{"report_id":"e0cefeb3-c8af-45ef-83e1-e443cf346cfa","version":6,"status":"done","tags":[],"date":"2026-04-01T13:20:03Z","url":{"schema":"http","addr":"tr.girisgalabet1067.vip","fqdn":"tr.girisgalabet1067.vip","domain":"girisgalabet1067.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"tr.girisgalabet1067.vip/","fqdn":"tr.girisgalabet1067.vip","domain":"girisgalabet1067.vip","tld":"vip"},"title":"Galabet Güncel Giriş 2026 | Yeni Adres, Kesintisiz Erişim ve %100 Güvenilir Bahis Sitesi","dom":{"size":13898,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"cf0e0677ef21383dc2bc762240a27c46","sha1":"2d1eabe52b68bc1431d41c738a8496c607bdbced","sha256":"3e507b02a6d35a6fd3f0797e2763e465a6398c5efeb52b24b498320077f25a44","sha512":"aaf83ae9ec23e28a7e9becc5ffd40f6601526ede7d6913becbc3c28c4b793581a7e3abdf3a875b71d0e2450df0811126f00eb07869f0eac171212fb6a39b5fed","ssdeep":"192:CRdFINOH4//mwvlZBNguC/iAYyS71y9dygwy/IPOfkCOMajdqyl+g8y5EMYqV7x0:CRdaNOH4//mYey1Er9vCUICDp","tlshash":"2d52a56fd7a30c1a271bf0945be7361e7b56d50bcc29cc29ba5c4a1c4fc56a984b360c","dom_hash":"domhashb106991efd7aa38d6dc503987b59828c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tr.girisgalabet1067.vip","fqdn":"tr.girisgalabet1067.vip","domain":"girisgalabet1067.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":0,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-06T13:20:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"tr.girisgalabet1067.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"tr.girisgalabet1067.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"tr.girisgalabet1067.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"tr.girisgalabet1067.vip","ip":{"addr":"91.92.241.15","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"domain_registered":"2026-03-30","domain_rank":0,"first_seen":"2026-04-01T13:20:03.453742Z","last_seen":"2026-04-01T13:20:03.453742Z","alert_count":12,"request_count":4,"received_data":31138,"sent_data":1851,"comment":"","tags":null,"fingerprints":[{"name":"Bootstrap:5.3.2","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-03-29T22:35:00.993215Z","alert_count":0,"request_count":2,"received_data":315181,"sent_data":851,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6baf57f25796c332144ed58a2a0cd9ee","sha1":"f7fd0f3dc84b2cf93bf81e832505a673f354e0a3","sha256":"82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd","sha512":"5ff6240d9ca34dfe30c9cd95cb5e981823c7c0063cad9258f8f3a0a24663401da684844524272410673a6325fd78db0f7e7d0fcd3844b8db3eb9aa2613908ee8","ssdeep":"1536:Qmw0iELO+TBR2t472RirWyKsVfK5GEfy3YJtCRv/45wZbqbXZTbYWU178:VwXza3YCl45wZODZTbYR8","tlshash":"cc73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","size":80663,"data":"","first_seen":"2023-09-18T01:21:14Z","last_seen":"2026-06-08T17:57:50.658284Z","times_seen":19147,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"tr.girisgalabet1067.vip/favicon.png","fqdn":"tr.girisgalabet1067.vip","domain":"girisgalabet1067.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.girisgalabet1067.vip/","date":"2026-04-01T13:19:37.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.girisgalabet1067.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 12:11:06 GMT","end":"Sun, 28 Jun 2026 12:11:05 GMT"},"fingerprint":{"sha1":"75:9B:11:C6:A7:2A:7F:A0:57:02:0C:61:56:CB:98:85:FA:13:A6:B5","sha256":"31:2D:32:81:DC:FD:8F:7B:D0:52:99:4C:4C:4B:DB:15:C8:35:42:F1:F0:33:D2:16:77:A7:75:1D:CB:59:B6:B3"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: tr.girisgalabet1067.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tr.girisgalabet1067.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Apr 2026 13:19:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 30 Mar 2026 13:12:17 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7144\r\ndate: Wed, 01 Apr 2026 13:19:37 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7144,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced","md5":"f7220671d01b2b7d052f4db56df4771f","sha1":"94966fee608cb53757f3229f8ec9b3329fa6e84b","sha256":"0993eb8e722d78f711323406aec8582882fe9a7547584b2676b011b905ad29b3","sha512":"f761f7dc85c508194502acb0c46a5a4ac07f2ac55dc5563ff12f49803f8d55b63fea260c4d4028d1dc4b704627d55745bc642324d2fd079714cd6dcb09572748","ssdeep":"192:xSd87eU2gqYK75rf6twvcGugctq/grfVR/BZHvfJ3O:Yi2gqYKr8wwgctq/2ffXHtO","tlshash":"5ce19f95fb5f9321ac6e720f09d64eb8a2db076acbf5972240b8d106067105f7b90546","first_seen":"2026-02-24T14:22:14.40084Z","last_seen":"2026-05-18T23:54:51.001681Z","times_seen":35,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"tr.girisgalabet1067.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"tr.girisgalabet1067.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"tr.girisgalabet1067.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tr.girisgalabet1067.vip/","fqdn":"tr.girisgalabet1067.vip","domain":"girisgalabet1067.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-01T13:19:36.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.girisgalabet1067.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 12:11:06 GMT","end":"Sun, 28 Jun 2026 12:11:05 GMT"},"fingerprint":{"sha1":"75:9B:11:C6:A7:2A:7F:A0:57:02:0C:61:56:CB:98:85:FA:13:A6:B5","sha256":"31:2D:32:81:DC:FD:8F:7B:D0:52:99:4C:4C:4B:DB:15:C8:35:42:F1:F0:33:D2:16:77:A7:75:1D:CB:59:B6:B3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tr.girisgalabet1067.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 30 Mar 2026 13:11:52 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3205\r\ndate: Wed, 01 Apr 2026 13:19:36 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bootstrap:5.3.2","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}],"data":{"size":14389,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"ff6886804f79aeb09a6915a19e2b1cbc","sha1":"0f51b66aea6fdf3bb3aa8604a8e26b9106816c1a","sha256":"c4971fad6060bf82bfb48b3de48e1917bb0d972745359fea11301045e7dddd98","sha512":"2251e20563ba31d51338d9451488b7e8a193fc2ae2932d51d1d072b2f57708ae43fe7d94eaee183fed1bc42a7755ac7bd533dbd4e6772bcdac0640ddc99d4284","ssdeep":"192:U5zik/5UnNh25U5xU1y8M13KOemSBxHdRwEoEvLOdCpWHzpd4:m+vJAH/ECpMb4","tlshash":"a952982fd7815c1a133bf2a5abe3661dfb56520bc921852ab97d5a1f0ff16608073e0c","first_seen":"2026-04-01T13:20:06.186799Z","last_seen":"2026-04-01T16:39:29.707651Z","times_seen":3,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":131,"dns":0,"connect":63,"send":0,"wait":63,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"tr.girisgalabet1067.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"tr.girisgalabet1067.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"tr.girisgalabet1067.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tr.girisgalabet1067.vip/favicon.png","fqdn":"tr.girisgalabet1067.vip","domain":"girisgalabet1067.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.girisgalabet1067.vip/","date":"2026-04-01T13:19:37.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.girisgalabet1067.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 12:11:06 GMT","end":"Sun, 28 Jun 2026 12:11:05 GMT"},"fingerprint":{"sha1":"75:9B:11:C6:A7:2A:7F:A0:57:02:0C:61:56:CB:98:85:FA:13:A6:B5","sha256":"31:2D:32:81:DC:FD:8F:7B:D0:52:99:4C:4C:4B:DB:15:C8:35:42:F1:F0:33:D2:16:77:A7:75:1D:CB:59:B6:B3"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: tr.girisgalabet1067.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tr.girisgalabet1067.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 08 Apr 2026 13:19:37 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 30 Mar 2026 13:12:17 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7144\r\ndate: Wed, 01 Apr 2026 13:19:37 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7144,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced","md5":"f7220671d01b2b7d052f4db56df4771f","sha1":"94966fee608cb53757f3229f8ec9b3329fa6e84b","sha256":"0993eb8e722d78f711323406aec8582882fe9a7547584b2676b011b905ad29b3","sha512":"f761f7dc85c508194502acb0c46a5a4ac07f2ac55dc5563ff12f49803f8d55b63fea260c4d4028d1dc4b704627d55745bc642324d2fd079714cd6dcb09572748","ssdeep":"192:xSd87eU2gqYK75rf6twvcGugctq/grfVR/BZHvfJ3O:Yi2gqYKr8wwgctq/2ffXHtO","tlshash":"5ce19f95fb5f9321ac6e720f09d64eb8a2db076acbf5972240b8d106067105f7b90546","first_seen":"2026-02-24T14:22:14.40084Z","last_seen":"2026-05-18T23:54:51.001681Z","times_seen":35,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"tr.girisgalabet1067.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"tr.girisgalabet1067.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"tr.girisgalabet1067.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tr.girisgalabet1067.vip/","date":"2026-04-01T13:19:37.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap@5.3.2/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.3.2\r\nx-jsd-version-type: version\r\netag: W/\"38df4-HxOZgbm0enZu+gphu3ito1HxbEs\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 01 Apr 2026 13:19:37 GMT\r\nage: 2374933\r\nx-served-by: cache-fra-eddf8230029-FRA, cache-hel1410028-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 27423\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":232948,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"cd822b7fd22c8a95a68470c795adea69","sha1":"1f139981b9b47a766efa0a61bb78ada351f16c4b","sha256":"3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df","sha512":"6f641c4b94ac03cb59a1d703b464442e21afe5268a4a4d6f0c70da41175ad21b4f61667ad38ea5af7909e5b00041da55da6980ff8bf4c1017d33253afe90c802","ssdeep":"1536:m9YnIWbn98fhRfvO5wlP7Qy9P3CV98IsYRElV6V6pz600I41r:pnIw98fsV986I6V6pz600I41r","tlshash":"c63482d6f590317d9ca7c1499681fefd8a6fa985cb1209a6f003776807cabd30962dcc","first_seen":"2023-09-18T01:21:14Z","last_seen":"2026-06-08T17:57:50.635823Z","times_seen":16515,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":68,"dns":3,"connect":26,"send":0,"wait":28,"receive":6,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tr.girisgalabet1067.vip/","date":"2026-04-01T13:19:37.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 5.3.2\r\nx-jsd-version-type: version\r\netag: W/\"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 01 Apr 2026 13:19:37 GMT\r\nage: 5221527\r\nx-served-by: cache-fra-eddf8230118-FRA, cache-hel1410028-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 24440\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80663,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"6baf57f25796c332144ed58a2a0cd9ee","sha1":"f7fd0f3dc84b2cf93bf81e832505a673f354e0a3","sha256":"82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd","sha512":"5ff6240d9ca34dfe30c9cd95cb5e981823c7c0063cad9258f8f3a0a24663401da684844524272410673a6325fd78db0f7e7d0fcd3844b8db3eb9aa2613908ee8","ssdeep":"1536:Qmw0iELO+TBR2t472RirWyKsVfK5GEfy3YJtCRv/45wZbqbXZTbYWU178:VwXza3YCl45wZODZTbYR8","tlshash":"cc73c5593244b4730ade85b68037430bf2265998b24b812cb57cadde2a7dcc67277f78","first_seen":"2023-09-18T01:21:14Z","last_seen":"2026-06-08T17:57:50.658284Z","times_seen":19147,"resource_available":true,"data":null}},"time_used":199,"timings":{"blocked":72,"dns":2,"connect":29,"send":0,"wait":28,"receive":22,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tr.girisgalabet1067.vip/favicon.svg","fqdn":"tr.girisgalabet1067.vip","domain":"girisgalabet1067.vip","tld":"vip"},"ip":{"addr":"91.92.241.15","port":443,"asn":0,"as":"","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.girisgalabet1067.vip/","date":"2026-04-01T13:19:37.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.girisgalabet1067.vip","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 12:11:06 GMT","end":"Sun, 28 Jun 2026 12:11:05 GMT"},"fingerprint":{"sha1":"75:9B:11:C6:A7:2A:7F:A0:57:02:0C:61:56:CB:98:85:FA:13:A6:B5","sha256":"31:2D:32:81:DC:FD:8F:7B:D0:52:99:4C:4C:4B:DB:15:C8:35:42:F1:F0:33:D2:16:77:A7:75:1D:CB:59:B6:B3"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: tr.girisgalabet1067.vip\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://tr.girisgalabet1067.vip/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 796\r\ndate: Wed, 01 Apr 2026 13:19:37 GMT\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nreferrer-policy: same-origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":796,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"265e51037981a14ed99a5fc8c5ec1b51","sha1":"d12ac588953298fdaf46dd5b4af8eb4cf6b06f0a","sha256":"c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400","sha512":"b18aa610811c5f9bc1dd829ad90a95568e81a41e1fd1472983dc00147f65045fd91fbc498b5263ce4f4c88b041be21f186ed2ce357d3bcf86c0429ca18991151","ssdeep":"","tlshash":"1101f12ac182a80fe0231070fa91e37451594212629b4f647b9ff676f6ce1ab56b22cc","first_seen":"2024-02-05T05:35:22Z","last_seen":"2026-06-08T18:22:23.740653Z","times_seen":46638,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"tr.girisgalabet1067.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-01","alert":"Phishing Block","trigger":"tr.girisgalabet1067.vip","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-01","alert":"Sinkholed","trigger":"tr.girisgalabet1067.vip","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}