{"report_id":"7f2e178d-44ed-44a2-a9eb-5d695ad618ba","version":6,"status":"done","tags":[],"date":"2026-02-24T14:22:11Z","url":{"schema":"http","addr":"tr.galabet1051resmi.vip","fqdn":"tr.galabet1051resmi.vip","domain":"galabet1051resmi.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"tr.galabet1051resmi.vip/","fqdn":"tr.galabet1051resmi.vip","domain":"galabet1051resmi.vip","tld":"vip"},"title":"1051 Galabet Giriş - Galabet Güncel Giriş - Galabet1051.com - Orjinal Güvenli Giriş.","dom":{"size":19950,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"fc1cc6954e6dcee77662278b776e72e0","sha1":"ac83268007c312de0b1d02743ebfff3a16043007","sha256":"e33e51adbef97ecf79debc17015f28c693140c43832914a47decaaf40e3e8027","sha512":"eaf9b4485012f8588a2501baacdfeb1886c270a24e0c869f589546998af11faabb1d165d4b512f175dccc82e3348586df81416fc7a89234ef57a522045b402ca","ssdeep":"192:iBcV1PkL0/FU5rg6HSRFvs2m1CtnC4FzCdZ3aLS4My2SwWKT3VdbbaVAV7yCyGWQ:iB+1PkL0/FU5rgTEvAoL0q0IKv3vivHz","tlshash":"5792e8678693082e2923e5d537e3670fb6b1e203c802e9197f9d579c8fc96d9c5a360c","dom_hash":"domhash166e57fbcbd0e8d7d63855ccef3b0604","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tr.galabet1051resmi.vip","fqdn":"tr.galabet1051resmi.vip","domain":"galabet1051resmi.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-31T14:22:11Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"tr.galabet1051resmi.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"tr.galabet1051resmi.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"tr.galabet1051resmi.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-22T22:14:59.650342Z","alert_count":0,"request_count":8,"received_data":173381,"sent_data":4363,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tr.galabet1051resmi.vip","ip":{"addr":"91.92.241.15","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"domain_registered":"2026-02-22","domain_rank":0,"first_seen":"2026-02-24T14:22:11.969129Z","last_seen":"2026-02-24T14:22:11.969129Z","alert_count":9,"request_count":3,"received_data":35633,"sent_data":1398,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-22T22:18:02.864626Z","alert_count":0,"request_count":1,"received_data":11803,"sent_data":472,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tr.galabet1051resmi.vip/","fqdn":"tr.galabet1051resmi.vip","domain":"galabet1051resmi.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"935e52653ab65eb4cbc672c00207fc0c","sha1":"21faae66e215e391156fe41af9e4a91e6ca773bb","sha256":"8479fd16105be6b48056a56b1d40bdcabc14e76013f90e141ec4070e07dd7447","sha512":"584e667da64c9b692424ee346b121428fe909b568fe3f066f6422f59f86d19a7198964c9f5ef9fdfad7a736ff3c349616aed9482ef29fbfbdf56e0e3b76495bd","ssdeep":"","tlshash":"7dd097a623ba1439093340939be6e2c3a006240f6644da1a3f8c82481fc0103cae20c1","size":258,"data":"","first_seen":"2026-02-24T14:22:14.40288Z","last_seen":"2026-02-25T00:07:43.901078Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet1051resmi.vip/","date":"2026-02-24T14:21:50.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet1051resmi.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 12:55:59 GMT\r\nexpires: Wed, 24 Feb 2027 12:55:59 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nage: 5151\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-06-08T19:51:09.421867Z","times_seen":26983,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":69,"dns":0,"connect":9,"send":0,"wait":20,"receive":4,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJuktqUYTkntBJ2fk.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet1051resmi.vip/","date":"2026-02-24T14:21:50.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJuktqUYTkntBJ2fk.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet1051resmi.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14732\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 23 Feb 2026 15:02:04 GMT\r\nexpires: Tue, 23 Feb 2027 15:02:04 GMT\r\ncache-control: public, max-age=31536000\r\nage: 83986\r\nlast-modified: Thu, 04 Sep 2025 17:21:52 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14732,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14732, version 1.0","md5":"7c322814707ea577390977206b013f23","sha1":"64907de0898b2ead9b9f2d8018d10e3fec770241","sha256":"c15404cf3c1f7d2befb885bbdf9955e6df981fded8c544cccc18c2dac3ce34aa","sha512":"99a00a54d748eb1944730dc85c673f3b0ace279b3dd318cb224fd70ab1621383bda0d008c3836e158f67a0d52a5a4ee481a1bb2e4c7b20908e6cf34f41216092","ssdeep":"384:/l7ypLBiJyAfzXUsQzWm8zTK8yUFkSLSZxdndm:97ELU8KXUPu/FxLUxi","tlshash":"8262b08fde814f65c58159b2ac853040b57d75809bfec2de4b4be11dcba328ca405aef","first_seen":"2025-09-08T02:28:39.84107Z","last_seen":"2026-06-08T19:10:26.049508Z","times_seen":1068,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":13,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tr.galabet1051resmi.vip/favicon.ico","fqdn":"tr.galabet1051resmi.vip","domain":"galabet1051resmi.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galabet1051resmi.vip/","date":"2026-02-24T14:21:51.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1051resmi.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 07:46:47 GMT","end":"Sat, 23 May 2026 07:46:46 GMT"},"fingerprint":{"sha1":"A4:6D:0B:AF:90:9B:79:8D:FD:8A:AD:37:A8:DC:56:56:87:0D:3A:AB","sha256":"57:15:A8:CD:8D:23:F2:9A:A4:9B:1A:9E:56:CF:1A:79:86:CC:6E:9F:B0:89:8A:F2:71:7F:49:B0:51:D1:9E:F5"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: tr.galabet1051resmi.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tr.galabet1051resmi.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 03 Mar 2026 14:21:51 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Sun, 22 Feb 2026 09:04:32 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7015\r\ndate: Tue, 24 Feb 2026 14:21:51 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7015,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"96a66de67adef28337580739eab71404","sha1":"2b93f9d9f5ccb809e454e812f9dfa7ce9ab02b0a","sha256":"1b029ff1969f7f867742ed30370ab8f76f58f3a00c102b51740cee61a5bae6ca","sha512":"efd763159644683e2aedb05be3a541cc4792938d3755e0b0a1e8850c6240e04c3ce03e465ac5160ebea03b7ba0e9a948bff584fb163ab1db1677453bcb13a7fc","ssdeep":"192:AA9risdBVS6QwidYsQ6ujzwAzxyKjuDqc:AA9pORYsKIAz0KjYqc","tlshash":"40e19fc31979540617e9f2df05c4386ab74ca88793a2a4f927b931343ff19cda613229","first_seen":"2025-12-24T22:39:15.963833Z","last_seen":"2026-06-07T00:34:32.054342Z","times_seen":114,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"tr.galabet1051resmi.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"tr.galabet1051resmi.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"tr.galabet1051resmi.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet1051resmi.vip/","date":"2026-02-24T14:21:50.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet1051resmi.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32108\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 20 Feb 2026 06:24:32 GMT\r\nexpires: Sat, 20 Feb 2027 06:24:32 GMT\r\ncache-control: public, max-age=31536000\r\nage: 374238\r\nlast-modified: Thu, 04 Sep 2025 17:18:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32108, version 1.0","md5":"e414fe5664f376c8f145acd792939183","sha1":"5b69d46adc3a06af762193adb2dddbc359b2e786","sha256":"fa31c7981483e52cbb8b8bc1eb0dc6326f160b8699cc0899349f977f0517a9df","sha512":"51c251910e5cce616b3c336bcb63853f83c306e16e9b79e0a18f924a738ba06b3e2cb8132ff9bc6e720527234eb80e90be2625b860e1728b66d4fe86ac9bafe5","ssdeep":"768:gUX6jLkDeuAkZHs27nAflEFIapAgCauwIFPo3zjERcgmcjz:3X6tkpNAf6FIapAgCaMFozInjz","tlshash":"6ee2e14f8beb009ef3828a7812c46b3195b305d569cbfa901eef85d76b5c247c1474a8","first_seen":"2025-09-05T02:25:45.343777Z","last_seen":"2026-06-08T19:38:11.46204Z","times_seen":20883,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":82,"dns":1,"connect":8,"send":0,"wait":28,"receive":2,"ssl":70},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet1051resmi.vip/","date":"2026-02-24T14:21:50.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet1051resmi.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 12:55:59 GMT\r\nexpires: Wed, 24 Feb 2027 12:55:59 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nage: 5151\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-06-08T19:51:09.421867Z","times_seen":26983,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":72,"dns":5,"connect":10,"send":0,"wait":17,"receive":3,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggmxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet1051resmi.vip/","date":"2026-02-24T14:21:50.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggmxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet1051resmi.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15120\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 20 Feb 2026 06:07:36 GMT\r\nexpires: Sat, 20 Feb 2027 06:07:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 375255\r\nlast-modified: Thu, 04 Sep 2025 17:08:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15120,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15120, version 1.0","md5":"6d36d5bdedfabb5bbee2ab6b6ded3416","sha1":"1f62546fa0a051004f4faa3f40a4a8074a2e06ea","sha256":"3911b66d9f2e005a4b989223405d0e5032619c668597ba467cc76a23c8fffcfb","sha512":"21c425a24911d63daee9242105549805d53dbe91d463be1512949245d3c72769bd81b6a5617388776a204a45995a4365fb5dc0abc9b081f6abbb4018f36c2138","ssdeep":"384:BCX/6yjzk4RmmVzZQVIiSeYWsfTZW3xYuiM:BQ/2bm3QVd1YWB3X/","tlshash":"6162c0c2e4149ad6cea76175d373c84196d98ce0bdefa84098e32b414317b24bbdb7b4","first_seen":"2025-06-04T20:22:57.505569Z","last_seen":"2026-06-08T14:55:02.225256Z","times_seen":1556,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":119,"dns":1,"connect":9,"send":0,"wait":10,"receive":1,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggmxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet1051resmi.vip/","date":"2026-02-24T14:21:50.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggmxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet1051resmi.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15120\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 20 Feb 2026 06:07:36 GMT\r\nexpires: Sat, 20 Feb 2027 06:07:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 375254\r\nlast-modified: Thu, 04 Sep 2025 17:08:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15120,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15120, version 1.0","md5":"6d36d5bdedfabb5bbee2ab6b6ded3416","sha1":"1f62546fa0a051004f4faa3f40a4a8074a2e06ea","sha256":"3911b66d9f2e005a4b989223405d0e5032619c668597ba467cc76a23c8fffcfb","sha512":"21c425a24911d63daee9242105549805d53dbe91d463be1512949245d3c72769bd81b6a5617388776a204a45995a4365fb5dc0abc9b081f6abbb4018f36c2138","ssdeep":"384:BCX/6yjzk4RmmVzZQVIiSeYWsfTZW3xYuiM:BQ/2bm3QVd1YWB3X/","tlshash":"6162c0c2e4149ad6cea76175d373c84196d98ce0bdefa84098e32b414317b24bbdb7b4","first_seen":"2025-06-04T20:22:57.505569Z","last_seen":"2026-06-08T14:55:02.225256Z","times_seen":1556,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":56,"dns":0,"connect":0,"send":0,"wait":11,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tr.galabet1051resmi.vip/","fqdn":"tr.galabet1051resmi.vip","domain":"galabet1051resmi.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-24T14:21:50.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1051resmi.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 07:46:47 GMT","end":"Sat, 23 May 2026 07:46:46 GMT"},"fingerprint":{"sha1":"A4:6D:0B:AF:90:9B:79:8D:FD:8A:AD:37:A8:DC:56:56:87:0D:3A:AB","sha256":"57:15:A8:CD:8D:23:F2:9A:A4:9B:1A:9E:56:CF:1A:79:86:CC:6E:9F:B0:89:8A:F2:71:7F:49:B0:51:D1:9E:F5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tr.galabet1051resmi.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 23 Feb 2026 12:02:49 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4637\r\ndate: Tue, 24 Feb 2026 14:21:50 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20148,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"7486a6c579070e19b653d866e2d55ccd","sha1":"22675ca6b33483939bdf13c5890a8e1e88d67e5b","sha256":"01c5bfc9763126f7b66f8a4e74a4f479dddd9de79da0692fa1745defe888e445","sha512":"e3abbca43c2e561d47b7cc551bbd01a515db30534a47e4021aae4165815337a1fd431857ebc59e6321b36977ca5de22e78ec7e33133865d434f5631c6fb6348c","ssdeep":"192:kkT/gSRFvs2m1CtnC4FzCdZ3aLS4My2SwWKT3VdbbaVAV7yCyGWoKs6g6+Saze59:dT/rEvAoL0qCbKv3vivHh","tlshash":"7a92f8678693082e2523d5e537e3670fb6b1a203c902e91d7f9d579c8fc96d8c6a360c","first_seen":"2026-02-24T14:22:14.400022Z","last_seen":"2026-02-25T00:07:43.89541Z","times_seen":2,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":236,"dns":97,"connect":65,"send":0,"wait":66,"receive":1,"ssl":70},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"tr.galabet1051resmi.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"tr.galabet1051resmi.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"tr.galabet1051resmi.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tr.galabet1051resmi.vip/favicon.png","fqdn":"tr.galabet1051resmi.vip","domain":"galabet1051resmi.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galabet1051resmi.vip/","date":"2026-02-24T14:21:50.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galabet1051resmi.vip","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Feb 2026 07:46:47 GMT","end":"Sat, 23 May 2026 07:46:46 GMT"},"fingerprint":{"sha1":"A4:6D:0B:AF:90:9B:79:8D:FD:8A:AD:37:A8:DC:56:56:87:0D:3A:AB","sha256":"57:15:A8:CD:8D:23:F2:9A:A4:9B:1A:9E:56:CF:1A:79:86:CC:6E:9F:B0:89:8A:F2:71:7F:49:B0:51:D1:9E:F5"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: tr.galabet1051resmi.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tr.galabet1051resmi.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 03 Mar 2026 14:21:50 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 22 Feb 2026 09:04:35 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7144\r\ndate: Tue, 24 Feb 2026 14:21:50 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7144,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced","md5":"f7220671d01b2b7d052f4db56df4771f","sha1":"94966fee608cb53757f3229f8ec9b3329fa6e84b","sha256":"0993eb8e722d78f711323406aec8582882fe9a7547584b2676b011b905ad29b3","sha512":"f761f7dc85c508194502acb0c46a5a4ac07f2ac55dc5563ff12f49803f8d55b63fea260c4d4028d1dc4b704627d55745bc642324d2fd079714cd6dcb09572748","ssdeep":"192:xSd87eU2gqYK75rf6twvcGugctq/grfVR/BZHvfJ3O:Yi2gqYKr8wwgctq/2ffXHtO","tlshash":"5ce19f95fb5f9321ac6e720f09d64eb8a2db076acbf5972240b8d106067105f7b90546","first_seen":"2026-02-24T14:22:14.40084Z","last_seen":"2026-05-18T23:54:51.001681Z","times_seen":35,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"tr.galabet1051resmi.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-02-24","alert":"Phishing Block","trigger":"tr.galabet1051resmi.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-24","alert":"Sinkholed","trigger":"tr.galabet1051resmi.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Outfit:wght@600;700;800\u0026family=Manrope:wght@400;600;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tr.galabet1051resmi.vip/","date":"2026-02-24T14:21:50.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /css2?family=Outfit:wght@600;700;800\u0026family=Manrope:wght@400;600;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 24 Feb 2026 14:21:50 GMT\r\ndate: Tue, 24 Feb 2026 14:21:50 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11117,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"355e06d1a87702deedc092e9dfc72b48","sha1":"ff245b7875a33c6a268e7121f7a72e6cd7b34a8e","sha256":"c1ba2792afe00060116feaab4a6826c233e8f10fd41c9b2f9f194cf85c03040f","sha512":"13221f7a1203a7b62d96a9f229684adc58ef3eda17d35be4fd2b39f2884ef061f79803c463b4a50b92093baf6d1d9da0571b97eb1ee7fff13b7f17ec599da92a","ssdeep":"192:zJDEV3WW894JlOV3MM8b/JGNV3TT80uJHYV3668hghwEhXxhWV:9wBE02EQS","tlshash":"9232ba90002be404db470cd277ce7e3aad5e61567441c5ba9ffe1c98acebd222365b1e","first_seen":"2026-02-24T14:22:14.401764Z","last_seen":"2026-02-25T00:07:43.896461Z","times_seen":2,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":84,"dns":1,"connect":7,"send":0,"wait":18,"receive":0,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet1051resmi.vip/","date":"2026-02-24T14:21:50.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet1051resmi.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 12:55:59 GMT\r\nexpires: Wed, 24 Feb 2027 12:55:59 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nage: 5151\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-06-08T19:51:09.421867Z","times_seen":26983,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":79,"dns":0,"connect":8,"send":0,"wait":20,"receive":3,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggmxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galabet1051resmi.vip/","date":"2026-02-24T14:21:50.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggmxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galabet1051resmi.vip\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15120\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 20 Feb 2026 06:07:36 GMT\r\nexpires: Sat, 20 Feb 2027 06:07:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 375255\r\nlast-modified: Thu, 04 Sep 2025 17:08:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15120,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15120, version 1.0","md5":"6d36d5bdedfabb5bbee2ab6b6ded3416","sha1":"1f62546fa0a051004f4faa3f40a4a8074a2e06ea","sha256":"3911b66d9f2e005a4b989223405d0e5032619c668597ba467cc76a23c8fffcfb","sha512":"21c425a24911d63daee9242105549805d53dbe91d463be1512949245d3c72769bd81b6a5617388776a204a45995a4365fb5dc0abc9b081f6abbb4018f36c2138","ssdeep":"384:BCX/6yjzk4RmmVzZQVIiSeYWsfTZW3xYuiM:BQ/2bm3QVd1YWB3X/","tlshash":"6162c0c2e4149ad6cea76175d373c84196d98ce0bdefa84098e32b414317b24bbdb7b4","first_seen":"2025-06-04T20:22:57.505569Z","last_seen":"2026-06-08T14:55:02.225256Z","times_seen":1556,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":191,"dns":3,"connect":7,"send":0,"wait":9,"receive":1,"ssl":181},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}