b0edf7f595ddf36058702a2d0d0","ssdeep":"96:FSDZ/I09Da01l+gmkyTt6Hk8nTbo5GZNKEBX97O+co2RF9JNssCgSSiiFr4uolec:FSDS0tKg9E05TAYwEBPwF9JNsTgSSL3C","tlshash":"80c1afeff8a058cf4566b7021c8e4080fbaa713d835536b4d4a092dc958be4a0fd7475","first_seen":"2023-04-05T23:50:36Z","last_seen":"2026-04-03T18:56:21.987759Z","times_seen":4059,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/75/ca/61/75ca61b3fa181ea3c1183a26eebc566a/1753976812.gif","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 10 Jul 2025 02:33:11 GMT","end":"Wed, 08 Oct 2025 02:33:10 GMT"},"fingerprint":{"sha1":"06:D8:07:0F:AB:BF:D8:7F:C5:38:82:AC:A7:8A:20:4D:83:6C:EA:C9","sha256":"CF:05:58:46:C3:07:3F:B6:A6:8D:42:F2:3B:3D:91:36:93:10:CB:D5:89:47:A3:62:26:D2:F3:BA:AC:51:0E:B7"}}},"request":{"raw":"GET /cti/75/ca/61/75ca61b3fa181ea3c1183a26eebc566a/1753976812.gif HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:08 GMT\r\ncontent-type: image/gif\r\ncontent-length: 31884\r\nserver: nginx/1.21.6\r\nlast-modified: Thu, 31 Jul 2025 15:46:52 GMT\r\netag: \"688b8fec-7c8c\"\r\nexpires: Mon, 01 Sep 2025 03:28:08 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31884,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 320 x 240","md5":"e7634551e0ae785d259e3c91bdf62d55","sha1":"67309fb40124be7538b40dd2a5ff26bdc9570f7b","sha256":"26860cf1f5432c24da12b465d342bed1a8f0296d11cf84218d4c919d39e0f5a8","sha512":"b574679b25f45df7d29ad5651f0d56c3b003fc305c7e1a7a72aaface8bacb0a82beb17a0500cb5ff729a66714ce7cc497bb907a3eaea0ddeeaa132c43caa6785","ssdeep":"768:ZNZTXI1NJ7JmMqP3M6t+A0aNII4KYntaZL+D5jE1:ZXXSNJ7UVP37tPJRqnt75Q1","tlshash":"33e2f11fc3aa620f524190e4316bfd9c6ec6160519db8cb7d789be3e6a0762c1acd274","first_seen":"2025-08-01T00:50:00.727641Z","last_seen":"2025-09-02T18:27:26.502202Z","times_seen":171,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":97,"dns":49,"connect":19,"send":0,"wait":19,"receive":24,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js\u0026l=382\u0026fd=528","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:11.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js\u0026l=382\u0026fd=528 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27124838=1; slec604c13fd8efa127c8ea9ec3804312c5d=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:11 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzubkD8QfKAjCHDwomEn3dM-PdgV1XVcW1yTsRnIQD9VV1ZNyurt6q7qnJ3MKBmSP403BQ-ebZIPusqh3USZeJCo6gpDD5qB_gQp7lp4MjD7o997XXxV873v10X5-Rlzk9HTjHTWUUURXm3W79sKWTLgqTG1ts-bYdftibUsmLe9ibVAl3X_Zcb26_WLtLcF6arVhO7bt2E7titQiVIPVGQuZ3vWdum_XvUbdaXoY6P9jk1sw1ALvn5EnIPn0sT_D9yDZBEn85WVheplKX3ozziOaKY0-P3o36SWqSBAv2lBbCJOj-WkoMyXkkyWo5Gg-AVT_oJoAgZySpafvI0iO5jIR9A_PlQYRRIKAP4yiP4GIJpB0Aqb2IPmvBGAca-tI4ttrShd055ylFTslyw_-gSymZPn-U0jie5ciOajdUFGeSZUYDMIScjCB7E6Q5sfIhkuQxTFY9iEk_5msPriGJD5YN5GC5KfPu4EvWm1frAg7ECueJ9orvtdqrjQ7vE0DalPhOTOLZDgBNRby6pMW8tBCnlqI-WnNszsec6jbCn3O2rZHPY-LwPY7DdumPmsjZ5X2EbJ0BBaNwPQuUr2LnhxB59_BbJcw3ILJCPq8RCEICkNQUIJCEhQZQdEvD3lkGqa8zSOTB868NubVLccq6-7TQ5V1RUJA9QialwcyvWn2wLIL42Fo-FhViQZZOaYBL_fTM_J4Zav12V8KPXFaa_shb3PWCFq-5wUe5W3edIXHbOaxpmj7MLKENEszM4ZySl759g5SOSWPPPQoAnoMEx2DSQs0fw60KEG3SwyTe1mue9JsU3OzzlQMrkqk2TKyHWs_OiPPzlb7_uYvEOzkteUfq_gJTJdIdYkP5PcE3ejW-LoqyMF1VRjy1XqayVgOabX2GxnNxIUv3hY7hdL86mUz-vx1VhFVe3dTmOwaTbhMuobcuSQ5F_qK0kyQb66aLRFs5Gb7Uq6TPL228caVq3GqhTFSJRNQOSXW3xpMTsmTnz4ze9Le739A6gl0XiLOT8g8wNJdmHSh3SgCHS34ILVQ5OVYN4LFz0gSRGKBaVDC_AcHi36saXWbynLf3EJXW6DZHpK4RF-X6EclaDSCyS-Ms1SfvPqbOwsEkTUOIm0dBJGOPj632MjTWuiKBrPtTrvluJ1QOK7HWdjseD5vUdt1BTIz3f5a_fBvAAAA__8zi8PSsAQAAA==","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:11.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:34:59 GMT","end":"Tue, 25 Nov 2025 21:34:58 GMT"},"fingerprint":{"sha1":"E4:24:47:01:B7:F3:A1:0B:CF:EA:36:36:30:C1:21:5D:9E:A1:7B:BE","sha256":"EE:DD:A9:31:87:F8:15:E5:A4:69:BA:E8:17:29:F1:0D:59:DC:1E:48:E2:EB:2F:1D:FE:D6:5C:C0:5F:03:5B:01"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzubkD8QfKAjCHDwomEn3dM-PdgV1XVcW1yTsRnIQD9VV1ZNyurt6q7qnJ3MKBmSP403BQ-ebZIPusqh3USZeJCo6gpDD5qB_gQp7lp4MjD7o997XXxV873v10X5-Rlzk9HTjHTWUUURXm3W79sKWTLgqTG1ts-bYdftibUsmLe9ibVAl3X_Zcb26_WLtLcF6arVhO7bt2E7titQiVIPVGQuZ3vWdum_XvUbdaXoY6P9jk1sw1ALvn5EnIPn0sT_D9yDZBEn85WVheplKX3ozziOaKY0-P3o36SWqSBAv2lBbCJOj-WkoMyXkkyWo5Gg-AVT_oJoAgZySpafvI0iO5jIR9A_PlQYRRIKAP4yiP4GIJpB0Aqb2IPmvBGAca-tI4ttrShd055ylFTslyw_-gSymZPn-U0jie5ciOajdUFGeSZUYDMIScjCB7E6Q5sfIhkuQxTFY9iEk_5msPriGJD5YN5GC5KfPu4EvWm1frAg7ECueJ9orvtdqrjQ7vE0DalPhOTOLZDgBNRby6pMW8tBCnlqI-WnNszsec6jbCn3O2rZHPY-LwPY7DdumPmsjZ5X2EbJ0BBaNwPQuUr2LnhxB59_BbJcw3ILJCPq8RCEICkNQUIJCEhQZQdEvD3lkGqa8zSOTB868NubVLccq6-7TQ5V1RUJA9QialwcyvWn2wLIL42Fo-FhViQZZOaYBL_fTM_J4Zav12V8KPXFaa_shb3PWCFq-5wUe5W3edIXHbOaxpmj7MLKENEszM4ZySl759g5SOSWPPPQoAnoMEx2DSQs0fw60KEG3SwyTe1mue9JsU3OzzlQMrkqk2TKyHWs_OiPPzlb7_uYvEOzkteUfq_gJTJdIdYkP5PcE3ejW-LoqyMF1VRjy1XqayVgOabX2GxnNxIUv3hY7hdL86mUz-vx1VhFVe3dTmOwaTbhMuobcuSQ5F_qK0kyQb66aLRFs5Gb7Uq6TPL228caVq3GqhTFSJRNQOSXW3xpMTsmTnz4ze9Le739A6gl0XiLOT8g8wNJdmHSh3SgCHS34ILVQ5OVYN4LFz0gSRGKBaVDC_AcHi36saXWbynLf3EJXW6DZHpK4RF-X6EclaDSCyS-Ms1SfvPqbOwsEkTUOIm0dBJGOPj632MjTWuiKBrPtTrvluJ1QOK7HWdjseD5vUdt1BTIz3f5a_fBvAAAA__8zi8PSsAQAAA== HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27062639=1; slec79fd7dc2b6944b4ad7d53e4c0c4c5e79=[6116560]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:11 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nVary: Origin\r\nAccess-Control-Allow-Credentials: true\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: iprc_l+a009a50fa3099e2a3bc700ec59521d70=6116560; expires=Sun, 31 Aug 2025 03:28:11 GMT; path=/; secure; SameSite=None\niprc_l:6116560=3; expires=Sun, 31 Aug 2025 03:28:11 GMT; path=/; secure; SameSite=None\niprc_a+4e822b0e2a7e202e9170b5089d1dc52a=127602; expires=Mon, 01 Sep 2025 03:28:11 GMT; path=/; secure; SameSite=None\niprc_a:127602=1; expires=Mon, 01 Sep 2025 03:28:11 GMT; path=/; secure; SameSite=None\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8a66d7b2066c940adfbaa9039cc51570\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:11.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"F5:9E:5D:EB:46:9B:ED:9F:D2:D7:E8:D1:06:43:DF:9D:0C:13:7E:75","sha256":"AA:C4:C0:AF:38:AE:91:75:3F:86:CE:32:70:A9:8F:C4:2F:7F:D2:28:D1:34:AD:0A:C8:E2:6C:6E:4D:46:72:23"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 29 Aug 2025 11:06:50 GMT\r\nexpires: Sat, 29 Aug 2026 11:06:50 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nage: 58881\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T22:44:53.301995Z","times_seen":715385,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/js/jquery.typewatch.js","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /js/jquery.typewatch.js HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: text/javascript\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: same-origin\r\ncontent-encoding: gzip\r\nlast-modified: Mon, 18 Aug 2025 13:20:48 GMT\r\nvary: Accept-Encoding,User-Agent\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\ncf-ray: 9771323c6b12569a-OSL\r\nserver: cloudflare\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=96r6Cy9Tk4LANM%2BT4UNmoIvlVxU%2BTlw%2FMGvOp5biC8AGocABN8MbGK8q9KmzCIOH8fXALXEw3Prh9WkWSVAl0mcEF0LBz0MO24ys7CDB9xjZIakliruLUyMRNNNxmD9VpK3Fsw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=1616\u0026min_rtt=0\u0026rtt_var=1644\u0026sent=493\u0026recv=72\u0026lost=2\u0026retrans=2\u0026sent_bytes=589291\u0026recv_bytes=15668\u0026delivery_rate=26381726\u0026ipace=0\u0026icwnd=12000\u0026ss_exit_cwnd=35511\u0026ss_exit_reason=2\u0026cwnd=29606\u0026unsent_bytes=0\u0026cid=e8c4fa3edc163f42\u0026ts=580\u0026inflight_dur=135\u0026x=40\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1745,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1440)","md5":"6915a93382a7b35f40987fd648b43f9d","sha1":"b78c77cc774594df414a7b1fb99c28083d85bb80","sha256":"1836dba8922ca00f9ac170122f314b2cd7bbb2eba09c73d8bce215597bd9cd2b","sha512":"e88f5e62ae04a867b1b5ba979e2b653cab8348167c37cf897856d13558114dca318ac33b2c07d611ad3559014c57e60b847823421a46649a47f5328720eceac4","ssdeep":"","tlshash":"6c313f4cb152a15d87e263f6aa7616ee3a7ae3785a001184316512d0a078a8f63d7bd4","first_seen":"2023-03-07T12:12:06Z","last_seen":"2026-04-04T21:55:16.170701Z","times_seen":388,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hatwhipbesiege.com/ren.gif?sid=H4sIAAAAAAAC_1RSzYsc1Rd9Pb_ht4iK-IELV71woZDpqeqq_igjBGOMBGMSkkhAs3lfNfPsqnqV96q6Og1CNCBZNuJCs6o-PclEE4K6F6XHhRIQLFezyCz0LxAxKxdSnYaOF-ree-q8B-eedz-Z5gfEQ073z76jxyqK6Gan5TRfvqgSoQvbPH2h6Tot50jzokq6_pHmqE5m-Krr-S3nleZbkg_0ZttxHcd13OYJZWSoR5sLFiq9G7itwGn57Zbb8TEy_8U2b8DSBsTwgDwLJaqn_wjfh-JzJPHXx6UdZDo9_GacRzTTBkOx-24ySHSRIF61oWkgTHaXp6FtRcjna9DJ7nIC6OFOPQGYqsjaCw_Akt2lTLDhzUdKWQSZgIknUAznkNEcis7B9TUo8SsBuMDpM0jiW6e1KeiVRyyt2YqsP_wLqqjI-oPnkcT3jkVq1DyvozxTOrEYhSXUaA61NUea7yEbr0EVe-DZx1DiF7L58BSSeOeMjTSU2H_JY4Hs9gK5IR0mN3xf9jYCv9vZ6PRFjzLqUOm7C4tUOAe1DeT1pxrIwwbytIFY7Dd9p-9zl3rdMBC85_jU94VkTtBvOw4NeA85r7VPkKUT8GgCbq4iNR_dFl5Peoz7U4aBmsDkP8Bul7CiAZsRDEWJQhIUlqCgBIUiKDKCYljeFJFt2_KWiGzO3GVtL6tXznS2NaU3dbYlEwJqJjCi3FHpZXsNPPvfbBxaMdN1oiwrZ5SJcpoekGdqhxvDT3sYyP0m7Yqe12OccdmnocuE5KEnPdEJu7xPe31YVULZtYUvY1WR176_g1RV5MlDT4HRPdhoD1w1QHMXtChBt0uMk3tZbgbKblN7ucV1DKFLpNk6siuNaXRAXly88qW__4Hk98kywE2J1JT4QP1IsBVdn53TBdk5pwtLvjmTZipWY1pvwPmMZvL_X70trxTaiJPH7eTL13lN1O3dC9Jmp2giVLJlyZ1jSghpTmjDJfnupL0o2dncbh_LTZKnp86-ceJknBpprdLJHFRV5NDBYXBVkec-nC2227_xO5SZw-Ql4vwxrelV2HSFrSYw0QqzdA1FXs5Mm61-RoogkitMWQn7GGarfmZofZuqcmqvY8usg2bXkMQlhqbEMCpBowlsfmiWpeb-0Z-_qOMGWLQ-Y5FZ32GRiT6ryHu3jy58rsil3_6syKWHa7Bqv9lpM6_b73dl2BWhJ7y2J4KOIwOfBl0_8DvIbLX9rf7p3wAAAP__o3f7-MoEAAA=","fqdn":"hatwhipbesiege.com","domain":"hatwhipbesiege.com","tld":"com"},"ip":{"addr":"192.243.61.225","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"hatwhipbesiege.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 Aug 2025 08:28:48 GMT","end":"Mon, 10 Nov 2025 08:28:47 GMT"},"fingerprint":{"sha1":"94:42:26:94:92:96:91:F0:FF:99:90:A9:3A:2A:8A:18:EF:34:F3:7F","sha256":"3C:C6:5D:4F:04:21:2B:1C:BE:66:16:61:C1:BC:55:AD:9F:D7:AA:B6:3C:6C:03:0F:E5:8A:45:EA:29:E1:81:A9"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSzYsc1Rd9Pb_ht4iK-IELV71woZDpqeqq_igjBGOMBGMSkkhAs3lfNfPsqnqV96q6Og1CNCBZNuJCs6o-PclEE4K6F6XHhRIQLFezyCz0LxAxKxdSnYaOF-ree-q8B-eedz-Z5gfEQ073z76jxyqK6Gan5TRfvqgSoQvbPH2h6Tot50jzokq6_pHmqE5m-Krr-S3nleZbkg_0ZttxHcd13OYJZWSoR5sLFiq9G7itwGn57Zbb8TEy_8U2b8DSBsTwgDwLJaqn_wjfh-JzJPHXx6UdZDo9_GacRzTTBkOx-24ySHSRIF61oWkgTHaXp6FtRcjna9DJ7nIC6OFOPQGYqsjaCw_Akt2lTLDhzUdKWQSZgIknUAznkNEcis7B9TUo8SsBuMDpM0jiW6e1KeiVRyyt2YqsP_wLqqjI-oPnkcT3jkVq1DyvozxTOrEYhSXUaA61NUea7yEbr0EVe-DZx1DiF7L58BSSeOeMjTSU2H_JY4Hs9gK5IR0mN3xf9jYCv9vZ6PRFjzLqUOm7C4tUOAe1DeT1pxrIwwbytIFY7Dd9p-9zl3rdMBC85_jU94VkTtBvOw4NeA85r7VPkKUT8GgCbq4iNR_dFl5Peoz7U4aBmsDkP8Bul7CiAZsRDEWJQhIUlqCgBIUiKDKCYljeFJFt2_KWiGzO3GVtL6tXznS2NaU3dbYlEwJqJjCi3FHpZXsNPPvfbBxaMdN1oiwrZ5SJcpoekGdqhxvDT3sYyP0m7Yqe12OccdmnocuE5KEnPdEJu7xPe31YVULZtYUvY1WR176_g1RV5MlDT4HRPdhoD1w1QHMXtChBt0uMk3tZbgbKblN7ucV1DKFLpNk6siuNaXRAXly88qW__4Hk98kywE2J1JT4QP1IsBVdn53TBdk5pwtLvjmTZipWY1pvwPmMZvL_X70trxTaiJPH7eTL13lN1O3dC9Jmp2giVLJlyZ1jSghpTmjDJfnupL0o2dncbh_LTZKnp86-ceJknBpprdLJHFRV5NDBYXBVkec-nC2227_xO5SZw-Ql4vwxrelV2HSFrSYw0QqzdA1FXs5Mm61-RoogkitMWQn7GGarfmZofZuqcmqvY8usg2bXkMQlhqbEMCpBowlsfmiWpeb-0Z-_qOMGWLQ-Y5FZ32GRiT6ryHu3jy58rsil3_6syKWHa7Bqv9lpM6_b73dl2BWhJ7y2J4KOIwOfBl0_8DvIbLX9rf7p3wAAAP__o3f7-MoEAAA= HTTP/1.1\r\nHost: hatwhipbesiege.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl24547895=1; nleca6d737bcbce8af1bdecf3e3d5f6c8a78=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:08 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Credentials: true\r\nVary: Origin\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nHost: hatwhipbesiege.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 985c6cfd05dde74e139d204b0c0dfbe3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"hatwhipbesiege.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/sbar.json?key=604c13fd8efa127c8ea9ec3804312c5d\u0026uuid=3b9e679e-e0be-44e7-9465-58d7aba0ae41%3A1%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:09.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /sbar.json?key=604c13fd8efa127c8ea9ec3804312c5d\u0026uuid=3b9e679e-e0be-44e7-9465-58d7aba0ae41%3A1%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:09 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4794\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nAccess-Control-Allow-Origin: https://mc.turkishasq.com\r\nAccess-Control-Allow-Credentials: true\r\nVary: Accept-Encoding\r\nSet-Cookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; expires=Sat, 06 Sep 2025 03:28:09 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 31 Aug 2025 03:28:09 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 31 Aug 2025 03:28:09 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Sun, 31 Aug 2025 03:28:09 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Sun, 31 Aug 2025 03:28:09 GMT; path=/; secure; SameSite=None\nu_pl27124838=1; expires=Sun, 31 Aug 2025 03:28:09 GMT; path=/; secure; SameSite=None\nslec604c13fd8efa127c8ea9ec3804312c5d=[6116561]; expires=Sat, 30 Aug 2025 03:28:14 GMT; path=/; secure; SameSite=None\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 31bf557c0343e4aa046bd4407c22177b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6159,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"75afaaf0082fd6ea741c307ba8d76ba3","sha1":"1a8a713be19befb233d8785c525d6691b94000bd","sha256":"68b20e7443a26dd7b5d8cd01bddc1dd2979ebd9bed4ea81f0155ddb78315a813","sha512":"287e4eacf75e7278e165c7bef51dd60504ced965d2a712664233d967703dc7c6ac1e0846769afbbe6c53bca3dc1ee6442201592da8bdd76faf3027bed819248e","ssdeep":"96:9zO0hHfpHxLLWYSYSuf79W91NTEHnzwjRmVFUnjkeIc+f1ZK2kC8yrlo6:9zO8HfpHxLaY7WenzwjQ0jkeINlcyR3","tlshash":"eed17c7f025c72fad2f20b14ac677ffc7ee08487e508595c4a67abda8834490040819d","first_seen":"2025-08-30T03:28:36.894506Z","last_seen":"2025-08-30T03:28:36.894506Z","times_seen":1,"resource_available":false,"data":null}},"time_used":947,"timings":{"blocked":316,"dns":27,"connect":92,"send":0,"wait":313,"receive":1,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/utility/social-media/instagram/new/4/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/utility/social-media/instagram/new/4/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84ff-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=faaODTO%2BFhxwTpo04vvq5PMsu7qQrIz%2BnHEkGJoR%2BejXDzH3iVsB56ibN0YxvISGgxqthJEtDJ%2Fzegis0HJBRgDBvpUa5Gzy6aQFOnJq\"}]}\r\ncf-ray: 977132501c5c56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-04-04T18:45:43.33658Z","times_seen":10535,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":30,"dns":4,"connect":1,"send":0,"wait":478,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:11.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"F5:9E:5D:EB:46:9B:ED:9F:D2:D7:E8:D1:06:43:DF:9D:0C:13:7E:75","sha256":"AA:C4:C0:AF:38:AE:91:75:3F:86:CE:32:70:A9:8F:C4:2F:7F:D2:28:D1:34:AD:0A:C8:E2:6C:6E:4D:46:72:23"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 29 Aug 2025 11:06:50 GMT\r\nexpires: Sat, 29 Aug 2026 11:06:50 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nage: 58881\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T22:44:53.301995Z","times_seen":715385,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/templates/3arbserv/css/echo.rtl.css","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:06.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /templates/3arbserv/css/echo.rtl.css HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:06 GMT\r\ncontent-type: text/css\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 25 Sep 2025 13:39:05 GMT\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DDNiMWtSnpV6f9lN05WHygguRNF4tTCnHkR6pxcEyPrXmLFlDiXla%2BaWQBcpTIQd0UikTiu6ixsiJgVio0buVZY%2BSQgvuZeenpZUCicaYA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding,User-Agent\r\nserver: cloudflare\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\nage: 258252\r\ncf-cache-status: HIT\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323b1afd569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":22198,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6557f36c31ab17bfd276edb0385dcf02","sha1":"4276e236942d2c02b0bd3ac06259df38951b4bc3","sha256":"6d4a4fa42924778987113fdd09c0870029af4892014306a36522f226c4c1d747","sha512":"e80434764b6c231455901dc34fd1a9c909504b8f03343d0b38ecdc9d869f74628df650612b2084b61f9e61fe6a1ce68d55a8f039d894ecc8942706b37b753008","ssdeep":"192:Nh6eh6+fXFRp0b8OXSSx6LxT70rziLpQN6gbUww:NjFZc6Fv0rz8pQJw","tlshash":"72a22397feb220473812cd686666cdd3e7160083c40adfb97f5e9164df4a2cc16ae789","first_seen":"2023-05-23T00:33:56Z","last_seen":"2025-09-03T06:24:47.656682Z","times_seen":24,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/utility/social-media/instagram/new/4/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/utility/social-media/instagram/new/4/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84ff-1d9a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oRMOKq6Z77RA2SVTCtakgl8hSs3%2BJFKJ0giDceTAa%2Ftpgu6cVI1fGGVjuHkL5YifIqWk%2BoAKvC%2BS4pvxFbO%2B72J4cGCvgtUtvuOECzvc\"}]}\r\ncf-ray: 977132502c5f56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7578,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"98090679cdc97734c4911d7995d7a560","sha1":"50616bcd7ea8829649ce87ccf771dcc60ad20d8d","sha256":"985576dbd564299199b75f1e108e7808324c3549692fe41a04aa32b85a1f727a","sha512":"a3ff81836af5a5c150d064a8f55d3604c48a68d366a61096a05cde2f5ff3a3bfd0dde4e10f66c06b168573390c5fe11375d9b53afd0ba0bf8e99b8cfef6c35ac","ssdeep":"192:2arMX5EtHh9HhZzJJxMX5jMPBR0hJWsGZPhHG0b26zSSfJl00LApicS:fMXkzJnMXJM762ijm","tlshash":"98f1dd9b6b371604b407e4aa2f6a2b4727244017960fed247fcd724c8fc52e8d5a278b","first_seen":"2024-09-11T20:57:23Z","last_seen":"2025-12-22T04:22:03.435638Z","times_seen":637,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":27,"dns":5,"connect":3,"send":0,"wait":502,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fstyle.css\u0026l=7578\u0026fd=556","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.61.227","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Finstagram%2Fnew%2F4%2Fcss%2Fstyle.css\u0026l=7578\u0026fd=556 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27124838=1; slec604c13fd8efa127c8ea9ec3804312c5d=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 30 Aug 2025 03:28:11 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":607,"timings":{"blocked":291,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":212},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css\u0026l=4617\u0026fd=504","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.13","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css\u0026l=4617\u0026fd=504 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=3b9e679e-e0be-44e7-9465-58d7aba0ae41:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27124838=1; slec604c13fd8efa127c8ea9ec3804312c5d=[6116561]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sat, 30 Aug 2025 03:28:10 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-08-30","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/favicons/favicon-16x16.png","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:07.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"GET /favicons/favicon-16x16.png HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:07 GMT\r\ncontent-type: image/png\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 26 Aug 2026 13:39:08 GMT\r\nlast-modified: Mon, 18 Aug 2025 13:20:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nvary: User-Agent, accept-encoding\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-encoding: gzip\r\nage: 38988\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1DQjQDBHsfRezIng7Vj2wbArDOw2D9qH9MC6Al92wYjWn%2F9f4%2B3txNm7Y8%2FZoUWNbknjXfXeu9OSzigUfDFuqNyIdGJrWTgH1JdeNVebPA%3D%3D\"}]}\r\nexpect-ct: max-age=86400, enforce\r\ncf-ray: 9771323f0b1b569a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1017,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"2f9e3795889ec567bbb1124b6b1f73c8","sha1":"1587f8e10111dda099a9453850224807334ec44b","sha256":"c994effa2226581104a4963c1c0ced8b6009e06a8ac49b4cdb09ce1c84443a65","sha512":"f66166f1d05d9592e8ac696529dcee357e999be34d135e28a1131e61bb3723f8a58704976156fd66386ea4568476b2713dd1f9ab119a63b8ac234bf887850011","ssdeep":"","tlshash":"fe11d8f401808972ad13a23f482e8310a4db1bd817d5e080597675cdc1c63d93ae2ab3","first_seen":"2023-05-02T11:02:06Z","last_seen":"2026-03-29T20:18:02.124338Z","times_seen":190,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mc.turkishasq.com/cdn-cgi/rum?","fqdn":"mc.turkishasq.com","domain":"turkishasq.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:08.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turkishasq.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 23:00:17 GMT","end":"Sat, 08 Nov 2025 23:58:46 GMT"},"fingerprint":{"sha1":"CF:1A:1F:3B:DD:DA:B4:49:BA:D4:50:83:09:65:BC:AB:79:AB:7D:F1","sha256":"1A:D2:FB:00:90:BB:1C:32:D6:DB:4D:D8:C2:4A:69:05:73:63:76:20:E8:51:8A:9A:74:BC:B4:9C:C7:69:48:89"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: mc.turkishasq.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2\r\ncontent-type: application/json\r\nContent-Length: 1203\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=b9285b1e670703e3317ee09c59ca2af6; _ga_JMRHR69VQJ=GS2.1.s1756524487$o1$g0$t1756524487$j60$l0$h31457629; _ga=GA1.1.1122192133.1756524488; dom3ic8zudi28v8lr6fgphwffqoz0j6c=3b9e679e-e0be-44e7-9465-58d7aba0ae41%3A1%3A1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://mc.turkishasq.com\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin, accept-encoding\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pBNNdr1Q%2F%2Fi3WN8pB3Hxk5RyHxsDBhONdG5rtScZn420PNIAGxq%2BejWdxSlNMSlQtHZIUz4xn%2FDYf3PpGBWcpEmPZKmzxInqMCo1qMcTGA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ndate: Sat, 30 Aug 2025 03:28:08 GMT\r\nserver: cloudflare\r\ncf-ray: 977132433b22569a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T22:47:04.158538Z","times_seen":13349726,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/utility/social-media/instagram/new/4/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://mc.turkishasq.com/tag.php?t=%D9%85%D8%B3%D9%84%D8%B3%D9%84-%D8%AC%D9%88%D8%AF%D8%B1-%D8%A7%D9%84%D8%AC%D8%B2%D8%A1-%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A-%D8%A7%D9%83%D9%88%D8%A7%D9%85\u0026page=2","date":"2025-08-30T03:28:10.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/utility/social-media/instagram/new/4/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://mc.turkishasq.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 30 Aug 2025 03:28:10 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:43 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pxXvUXdtkbZIerNiXbF5sxZcagTuDw%2Fdr8jCIzK%2F%2FPLrwVB5f9IYehCd%2FFVEWwkUFMjH%2FqzWgdERhtlUk%2FKstBjZXrXDcn%2BPyNzWiPAp\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"65aa84ff-1bc\"\r\ncontent-encoding: br\r\ncf-ray: 977132501c5d56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":444,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"02eef03d816f45efe77308aba07b0e94","sha1":"67ed5890e847d96a9cae9870e1adc821f551be35","sha256":"45cf2559fcb1af6347e9de4e1d2fad22896f10066e72bce39b0d1f19cda13824","sha512":"a8da3e933659ddddd30a3fe6d1347b31609807a3c16a5e954fed8d26cd21ead9f8a48a76b49ef7114ff198859aed2093da09df7dc2c39f10ddfcaa461f6d4639","ssdeep":"","tlshash":"f4f05c346174423453b7e1a6328b6b9e2130065fd0058249b42c574a1ee1ba522e2ba7","first_seen":"2023-04-06T09:46:19Z","last_seen":"2025-12-22T04:22:03.450012Z","times_seen":795,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":25,"dns":3,"connect":1,"send":0,"wait":466,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}