{"report_id":"7e48a89e-9916-4708-b927-fc885b0050e8","version":6,"status":"done","tags":[],"date":"2026-04-10T14:53:32Z","url":{"schema":"http","addr":"tr.galaerisimlinki.com","fqdn":"tr.galaerisimlinki.com","domain":"galaerisimlinki.com","tld":"com"},"ip":{"addr":"104.21.4.212","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"tr.galaerisimlinki.com/","fqdn":"tr.galaerisimlinki.com","domain":"galaerisimlinki.com","tld":"com"},"title":"Galabet Resmi Site | Güvenli Erişim Linki 2026 Kayıt Ol","dom":{"size":29674,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (351)","md5":"d7c16c4eed35c9039c06afc75b641132","sha1":"fece62751ce0611ba168cead28db5ea2e48b8f84","sha256":"74a1dc55d3ec7d0a5fcd1df108b51d580e23d83b7291d1387bd0953cae57bd92","sha512":"99a21da8e23b8a226bc83a9f3dbb118964ab05073b4294828288af54949ace0780b0288a84c9b6cbbc73034434ecc5ad5eeddf54a95bf712667e1bb3ab348fc7","ssdeep":"192:xMGMHMCxDtVCRRSOj1PkPkhsn9gfoDKwcq3rPOFeKi4OmHZM3L3XFs4MOkevC3Wq:ejsuPmKRede148TviKojq4pzZkA","tlshash":"fbd2d75b5af3142a6a1366ec97f76b196a24d003c905ed297f8c464c4fc45eacab370c","dom_hash":"domhash93eda1013a4c1ddd16b4eb9db7ff16b9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tr.galaerisimlinki.com","fqdn":"tr.galaerisimlinki.com","domain":"galaerisimlinki.com","tld":"com"},"ip":{"addr":"104.21.4.212","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-15T14:53:32Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-10","alert":"Phishing Block","trigger":"tr.galaerisimlinki.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"img.icons8.com","ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2011-10-04","domain_rank":218854,"first_seen":"2017-05-26T09:10:54Z","last_seen":"2026-04-09T15:04:35.040961Z","alert_count":0,"request_count":6,"received_data":8711,"sent_data":2721,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"tr.galaerisimlinki.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-04-09","domain_rank":0,"first_seen":"2026-04-10T14:17:14.52355Z","last_seen":"2026-04-10T14:17:14.52355Z","alert_count":16,"request_count":4,"received_data":53065,"sent_data":1838,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-05T22:16:34.770209Z","alert_count":0,"request_count":9,"received_data":309078,"sent_data":4988,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-05T22:20:18.514512Z","alert_count":0,"request_count":1,"received_data":14260,"sent_data":517,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"t3.ftcdn.net","ip":{"addr":"151.101.129.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2010-11-08","domain_rank":232925,"first_seen":"2017-01-29T16:30:47Z","last_seen":"2026-04-09T01:21:59.555454Z","alert_count":0,"request_count":1,"received_data":113116,"sent_data":497,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tr.galaerisimlinki.com/","fqdn":"tr.galaerisimlinki.com","domain":"galaerisimlinki.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"19201108a4be89c16d8d99defb2d7ac8","sha1":"ec710c1eb290c6f29ba2fd9c2c0cc25c3889b5a4","sha256":"7dbaa2da61669bddddc06c66275e764584bc71916c20620948c12e5a3614581f","sha512":"6e23fd56d69b3c5074c836d4d089f75c4b415e99e6681916a942c90e13b7a1b9c8138a3132f454988f46309b10eb08230b8ecc38e536babc5ff185242e81bc7b","ssdeep":"","tlshash":"5f218c1e32b310f7c8b79d6e924b4715372950472443ce543e9d83411fd6a3a99a0bc8","size":1326,"data":"","first_seen":"2026-04-10T13:43:53.632028Z","last_seen":"2026-04-10T14:53:33.034662Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"img.icons8.com/color/32/visa.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:09.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /color/32/visa.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galaerisimlinki.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 14:53:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 716\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: 13608\r\nicon-size: 32\r\nicon-format: png\r\nlast-modified: Mon, 06 Apr 2026 00:27:15\r\nversion: 0.0.29\r\nfrom-mongo-cache: true\r\nfrom-redis-cache: false\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: kzxWbayRS3U22IZ8tW4xlFqRAof0QwFdfyyL7VMazywBtq2y8WDhov2P4KvaNIJE8jvyZRE\r\nx-77-nzt-ray: fdb54123011a8201d60ed96965d2ae00\r\nx-77-cache: HIT\r\nx-77-age: 121612\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":716,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b0fe851e76ca0c0584af24d3028c5e8e","sha1":"bb3d26ef2423811563c87ad05162997a6f4a0020","sha256":"392c1d8b9e6535701b0f4533e588c3b69a75a292e58f36cb04f4e7b9399f4d2f","sha512":"a53e3c1278c0b2aa378931a48c98fb4bfe7f1b6f395a074e71ddcaef067437dd56048a282354f1b5bbc6f183d414d83994f0d45c309d1b9d154e2cbefb9a7a70","ssdeep":"","tlshash":"7f018862d290e93bd7453311d7078c65f5a3cdd5dd32081490ae4acd071968cb667bde","first_seen":"2026-03-19T18:58:12.656495Z","last_seen":"2026-04-10T14:53:33.023879Z","times_seen":4,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":65,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/color/32/mastercard-logo.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:09.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /color/32/mastercard-logo.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galaerisimlinki.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 14:53:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 567\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: 62765\r\nicon-size: 32\r\nicon-format: png\r\nlast-modified: Sun, 22 Mar 2026 22:32:51\r\nversion: 0.0.29\r\nfrom-mongo-cache: true\r\nfrom-redis-cache: false\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: kwJdYIuKdg1ofwBqSMOKzM1PHCxvLdcfCE32lWkY1mbLfPYXL56smF3+uEnogLOA5w\r\nx-77-nzt-ray: fdb54123011a8201d60ed969dd08ad00\r\nx-77-cache: HIT\r\nx-77-age: 67745\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"9ec453e0ffc5b59ee07c8f6416c8c685","sha1":"be1dac7b8d0bc4ecf96e94e628c2c3f57d146c62","sha256":"436264fc9862990746fd1cb8d2b4b011981a3b6a17b707ad2d5101fb542260eb","sha512":"59a84fe91e91aa2bdea96a7699b256d95ebea3f09654c6767ff344fb8b392a1be437a66f7b1c3a02e797a65fc12a51bfae681b1c2c348ff4e6e6bb57c41a7735","ssdeep":"","tlshash":"cbf0e19b42d351ed815d2427f3598641c44bad8c48675c090039deadc2792087656673","first_seen":"2026-04-10T13:43:53.629601Z","last_seen":"2026-04-10T14:53:33.024484Z","times_seen":3,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":64,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tr.galaerisimlinki.com/logo.png","fqdn":"tr.galaerisimlinki.com","domain":"galaerisimlinki.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:09.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galaerisimlinki.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 09:49:35 GMT","end":"Wed, 08 Jul 2026 09:49:34 GMT"},"fingerprint":{"sha1":"48:0A:46:35:53:06:24:62:31:BF:D1:A1:56:F2:71:A8:F0:22:3C:E4","sha256":"30:F7:4E:48:84:08:5D:E7:9E:D6:B0:F5:D3:3D:10:FC:87:2C:26:DD:D3:0F:A6:BE:5F:03:79:D6:26:8D:B6:48"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: tr.galaerisimlinki.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galaerisimlinki.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Apr 2026 14:53:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 7412\r\nlast-modified: Thu, 09 Apr 2026 10:50:50 GMT\r\netag: \"1cf4-64f04ca2e3e6d\"\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nage: 4184\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bmr4a3a6XdA7ziI3wQ4qXJ8Shdc6rOhrSmsknMiLL6nREwO7axhlmk0syuJU%2BcbM%2F1ZFxpPNOLEtcVC1Bz5ULPpkgL0gHMJWigvU7zRLQ69tGCWPB62yHrEmUJXJJh%2BzThiCgtlyi8g3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea294590c2a56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7412,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 73, 8-bit/color RGBA, non-interlaced","md5":"10e934ead32fa6f82e9f3b40dda2f272","sha1":"11faff4d20167aca4eaa38699e5ac4cdb2bc7358","sha256":"9a9ab3efe129c9e3431edaa81c42048a2e335d8e0f5b235613c71547c04eafcf","sha512":"c077792c39f27eb1cc438ea102326517b8d8203f2a4bb7c8a87f113e90146ffb6007d048517342935c0286a4ecadc24b10334e26871a901840750f0800a3b07d","ssdeep":"192:h5IabJbWXtFLsKUehXeiLEwWxgbdPa4/Bdv8ciAHcwsIS75kLuo:h5IaFbcPj8mYkc4/PpiAHc1Po","tlshash":"b5e19e8b057ad5a0b311a153fb0df7139923192eaf2949b40ddbe2984909ff4f08b6c3","first_seen":"2026-04-10T13:43:53.586114Z","last_seen":"2026-04-10T14:53:33.025003Z","times_seen":3,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-10","alert":"Phishing Block","trigger":"tr.galaerisimlinki.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/color/32/ethereum.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:09.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /color/32/ethereum.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galaerisimlinki.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 14:53:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 853\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: 50284\r\nicon-size: 32\r\nicon-format: png\r\nlast-modified: Tue, 07 Apr 2026 13:18:55\r\nversion: 0.0.29\r\nfrom-mongo-cache: true\r\nfrom-redis-cache: false\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k9RQsR+4zOAkRKP3OlO4iID34jdbNjyp+upt9r7MOZnIPM+XKrlx68HXQ9U2ZFJzyg\r\nx-77-nzt-ray: fdb54123011a8201d60ed9696bf46000\r\nx-77-cache: HIT\r\nx-77-age: 240597\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":853,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"800c5f00b164259510fdaffcd34352ab","sha1":"e559f6a65fb742bc19a826a730e092ae6bf3b523","sha256":"3c808e1a07eaee4cb80e1803ff795eedebbe2dc0465570bd1c111c73f5bef507","sha512":"7f76cfa1d2089d45cf8e8d0a9d620d1486c622033a617939a105f91b218769b613d3679804f46323a46409560a81d127675ca23454deb160a50c1874e4a32611","ssdeep":"","tlshash":"08016396990510cab468bc28184a8020fd854bc22eb724e9fc202916dd2f8615efd20b","first_seen":"2026-03-05T01:05:16.322573Z","last_seen":"2026-04-10T14:53:33.025702Z","times_seen":6,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:10.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galaerisimlinki.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7824\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:49:28 GMT\r\nexpires: Sun, 04 Apr 2027 01:49:28 GMT\r\ncache-control: public, max-age=31536000\r\nage: 565422\r\nlast-modified: Mon, 15 Sep 2025 16:34:56 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7824,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7824, version 1.0","md5":"af4d371a10271dafeb343f1eace762bc","sha1":"6d11d743bc3cfb169d70bc86450f18351dc1a905","sha256":"60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2","sha512":"98e1d4804a31f0ec40307bb02d7af0e25e1a01f2d0f69676cd55f97f64a8d50ecfd5be05525956c4a80bf0d98810badbb08acb2927cd78963bcdde9f96e25ba1","ssdeep":"192:SvrCMV0T6yUN1NfKPtAqGFNL2kshO5YwMg9eSnUK:SvV0T6pNzSPtCrhsCYwMqeSnUK","tlshash":"44f1ae6ff6ea226ff944537dbc50108431224f92b94f11b61d2b126a77e87c8620b2a9","first_seen":"2023-04-06T18:33:44Z","last_seen":"2026-04-10T18:55:09.912041Z","times_seen":21784,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":89,"dns":6,"connect":9,"send":0,"wait":10,"receive":1,"ssl":63},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0I5nvwUgHU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:10.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0I5nvwUgHU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galaerisimlinki.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 84924\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 581387\r\nlast-modified: Tue, 09 Sep 2025 18:33:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":84924,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 84924, version 1.0","md5":"f5b588b5cfef2173838149769c8a0269","sha1":"5312086a01f8e8299094ddee5819b9727a19cae2","sha256":"b8811a6cd6f7e0707dfc9e9e6f1daf5f6f450b51e887e163945a9ade91c2720f","sha512":"05d5271c633bbe102775c0b6df9c5e110dae3a2517061714bb5c26ec66a00f8e1b62961135ec96962e7ccaf3942d8e32bd86f42558cbac8ee16ff6c333117886","ssdeep":"1536:PABWz4rSN/GzH27xN5UR1OnX+uyRsd1osLZBi/JGyQI01xDj+C:PAG4rCGa7L5UR1OnX+fGd/VB03QI+xP","tlshash":"378302b4ae71b3968f1c7fe46396273c2a7bdf41053950aeae44e16787f00dba148784","first_seen":"2025-05-29T19:39:57.235915Z","last_seen":"2026-04-10T18:10:15.434508Z","times_seen":7645,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":72,"dns":1,"connect":22,"send":0,"wait":21,"receive":6,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:10.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galaerisimlinki.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 5524\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:50:36 GMT\r\nexpires: Sun, 04 Apr 2027 01:50:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 565354\r\nlast-modified: Mon, 15 Sep 2025 16:35:47 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5524,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 5524, version 1.0","md5":"a575b6d9df987563f85571f442cfe795","sha1":"cdc90db0ec64148e8572354a9ca9ed4a698c9da3","sha256":"bb1f2d582e7fba586ab70c91ef062d3becaf78b887654953863521b73665d171","sha512":"1d28899af97e4edd330f9440c7b2fade6dce9a1987e33789791e5d8ad1e5b5c5770901ac0eaacd513e0916336dd301abc0334a896f2cd205072f17fd846e7763","ssdeep":"96:NfDNeo9yqB+kbL0GlV/YfsRWvPC2vJT/7xtFHD1yPe0OQowlxVDWP:NfDNeop+k/fj/CiW3XnFj1HWLVDC","tlshash":"81b18ff32af2e39b5b0b4532f892f72b4dbd01253410a3b9d861fe89d92c511a4e11c6","first_seen":"2024-12-05T00:19:49.496381Z","last_seen":"2026-04-10T14:53:33.027167Z","times_seen":5335,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":56,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tr.galaerisimlinki.com/logo.png","fqdn":"tr.galaerisimlinki.com","domain":"galaerisimlinki.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:10.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galaerisimlinki.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 09:49:35 GMT","end":"Wed, 08 Jul 2026 09:49:34 GMT"},"fingerprint":{"sha1":"48:0A:46:35:53:06:24:62:31:BF:D1:A1:56:F2:71:A8:F0:22:3C:E4","sha256":"30:F7:4E:48:84:08:5D:E7:9E:D6:B0:F5:D3:3D:10:FC:87:2C:26:DD:D3:0F:A6:BE:5F:03:79:D6:26:8D:B6:48"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: tr.galaerisimlinki.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galaerisimlinki.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Apr 2026 14:53:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 7412\r\nlast-modified: Thu, 09 Apr 2026 10:50:50 GMT\r\netag: \"1cf4-64f04ca2e3e6d\"\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nage: 4184\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OnBFQxAmG8vlqFSOKzenudvIoGSK13Twhe9azVnryG6SOGEE4NVHwb2PqQmf%2FlpvijsgaereLM%2Bfk%2FFWXX%2BV%2FpTq5Ca7dfsU5fg16qWS2kwPYq0zUT2ipk77AEmpCApGOfDB0Xlik%2FUg\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea2945ccf7756aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7412,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 220 x 73, 8-bit/color RGBA, non-interlaced","md5":"10e934ead32fa6f82e9f3b40dda2f272","sha1":"11faff4d20167aca4eaa38699e5ac4cdb2bc7358","sha256":"9a9ab3efe129c9e3431edaa81c42048a2e335d8e0f5b235613c71547c04eafcf","sha512":"c077792c39f27eb1cc438ea102326517b8d8203f2a4bb7c8a87f113e90146ffb6007d048517342935c0286a4ecadc24b10334e26871a901840750f0800a3b07d","ssdeep":"192:h5IabJbWXtFLsKUehXeiLEwWxgbdPa4/Bdv8ciAHcwsIS75kLuo:h5IaFbcPj8mYkc4/PpiAHc1Po","tlshash":"b5e19e8b057ad5a0b311a153fb0df7139923192eaf2949b40ddbe2984909ff4f08b6c3","first_seen":"2026-04-10T13:43:53.586114Z","last_seen":"2026-04-10T14:53:33.025003Z","times_seen":3,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-10","alert":"Phishing Block","trigger":"tr.galaerisimlinki.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tr.galaerisimlinki.com/","fqdn":"tr.galaerisimlinki.com","domain":"galaerisimlinki.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-10T14:53:09.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galaerisimlinki.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 09:49:35 GMT","end":"Wed, 08 Jul 2026 09:49:34 GMT"},"fingerprint":{"sha1":"48:0A:46:35:53:06:24:62:31:BF:D1:A1:56:F2:71:A8:F0:22:3C:E4","sha256":"30:F7:4E:48:84:08:5D:E7:9E:D6:B0:F5:D3:3D:10:FC:87:2C:26:DD:D3:0F:A6:BE:5F:03:79:D6:26:8D:B6:48"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tr.galaerisimlinki.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 14:53:09 GMT\r\ncontent-type: text/html\r\nlast-modified: Thu, 09 Apr 2026 11:19:56 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AQY9YywI2FXQVvYoGSqxMDrP1sWcBQagrPZaKYhBmtackvHAdPktdcZXs%2FKgu7Aj8u%2B1ACDEp7CwUk9GRiB701pwVh5rlkZs1ldy5YCQWmttlliBEi%2FD6fOxSrlX2JAuaI7klyNOrLyG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ea2945768a0783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29752,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (351)","md5":"4f5c9a061c7ad132860856e9dccc62ae","sha1":"61aeb05cabda25f0abee10608447c4b11e740e97","sha256":"c9f9624e956a1e416bcd2b549bb6b44bf36a82210a5677514f37bc1e0803565e","sha512":"2e0eb6da127413aecf422a5312bebc5e9073608896bf0bb06d731699ae678e5214abf95efbbd4d41b771e82e4cae3ac57aef7c1b7e47817545daeca70121b5a7","ssdeep":"192:3MZM1MmxDtVCRRSOj1PkPkhsn9gfoDKwcq3rPOFeKi4OmHZM3L3XFs4MOkevC3W6:8GiyPmKRede148TviKo0q4pzZ5Pu","tlshash":"62d2e85f5af3152a6a1366ec97f76b196a24d003c905ed297f8c424c4fc45eacab370c","first_seen":"2026-04-10T13:43:53.555231Z","last_seen":"2026-04-10T14:53:33.027643Z","times_seen":3,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":38,"dns":22,"connect":1,"send":0,"wait":122,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-10","alert":"Phishing Block","trigger":"tr.galaerisimlinki.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@300;400;600;700;800\u0026family=Inter:wght@300;400;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:09.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=Poppins:wght@300;400;600;700;800\u0026family=Inter:wght@300;400;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galaerisimlinki.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 10 Apr 2026 14:53:10 GMT\r\ndate: Fri, 10 Apr 2026 14:53:10 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13574,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"2438489a1108011f82db5b645ce2deb2","sha1":"b7f438c39e8ef81c9ad0ffe6df57e111f71b5bba","sha256":"a7eb6cba7ac2bafa149d17ebdd1198abae0a580294858c60bfd033bdca0b3653","sha512":"3d0296c312b23a4f957a975463ab45b0153be8d8ad42c1a529a8e3d973a476b54ceed556ab17e5735dc1b238c63f61e9b2d6452e488add30f2ec1dc345e0df70","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDNNryfO3iExlyhHdPgKQFVwa3RzJ/apsn:8KYXJpv","tlshash":"ed52ded2042be500ab871cc223cf7e3aae8e5185a445d5796ffd0cc8acebc66436576d","first_seen":"2026-04-10T13:43:53.6282Z","last_seen":"2026-04-10T14:53:33.028387Z","times_seen":3,"resource_available":false,"data":null}},"time_used":494,"timings":{"blocked":231,"dns":1,"connect":7,"send":0,"wait":23,"receive":0,"ssl":229},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t3.ftcdn.net/jpg/07/73/47/64/360_F_773476423_eozVyZ36q88k8BDju0sdKshqcG19DnZh.jpg","fqdn":"t3.ftcdn.net","domain":"ftcdn.net","tld":"net"},"ip":{"addr":"151.101.129.91","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:09.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ftcdn.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 01 Mar 2026 11:03:25 GMT","end":"Sat, 30 May 2026 11:03:24 GMT"},"fingerprint":{"sha1":"63:3E:3D:CA:2D:68:F6:31:F2:0D:36:7C:03:63:78:91:8B:AD:47:DE","sha256":"A0:5B:E1:5A:4C:70:BA:28:89:D4:78:FF:7F:F4:F6:F4:AC:0E:41:45:59:F3:71:8C:E9:5A:47:C9:50:F3:63:A5"}}},"request":{"raw":"GET /jpg/07/73/47/64/360_F_773476423_eozVyZ36q88k8BDju0sdKshqcG19DnZh.jpg HTTP/1.1\r\nHost: t3.ftcdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galaerisimlinki.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 01 Apr 2024 21:01:20 GMT\r\netag: \"8c7f587a21a9b4d9b01255e75cf3da0d\"\r\nx-amz-server-side-encryption: AES256\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000\r\ncontent-type: image/jpeg\r\naccept-ranges: bytes\r\nage: 4934689\r\ndate: Fri, 10 Apr 2026 14:53:10 GMT\r\nx-served-by: cache-lhr-egll1980064-LHR, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 353, 0\r\nstrict-transport-security: max-age=31536000\r\ncontent-length: 112609\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":112609,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 960x360, components 3","md5":"8c7f587a21a9b4d9b01255e75cf3da0d","sha1":"2102e95105b5185be4a42ac737007482ea6d1ac1","sha256":"12e647f800b64aba63b1f3b1d9a26794e8e7e1b172521df31c75b959bb55d1d4","sha512":"9e8753cf0817123f2ef5d13431023e98661ccee672e894257b30a3f657eba6d94bedeab7966e12a5bf38126b2560003f2ee9ddc3db2c13f6762fa837f4f88e1d","ssdeep":"1536:SDjn7v9xKNe+Kw5V2YiYPHEKptc2gJOXFtqbeRiX7hxcbBHVPyKrUo+Fbj1Sgpi+:SH7/KNiYiYPHF2OtImJVPy/9i8nGGt","tlshash":"10b3027efa167f9b82eeccfce503664b42442444a0f9cd67f29c88b527637124603a67","first_seen":"2026-01-18T10:55:10.062163Z","last_seen":"2026-04-10T14:53:33.029048Z","times_seen":22,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":68,"dns":14,"connect":14,"send":0,"wait":14,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/color/32/bank-building.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:09.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /color/32/bank-building.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galaerisimlinki.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 14:53:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 706\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: 77049\r\nicon-size: 32\r\nicon-format: png\r\nlast-modified: Tue, 07 Apr 2026 09:21:45\r\nversion: 0.0.29\r\nfrom-mongo-cache: true\r\nfrom-redis-cache: false\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k6SS3xxdIp4JUzBPryeR+nbDE3fXuQRwMpcLuCCGmjUyuBSz/pyudZ/7RfEITItaxw\r\nx-77-nzt-ray: fdb54123011a8201d60ed96927595a00\r\nx-77-cache: HIT\r\nx-77-age: 29925\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":706,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"4527b802f7b621feff3ffa5bf7f9b16e","sha1":"deef7e5e2a003cdd070d79e9dd8294d26b3fcc1c","sha256":"08a719bc78f7d469ae41f27525de8c1338d9c22d013346f7e3b3bab234fa7ca9","sha512":"631d228ea494fd843419162f11294f589b669dce1795c4ac34bc749d30b5913b0aace77f674b448ac4d211eb71ca9390068141a6d22a7bdc9a52a8493d0ff5ad","ssdeep":"","tlshash":"ea01949fcbc8074a9b52e9025f800ac0399b5c89244e82e8e244dddd1ab0a0c537770e","first_seen":"2026-04-10T13:43:53.570728Z","last_seen":"2026-04-10T14:53:33.029715Z","times_seen":3,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":62,"dns":14,"connect":7,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLDD4Z1JlFc-K.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:10.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLDD4Z1JlFc-K.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galaerisimlinki.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 5492\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 00:59:33 GMT\r\nexpires: Sun, 04 Apr 2027 00:59:33 GMT\r\ncache-control: public, max-age=31536000\r\nage: 568417\r\nlast-modified: Mon, 15 Sep 2025 16:35:00 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5492,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 5492, version 1.0","md5":"6b2835047d683902c68c1faef3a5e94d","sha1":"fa6536a6781eba521550fb578f76adcb7c6a93f1","sha256":"a72eccfa6cfa9c26b4004e98dbf8592ea0fb3704b2fc749e8bd60a996e2e5a7c","sha512":"a0fbc08b69f028c859a994c902d95160ef53b9c9bd31fc23cd368c7c1ef75725eff72ca801783da51f5354e06b0971d311925d477928e0f900fa4dedc1f97896","ssdeep":"96:ChhY3GXIbIMzbGBQss6sHL6jqj+eOIvelcbhC77IEmsZiJKuGoWhEIiasepCUHt7:cK2YbIMzbGKss6iL6jqqF/c6AJKuGo83","tlshash":"0bb19e0f62441db4c4dcdebce79e0e99ca4e11be5b90db520514e949346bde3f5d0390","first_seen":"2024-12-12T13:26:18.309078Z","last_seen":"2026-04-10T14:53:33.030412Z","times_seen":671,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":243,"dns":0,"connect":22,"send":0,"wait":13,"receive":0,"ssl":229},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:10.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galaerisimlinki.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 08:25:52 GMT\r\nexpires: Fri, 09 Apr 2027 08:25:52 GMT\r\ncache-control: public, max-age=31536000\r\nage: 109638\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-10T18:54:17.879124Z","times_seen":139331,"resource_available":false,"data":null}},"time_used":482,"timings":{"blocked":231,"dns":0,"connect":23,"send":0,"wait":8,"receive":3,"ssl":214},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:10.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galaerisimlinki.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7816\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 02:12:26 GMT\r\nexpires: Sun, 04 Apr 2027 02:12:26 GMT\r\ncache-control: public, max-age=31536000\r\nage: 564044\r\nlast-modified: Mon, 15 Sep 2025 16:35:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7816,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7816, version 1.0","md5":"25b0e113ca7cce3770d542736db26368","sha1":"cb726212d5d525021752a1d8470a0fb593e0c49e","sha256":"9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526","sha512":"a0d331e62ab4727f49ca286a1ee7fb81cddc5bb9edf71ef84f4bd4fa1552069af1a82752011ba88fae80862d034135926b7e99d70e59d626d66d4ede90e94c30","ssdeep":"192:Agw5ksLwlyK8F2BXU96Fc575OI3+ga534SlEFwTG4ovej9be:Al5y8FSUMS5VOq1KISlvS4ov+4","tlshash":"a3f1af19d5de5a73f80032b45b6911ba7e42fa83bc68bbedf8046a10ad542cb467cc91","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-04-10T18:55:09.928827Z","times_seen":208146,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":61,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:10.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galaerisimlinki.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8000\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 02:00:41 GMT\r\nexpires: Sun, 04 Apr 2027 02:00:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 564749\r\nlast-modified: Mon, 15 Sep 2025 16:33:57 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8000,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8000, version 1.0","md5":"72993dddf88a63e8f226656f7de88e57","sha1":"179f97ec0275f09603a8db94d4380eb584d81cd5","sha256":"f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149","sha512":"7c20165f9d22a86341e841fd58526209017dcde2afe2d0d2a89fe853d95dc69f658d25cf798c71f452dab09843fc808c1ae87a60b1284134163abf5a1d93e50a","ssdeep":"192:GDonmfrEdXT8WrxzRXwyQo3zGEOM7Y2hOMgWnsfYSjv4ENFGwrlKJ:8onPxTzjgyQSzLPXOTIYHJAJ","tlshash":"08f1b0ffa92456c4df692475a5044f27623652b4dd35cb2f496f3e12d2d74224bcc4c1","first_seen":"2023-04-05T18:53:14Z","last_seen":"2026-04-10T18:55:09.913795Z","times_seen":207359,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":11,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/color/32/bitcoin--v1.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:09.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /color/32/bitcoin--v1.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galaerisimlinki.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 14:53:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 701\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: 63192\r\nicon-size: 32\r\nicon-format: png\r\nlast-modified: Mon, 15 Sep 2025 13:08:21\r\nversion: 0.0.29\r\nfrom-mongo-cache: false\r\nfrom-redis-cache: false\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k4cu826vnTygeA+Ok4nxqr2ywH+mW5yQC5SNJLgqE9VBn1p/QeEC+L2HH/eyVGoe7Q\r\nx-77-nzt-ray: fdb54123011a8201d60ed969ab3b5e00\r\nx-77-cache: HIT\r\nx-77-age: 6601\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":701,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"19d73c5af7b836788df51664816a8591","sha1":"455a8d817b5133ee8b36ea065e195946974ea292","sha256":"19e747c5ff6df2be4f8b65f4e693a9b361054d8732a346663334d0c44413ed5f","sha512":"c44c3bb7d84b4ddae7405efb108de4ecdb1406503d6f8751571ee1157040fcc776550071dc2ebe72c13198167754054848856dd2ea54b0c17ee60446bc11042c","ssdeep":"","tlshash":"270144cfc7d450d2d89255a3455a1bb131730b0f139e640922ad669dfc36b94758735c","first_seen":"2026-04-10T13:43:53.558426Z","last_seen":"2026-04-10T14:53:33.03268Z","times_seen":3,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":58,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"img.icons8.com/color/32/tether.png","fqdn":"img.icons8.com","domain":"icons8.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:09.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1004834818.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 10:28:54 GMT","end":"Mon, 15 Jun 2026 10:28:53 GMT"},"fingerprint":{"sha1":"FB:64:A2:47:3E:78:7C:2B:08:A4:67:CE:63:64:D8:05:DB:13:E1:97","sha256":"C1:67:9B:EC:6A:3F:76:AE:75:5D:0E:0F:46:34:13:71:3C:89:7C:17:5F:88:7D:0A:92:61:16:3F:C9:67:77:54"}}},"request":{"raw":"GET /color/32/tether.png HTTP/1.1\r\nHost: img.icons8.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galaerisimlinki.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Apr 2026 14:53:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 779\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: icon-id, icon-size, icon-format\r\nicon-id: U8V97McJaXmr\r\nicon-size: 32\r\nicon-format: png\r\nlast-modified: Wed, 08 Apr 2026 17:55:19\r\nversion: 0.0.29\r\nfrom-mongo-cache: true\r\nfrom-redis-cache: false\r\nnot-found-platform: false\r\ncache-control: public, max-age=302400\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-77-nzt: k/YzRBO3joM9j8B6gknPvBV6VQjLveu1tdF6vcTypiW/PP/M4F1jfXpRo65mXvrBXQ\r\nx-77-nzt-ray: fdb54123011a8201d60ed969e6966300\r\nx-77-cache: HIT\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nx-77-age: 154178\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":779,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"56cdfe908dbb2dad405b748fbd2e42a2","sha1":"044bdadb6ca6e273c0dd149ded1a0731d8391b2c","sha256":"f4f4b078b645757e98f33b517e432e8e0fc8cf5f223fce75fa9d01e5ff834617","sha512":"9a326fa792bc871feb1ccaa468a06be39bae61dd4f6f07c42a447574073e4dbe05a5cb0bec6e88b128d30e1b379d020edb1853ad7082142470b2cea0d9c525e4","ssdeep":"","tlshash":"a501c545b078006eea214d380f0be205a8828edc1372b82c42d44a24797a844f08cbc7","first_seen":"2026-03-05T01:05:16.325732Z","last_seen":"2026-04-10T14:53:33.033351Z","times_seen":6,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:10.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galaerisimlinki.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 08:25:52 GMT\r\nexpires: Fri, 09 Apr 2027 08:25:52 GMT\r\ncache-control: public, max-age=31536000\r\nage: 109638\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-10T18:54:17.879124Z","times_seen":139331,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":78,"dns":6,"connect":8,"send":0,"wait":16,"receive":7,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0I5nvwUgHU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:10.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7W0I5nvwUgHU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://tr.galaerisimlinki.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 84924\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 21:23:23 GMT\r\nexpires: Sat, 03 Apr 2027 21:23:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 581387\r\nlast-modified: Tue, 09 Sep 2025 18:33:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":84924,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 84924, version 1.0","md5":"f5b588b5cfef2173838149769c8a0269","sha1":"5312086a01f8e8299094ddee5819b9727a19cae2","sha256":"b8811a6cd6f7e0707dfc9e9e6f1daf5f6f450b51e887e163945a9ade91c2720f","sha512":"05d5271c633bbe102775c0b6df9c5e110dae3a2517061714bb5c26ec66a00f8e1b62961135ec96962e7ccaf3942d8e32bd86f42558cbac8ee16ff6c333117886","ssdeep":"1536:PABWz4rSN/GzH27xN5UR1OnX+uyRsd1osLZBi/JGyQI01xDj+C:PAG4rCGa7L5UR1OnX+fGd/VB03QI+xP","tlshash":"378302b4ae71b3968f1c7fe46396273c2a7bdf41053950aeae44e16787f00dba148784","first_seen":"2025-05-29T19:39:57.235915Z","last_seen":"2026-04-10T18:10:15.434508Z","times_seen":7645,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":233,"dns":0,"connect":24,"send":0,"wait":10,"receive":3,"ssl":218},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tr.galaerisimlinki.com/favicon.png","fqdn":"tr.galaerisimlinki.com","domain":"galaerisimlinki.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tr.galaerisimlinki.com/","date":"2026-04-10T14:53:10.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"galaerisimlinki.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 09 Apr 2026 09:49:35 GMT","end":"Wed, 08 Jul 2026 09:49:34 GMT"},"fingerprint":{"sha1":"48:0A:46:35:53:06:24:62:31:BF:D1:A1:56:F2:71:A8:F0:22:3C:E4","sha256":"30:F7:4E:48:84:08:5D:E7:9E:D6:B0:F5:D3:3D:10:FC:87:2C:26:DD:D3:0F:A6:BE:5F:03:79:D6:26:8D:B6:48"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: tr.galaerisimlinki.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tr.galaerisimlinki.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 10 Apr 2026 14:53:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 5737\r\nlast-modified: Thu, 09 Apr 2026 10:50:50 GMT\r\netag: \"1669-64f04ca29d954\"\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nage: 4184\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UhLlnZ4k65ZG688dn18gWbaHX9KeGGngPybzuBUPQNQ77vQed3xI%2Bapp2CD4GFB7hBZe4p%2FFKMSxMjPXmp1yS8pwje2W6u5G8qaa0UqhsMhOV8Ig%2BhU138Q2G6ovEXvvQrJrM4CQGFTv\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ea2945ccf7956aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5737,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"ba066f7e4feee84167ffea2e4a06221e","sha1":"4210b22ffc8abdeb3bee77d1dd4695f967f3b438","sha256":"924c24682d25dec54e782f73cfd0973077b8a3d54785b8a9a83d8d021eaf880b","sha512":"30076dd2643279298af552637fc03217507b5aaad678d6cae60e19aadb58d2da1350d40888e52ce102ef188bf0852c695b0c1cb341963506c6a2578020775088","ssdeep":"96:OQnHtE/zCloKOPIpyKDza5UYNx8WxQZdOsnsvAP5uJTikNII6q+xocQj:OytmClyIpzMUYl2TOsnsvMGiyII61Kck","tlshash":"10c18e36337a79a94804cd64b8b192d9865b377cc4c9ce21b585697d6c92ccf020b6ce","first_seen":"2026-04-10T13:43:53.600191Z","last_seen":"2026-04-10T14:53:33.034044Z","times_seen":3,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-10","alert":"Sinkholed","trigger":"tr.galaerisimlinki.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-10","alert":"Phishing Block","trigger":"tr.galaerisimlinki.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}