{"report_id":"dcb89afd-c594-491a-911a-47fbbd4baaa6","version":6,"status":"done","tags":[],"date":"2026-05-04T08:59:35Z","url":{"schema":"http","addr":"gemini.bgpr.eu.org","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":0,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"final":{"url":{"schema":"https","addr":"gemini.bgpr.eu.org/","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"title":"验证页面 - Gemini Balance","dom":{"size":42237,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (11547)","md5":"3a87aad0fb3e35f583a9029933f83013","sha1":"5370813ec21ca199f2e92612ce22dff365ccfc02","sha256":"1475da806a8b66fc0bdf94a7b9488dd410e98acd2a8818c343ffc52e0a3d67f2","sha512":"567dcfaba78085e67ac6650dac983f272af53cd647e1bacd2a5b053624dfc9bfbba3c024b60f71bd6728f2e1d3a1264ccf5eb673b1d7a6093dedf656ace86b5a","ssdeep":"384:C9EGveTac5Ysx2zgm/sVRgcgLnu9sx2zBUxxm/9hLRSvH/zzR9mze7XJGsgPm5Ye:C9EGJcPhsR9aeNh58mwlnW","tlshash":"bd13b819daf701232d8394faa7d769243b3ec1c7da22ede9be8dd1900fc986545532e0","dom_hash":"domhash60e1168f3be80451bb05310d886eced0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gemini.bgpr.eu.org","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":0,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-08T08:59:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-04","alert":"Phishing Block","trigger":"gemini.bgpr.eu.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gemini.bgpr.eu.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"linux.do","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"gemini.bgpr.eu.org","ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-04T03:01:09.121376Z","last_seen":"2026-05-04T03:01:09.121376Z","alert_count":12,"request_count":6,"received_data":519674,"sent_data":2749,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"linux.do","ip":{"addr":"104.20.16.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-05-27","domain_rank":56143,"first_seen":"2017-05-07T08:09:35Z","last_seen":"2026-04-27T14:57:10.081032Z","alert_count":1,"request_count":1,"received_data":20594,"sent_data":465,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.ldstatic.com","ip":{"addr":"172.67.70.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-21","domain_rank":0,"first_seen":"2025-04-23T16:15:51.710682Z","last_seen":"2026-05-04T03:01:09.646042Z","alert_count":0,"request_count":1,"received_data":21096,"sent_data":473,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-05-03T22:34:13.116124Z","alert_count":0,"request_count":3,"received_data":363214,"sent_data":1581,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-03T22:17:40.953609Z","alert_count":0,"request_count":3,"received_data":147273,"sent_data":1644,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gemini.bgpr.eu.org/static/js/tailwindcss.js?v=7a614b9a","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-05-06T17:34:12.474351Z","times_seen":34932,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini.bgpr.eu.org/","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"cbfed33e2fb70b5d31d90a0848c9a06d","sha1":"28022424116f5ae27887b0f750a8491d8c97e8eb","sha256":"d8e981ca65116d6708ff8778a89f5bc7e929ae2855094541f21706244768d7c4","sha512":"84057492af438f52c28fa4aa61b3bf5072ca5f60e75a41123ff3a1ea90e81e80d6cc8772bc3bd45ebf2ae020ce7b51d3651e267d254a11fc80c63ccdf5ca2ac7","ssdeep":"","tlshash":"83418938a9b0580b1147712697fb4a10656952df9c3ebcbe334e15ca0f0c15e12fc79e","size":2250,"data":"","first_seen":"2025-10-11T03:44:02.5789Z","last_seen":"2026-05-06T17:55:36.205986Z","times_seen":432,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini.bgpr.eu.org/","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"1c336e782bab52f873e39085964074e0","sha1":"0d6ac6fa0691663cd183c8ab9513a276fc7aa122","sha256":"0adfe88c355c9c3b1964114a434f9761bfd27338c187e368be94910d8c185570","sha512":"c44a585f492414b3b9e5d48621cbe3007b71f627c9112b9a407dc59d83d2b1a0148566dd687ac7c499f5ff62ead67dda8cf276f0ca2e02ef3ea10572b9a8a8d3","ssdeep":"48:ANYEtfxOAxCatefZGnQ3IPycAK71H1ZV0fMUyuuVTs4PXm/rqo5bP:HcqivTPycAK1H1ZKfMpDTsw2qKbP","tlshash":"fc91e09ea5f314b32be3a1ba1b9722543772510b9842d8003bdec3405f44a29bb976c5","size":4253,"data":"","first_seen":"2025-09-29T03:53:19.649817Z","last_seen":"2026-05-06T17:55:36.208946Z","times_seen":588,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini.bgpr.eu.org/","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"a63fc6e4ccd294beb5bae9c0f181068c","sha1":"c7777e7e1b01a6659441a98eeed6377999abd902","sha256":"95a3c4209ceefdbe0a13b1f38cb1d5c332da897609fd1a4de9f2375d2aeb5b38","sha512":"3bd976dfd289fd8246436a2b1913302decf40c81ab8fdd5094acdd3dbbac39a84a2990ffb46fff987dbe9659d9bfd5d61d7dd6c97b580553f19e18249f485d9a","ssdeep":"","tlshash":"7121ddaa21f243b00b7335bad38b47d1723290837444c5093e9ddb8c1f9c9b45672aee","size":1324,"data":"","first_seen":"2025-09-29T03:53:19.652085Z","last_seen":"2026-05-06T17:55:36.209748Z","times_seen":605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"gemini.bgpr.eu.org/static/css/fonts.css?v=643bca0e","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:14.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini.bgpr.eu.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 12:32:40 GMT","end":"Thu, 23 Jul 2026 12:32:39 GMT"},"fingerprint":{"sha1":"7E:31:7F:B8:8E:36:BC:7A:F3:B9:54:EE:F8:2F:1E:EE:3D:FB:1A:42","sha256":"F5:4D:2E:3B:74:4C:81:43:30:F0:EF:AA:5B:6F:5F:BA:E3:1C:A9:7A:CE:C8:9A:A6:FF:B6:FE:C0:0B:D8:A7:CD"}}},"request":{"raw":"GET /static/css/fonts.css?v=643bca0e HTTP/1.1\r\nHost: gemini.bgpr.eu.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gemini.bgpr.eu.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 04 May 2026 08:59:14 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 676\r\nx-id-fe: sto5-hw-edge-gc21\r\nx-shard: sto5-shard0-default\r\ncontent-encoding: br\r\netag: \"8f62810eaa40148095f4745e61ba6e5c\"\r\nlast-modified: Tue, 23 Sep 2025 14:10:58 GMT\r\nrndr-id: 09a5683f-3dd2-48fd\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9f664ee61d0880fa-ARN\r\nx-id: sto5-hw-edge-gc21\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\ncache: MISS\r\naccept-ranges: bytes\r\ntraceparent: 00-4b3752bc7d8f45e8e2bbdca0e8581627-09b76cf17b441137-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12355,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"643bca0e9953f0da782fc5a26139f444","sha1":"1de0c1a7696f628b19829786c1c340783de28b1f","sha256":"b28d071b1f42ef7c36f37060a8b888e02812f8c73158617291200343089e7e5d","sha512":"41643f6f8e7efe7dfda184756f06c84b5c09301c0e9910857e535644694efe5a53f0ca62a8a1e23ed4716a2b32b5b07d968c728d8d698792e71a630016d41973","ssdeep":"192:wpAd4q3lXtimpNQlq34+tDFpO3Gq3/9t8cpraDq3i0tljpEJ8q3RbtGi:4S7nZsv5puz","tlshash":"f342bc92402b9500ab871cc223cf7f266ece10896485d1bd6ffd1cd69cead76436874d","first_seen":"2025-06-02T10:47:00.973673Z","last_seen":"2026-05-06T17:55:36.199758Z","times_seen":664,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-04","alert":"Phishing Block","trigger":"gemini.bgpr.eu.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gemini.bgpr.eu.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini.bgpr.eu.org/static/js/tailwindcss.js?v=7a614b9a","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:14.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini.bgpr.eu.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 12:32:40 GMT","end":"Thu, 23 Jul 2026 12:32:39 GMT"},"fingerprint":{"sha1":"7E:31:7F:B8:8E:36:BC:7A:F3:B9:54:EE:F8:2F:1E:EE:3D:FB:1A:42","sha256":"F5:4D:2E:3B:74:4C:81:43:30:F0:EF:AA:5B:6F:5F:BA:E3:1C:A9:7A:CE:C8:9A:A6:FF:B6:FE:C0:0B:D8:A7:CD"}}},"request":{"raw":"GET /static/js/tailwindcss.js?v=7a614b9a HTTP/1.1\r\nHost: gemini.bgpr.eu.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gemini.bgpr.eu.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 04 May 2026 08:59:14 GMT\r\ncontent-type: application/javascript\r\nx-id-fe: sto5-hw-edge-gc21\r\nx-shard: sto5-shard0-default\r\ncontent-encoding: br\r\netag: \"a8e6437122937bdb9e6fd42bc76a8052\"\r\nlast-modified: Tue, 23 Sep 2025 14:10:58 GMT\r\nrndr-id: 41eb8597-91a7-4134\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9f664ee638b50a23-ARN\r\nx-id: sto5-hw-edge-gc22\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\ncache: MISS\r\ntraceparent: 00-c61e18656215640d52d29eabb26cffe1-4f154a5bbcc63805-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-05-06T17:34:12.474351Z","times_seen":34932,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gemini.bgpr.eu.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-04","alert":"Phishing Block","trigger":"gemini.bgpr.eu.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini.bgpr.eu.org/","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-04T08:59:13.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini.bgpr.eu.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 12:32:40 GMT","end":"Thu, 23 Jul 2026 12:32:39 GMT"},"fingerprint":{"sha1":"7E:31:7F:B8:8E:36:BC:7A:F3:B9:54:EE:F8:2F:1E:EE:3D:FB:1A:42","sha256":"F5:4D:2E:3B:74:4C:81:43:30:F0:EF:AA:5B:6F:5F:BA:E3:1C:A9:7A:CE:C8:9A:A6:FF:B6:FE:C0:0B:D8:A7:CD"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gemini.bgpr.eu.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 04 May 2026 08:59:13 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-id-fe: sto5-hw-edge-gc21\r\nx-shard: sto5-shard0-default\r\ncontent-encoding: br\r\nrndr-id: 9ca8a93a-6b04-4e79\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9f664ee31c1b3799-ARN\r\nx-id: sto5-hw-edge-gc20\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\ncache: MISS\r\ntraceparent: 00-a4071d8a3f9133c306f116205e1808b5-47bfd978d4cb5121-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31114,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"ba29013d4abed394a30c6088b6a08c71","sha1":"d39fa72f64d01ebcda49f2a37325aece48504f60","sha256":"d8588a173e4e47453855d527c1e9de57deefdfa08e39bd9e5f6fd23109924707","sha512":"221c0506e246d3a573a971a563357845335f68aba44a25a0dc34c03cad43bf8faaa581b3dce3ca3248a9ef79df2b8c5e38b57c88cf781c940df2c84426d9010f","ssdeep":"384:t9wGveTac5Ysx2zgm/sVRgcgLnu9sx2zBUxxm//69GA78PGm27gltmwSgnn0:t9wGJckobmwln0","tlshash":"f0d2845ac9f7065211c3a47a67e769203f7ec287c612ecedbe9ce2e40f8886955131f1","first_seen":"2025-10-16T03:51:03.613634Z","last_seen":"2026-05-05T14:47:08.025212Z","times_seen":422,"resource_available":true,"data":null}},"time_used":493,"timings":{"blocked":125,"dns":91,"connect":9,"send":0,"wait":243,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-04","alert":"Phishing Block","trigger":"gemini.bgpr.eu.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gemini.bgpr.eu.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"linux.do/user_avatar/linux.do/snaily/288/306510_2.gif","fqdn":"linux.do","domain":"linux.do","tld":"do"},"ip":{"addr":"104.20.16.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:14.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"linux.do","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 04:38:43 GMT","end":"Sun, 07 Jun 2026 05:38:42 GMT"},"fingerprint":{"sha1":"AC:60:DF:94:B0:7B:6E:07:F0:12:60:49:CB:90:11:A1:54:45:F0:C0","sha256":"AD:ED:8D:E6:AF:07:A4:C8:6B:86:33:EE:2C:F5:E8:F4:33:DE:3B:D5:20:9A:DB:5E:DF:CC:EB:9F:CE:50:73:93"}}},"request":{"raw":"GET /user_avatar/linux.do/snaily/288/306510_2.gif HTTP/1.1\r\nHost: linux.do\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gemini.bgpr.eu.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Mon, 04 May 2026 08:59:14 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://cdn.ldstatic.com/user_avatar/linux.do/snaily/288/927080_2.png\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-discourse-route: user_avatars/show\r\naccess-control-allow-origin: *\r\ncf-cache-status: BYPASS\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nvary: accept-encoding\r\ncf-ray: 9f664ee6584e569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19951,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T17:45:53.632738Z","times_seen":14749736,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":50,"dns":22,"connect":1,"send":0,"wait":125,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"linux.do","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gemini.bgpr.eu.org/static/icons/logo.png?v=f7e4db74","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:14.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini.bgpr.eu.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 12:32:40 GMT","end":"Thu, 23 Jul 2026 12:32:39 GMT"},"fingerprint":{"sha1":"7E:31:7F:B8:8E:36:BC:7A:F3:B9:54:EE:F8:2F:1E:EE:3D:FB:1A:42","sha256":"F5:4D:2E:3B:74:4C:81:43:30:F0:EF:AA:5B:6F:5F:BA:E3:1C:A9:7A:CE:C8:9A:A6:FF:B6:FE:C0:0B:D8:A7:CD"}}},"request":{"raw":"GET /static/icons/logo.png?v=f7e4db74 HTTP/1.1\r\nHost: gemini.bgpr.eu.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gemini.bgpr.eu.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 04 May 2026 08:59:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 39548\r\nx-id-fe: sto5-hw-edge-gc21\r\nx-shard: sto5-shard0-default\r\netag: \"3ccc852145bdbbddabb385a97b4d58d3\"\r\nlast-modified: Tue, 23 Sep 2025 14:10:58 GMT\r\nrndr-id: 8bebe50c-8282-4b46\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9f664ee61cdceff0-ARN\r\nx-id: sto5-hw-edge-gc20\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\ncache: MISS\r\naccept-ranges: bytes\r\ntraceparent: 00-c4da35befabb52cf8c5411fb7dd99123-089b68bb590a1b36-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":39548,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1031 x 1031, 8-bit/color RGBA, non-interlaced","md5":"f7e4db74e1fbcde1cb97f132e937173d","sha1":"d82f55c38f677514446817e09ea54d8a7bd25e41","sha256":"7076f5a55ecd6bc9db38489549701d9e5e962e3658601d220ec39fa01e7b57df","sha512":"81956279e2fbaf829cffa7d245b2c75dc69fd2c8dcfc36dc73b4d668762b673e455213545fff13eb7d78d07ebd21503f44facc04c9b88df4912288b7f92ef193","ssdeep":"768:t1iDhiwBzrAFnOZZJM+sWpWaD8U3zZBX0gx3iqX/VD/caABEadLeW:t4hiwBzSOZY+d8e39tr33VDvAiaJ","tlshash":"c103d1a9f1c30ec8e56871b35b45bf1263d0dae8d045ea31bea87e68e4f983448511fd","first_seen":"2025-08-04T04:29:50.495862Z","last_seen":"2026-05-06T17:55:36.203744Z","times_seen":607,"resource_available":false,"data":null}},"time_used":1032,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":878,"receive":154,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gemini.bgpr.eu.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-04","alert":"Phishing Block","trigger":"gemini.bgpr.eu.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ldstatic.com/user_avatar/linux.do/snaily/288/927080_2.png","fqdn":"cdn.ldstatic.com","domain":"ldstatic.com","tld":"com"},"ip":{"addr":"172.67.70.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:14.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ldstatic.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 06 Apr 2026 02:57:55 GMT","end":"Sun, 05 Jul 2026 02:57:54 GMT"},"fingerprint":{"sha1":"C1:C5:23:5B:41:A1:14:FD:24:8B:CB:1D:83:2F:C2:04:C8:F4:07:AF","sha256":"F2:2D:96:C3:E2:4A:E4:86:A4:47:72:94:C6:6D:1C:5A:83:2D:82:56:F4:A5:40:7A:D7:E7:12:06:D9:20:73:F8"}}},"request":{"raw":"GET /user_avatar/linux.do/snaily/288/927080_2.png HTTP/1.1\r\nHost: cdn.ldstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini.bgpr.eu.org/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 08:59:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 19951\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-discourse-route: user_avatars/show\r\naccess-control-allow-origin: *\r\nlast-modified: Tue, 26 Aug 2025 16:49:36 GMT\r\ncontent-transfer-encoding: binary\r\ncache-control: public, max-age=31556952, immutable\r\ncf-polished: webp_bigger\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\ncf-bgj: imgq:100,h2pri\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=1;i=?0,cf-chb=(262;u=3;i=?0 2627;u=5;i=?0 7143;u=6;i=?0)\r\naccept-ranges: bytes\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tq0K0qlGw4shQDdamCFmQ8f8LGrfSbSgpe8yCWhbLonzpeY2NLkMCTu9UwXNVakOG%2FKlWYQ7QMNV9irT5K4jC5lC5vZSCfKlapzmw39IduhKiJonwmnoAlwUtv%2FwLavH2vY%3D\"}]}\r\nage: 1008450\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: 9f664ee77fa1120a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19951,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 288x288, components 3","md5":"7bc0c581dfe47425d666864c669de63d","sha1":"0c790856eee6c1395b9aaebb2bed1ff73a53e72c","sha256":"169eaef1ae5cac6799c060110662d039de57c482df1fdf6b2908b1502d3ff66f","sha512":"c9c7134c3e3f24880c11c1097d29d45fb2ae49db6a4d6002cb31ed941d5af7649b445f44f3078b54fe6e9744bd085f35d0e4aef031d331ece22efe7a44d88c17","ssdeep":"384:oSZzbH/lHX4te1yWA1omDqQkb1X/RHzXMdJEEfyPlUcN:/zbdXKe49/qZJxXMdLQec","tlshash":"5092d0091343e4cab55a7d77f2fd098281d3cc82ad2e662de1d5019c7293cca98de5eb","first_seen":"2026-02-27T00:01:11.511544Z","last_seen":"2026-05-06T17:55:36.201646Z","times_seen":29,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":44,"dns":24,"connect":2,"send":0,"wait":11,"receive":1,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:15.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gemini.bgpr.eu.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 08:59:15 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 150124\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-24a6c\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1063791\r\nexpires: Sat, 24 Apr 2027 08:59:15 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=83x2B2ioxsfgirrT93sTPEc%2BjMn3qKX%2FjLqrBxWurCq8OvUe2hSlhUaD2fmi40IpWQwGknQ3vUv2EidWQMxHrhOkXTBMEhrKY5KcQwuNzj12d14gXvsx8ymAc8NfJKsICsXv0T50\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: 9f664eeb6bd77130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150124,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 150124, version 772.256","md5":"c64278386c2bbb5e293e11b94ca2f6d1","sha1":"6b99aa650bd12a36caa14e0127435d8f4cd3ba73","sha256":"7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880","sha512":"0ccdc1515510d902c0b4a48b863c48bad86e1f766b1f9c890a64e28d91ee7c6d488241c531fc094d15b29c211da71e092587a987e24ee8e67ef8ea99c284e821","ssdeep":"3072:7sCbk7w0ZXdkN6iMjif3Lr7x7wAtf+D7gDk1feXDLnurWHqrNIuv5n0:7sCbkFZXdC7MaLr9w2mIY1feXXurWyNW","tlshash":"28e3123cf2c6d486735f5aeadb79636894fd0a2e74ecc67d26b982112048f828174d1d","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-05-06T17:10:50.156205Z","times_seen":34516,"resource_available":false,"data":null}},"time_used":57,"timings":{"blocked":23,"dns":1,"connect":0,"send":0,"wait":11,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini.bgpr.eu.org/static/icons/icon-192x192.png?v=fcb87733","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:15.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini.bgpr.eu.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 12:32:40 GMT","end":"Thu, 23 Jul 2026 12:32:39 GMT"},"fingerprint":{"sha1":"7E:31:7F:B8:8E:36:BC:7A:F3:B9:54:EE:F8:2F:1E:EE:3D:FB:1A:42","sha256":"F5:4D:2E:3B:74:4C:81:43:30:F0:EF:AA:5B:6F:5F:BA:E3:1C:A9:7A:CE:C8:9A:A6:FF:B6:FE:C0:0B:D8:A7:CD"}}},"request":{"raw":"GET /static/icons/icon-192x192.png?v=fcb87733 HTTP/1.1\r\nHost: gemini.bgpr.eu.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gemini.bgpr.eu.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 04 May 2026 08:59:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 25749\r\nx-id-fe: sto5-hw-edge-gc21\r\nx-shard: sto5-shard0-default\r\netag: \"7faa494182fc15c3b0119ec93d063038\"\r\nlast-modified: Tue, 23 Sep 2025 14:10:58 GMT\r\nrndr-id: 9c12b125-ad3c-4fe1\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9f664eecfb3b3799-ARN\r\nx-id: sto5-hw-edge-gc20\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\ncache: MISS\r\naccept-ranges: bytes\r\ntraceparent: 00-460e5642ecc2847926d88410539f6db0-05e7d19725d886c3-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25749,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 255 x 255, 8-bit/color RGBA, non-interlaced","md5":"fcb87733d02ddacbe130039cab5bbf97","sha1":"da3f3254d24369527f50484896aaa10763119e0a","sha256":"243700189530fecd724a407a3276beb702953fb470b4a8b3ba5c301540eab1bc","sha512":"a87dedbb360ebaa14fce58ffd6adf17a23483cf15e078c9ead443c9582c3ed95b1ac8428a6a41ed04a063b1bd3cf538c29b4dc8d738ee3d62b21fa2e5fe82b35","ssdeep":"384:wBR1t7mS5wM6WAY6voFKdSLXkBcACwmEvfr7YyABfbohgaRt+quywmzYPMsFTr8c:w3zXaZoFiSR0nfmBjigafoDCYPNFr8c","tlshash":"90c2e10ec8f897b086c63b6d3a758c02c6e44dfd45c6437b5390bcbda78bc002a6ba04","first_seen":"2025-08-04T04:29:50.490847Z","last_seen":"2026-05-06T17:55:36.204548Z","times_seen":606,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":207,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gemini.bgpr.eu.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-04","alert":"Phishing Block","trigger":"gemini.bgpr.eu.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:14.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gemini.bgpr.eu.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 04 May 2026 08:59:14 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1095440\r\nexpires: Sat, 24 Apr 2027 08:59:14 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G1tl6gCgNZBNyO4bEtOyyWeZ58p%2BnpoDb4yyU0rkCVK5jWrTMidj17lGFWst8R8VRoH%2BdwI572LJc%2BWCSxKRyP11yJbxGZMt5yN5Keak3gKJcdsP2K4k1Cggu2TkM%2BQv5YciuEc0\"}]}\r\ncf-ray: 9f664ee618c723eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-05-06T17:10:50.154338Z","times_seen":47059,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":10,"dns":0,"connect":1,"send":0,"wait":7,"receive":3,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gemini.bgpr.eu.org/api/version/check","fqdn":"gemini.bgpr.eu.org","domain":"bgpr.eu.org","tld":"eu.org"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:15.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gemini.bgpr.eu.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 24 Apr 2026 12:32:40 GMT","end":"Thu, 23 Jul 2026 12:32:39 GMT"},"fingerprint":{"sha1":"7E:31:7F:B8:8E:36:BC:7A:F3:B9:54:EE:F8:2F:1E:EE:3D:FB:1A:42","sha256":"F5:4D:2E:3B:74:4C:81:43:30:F0:EF:AA:5B:6F:5F:BA:E3:1C:A9:7A:CE:C8:9A:A6:FF:B6:FE:C0:0B:D8:A7:CD"}}},"request":{"raw":"GET /api/version/check HTTP/1.1\r\nHost: gemini.bgpr.eu.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gemini.bgpr.eu.org/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 04 May 2026 08:59:15 GMT\r\ncontent-type: application/json\r\ncontent-length: 73\r\nx-id-fe: sto5-hw-edge-gc21\r\nx-shard: sto5-shard0-default\r\ncontent-encoding: br\r\nrndr-id: cd6a325c-9f2d-4549\r\nvary: Accept-Encoding\r\nx-render-origin-server: uvicorn\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9f664eeafd6189c9-ARN\r\nx-id: sto5-hw-edge-gc22\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\ncache-control: no-cache\r\ncache: MISS\r\naccept-ranges: bytes\r\ntraceparent: 00-0950210d6b7117b51f73742532d02159-e2c07c33128c6cea-01\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":95,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"73325311754858c26bf89a4c257edd02","sha1":"67639c0b98fb121a8abc899df8ea510d8f24d21c","sha256":"bcd952c49b30c00bf4fdb206c7fc91873bfe5aaf2379f9cff8367f3520e85971","sha512":"cdd592a099b6d53ca20dd14be164a56cdb220c7f812b9178f32d11cb39ee98b32e5031cece9069dcc7e86aa2b2cbf098a3b6947e456b27b0ed7ef2cdaa3ad80d","ssdeep":"","tlshash":"26b012805093daaf41045f0c90007840f76a518315009c11000d8e0023d5178452430d","first_seen":"2025-10-11T03:44:02.574653Z","last_seen":"2026-05-06T17:55:36.18689Z","times_seen":414,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-04","alert":"Sinkholed","trigger":"gemini.bgpr.eu.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-04","alert":"Phishing Block","trigger":"gemini.bgpr.eu.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:15.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gemini.bgpr.eu.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gemini.bgpr.eu.org/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48256\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 02 May 2026 11:52:02 GMT\r\nexpires: Sun, 02 May 2027 11:52:02 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 28 May 2025 18:51:44 GMT\r\ncontent-type: font/woff2\r\nage: 162433\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48256,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48256, version 1.0","md5":"260c81a4759baf163c025001c4f27872","sha1":"f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298","sha256":"3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62","sha512":"9acec3e7a411a1eb6d072c3773bb14e5aa74d85d334674ec0fb018b7937174d5b612b756b2ce7aa3993d31dfe172516e7aaec79c7dd209eac5fd15d9aea077e9","ssdeep":"768:Gp4Wb3wv+eCLRZRtq9uGHpHveBOX5qw/14X+5edVWK4afHSTle4MRhVUNMT/TQDt:Gp483wdmXRtqhJPeByj/f4WK4mHIj8xw","tlshash":"be2302df9e4d72d29271267045338383798e2d8a50aae7a1061c0fe6de05b69d31fb9c","first_seen":"2025-05-30T10:47:22.433446Z","last_seen":"2026-05-06T17:55:36.202691Z","times_seen":16103,"resource_available":false,"data":null}},"time_used":339,"timings":{"blocked":162,"dns":7,"connect":31,"send":0,"wait":8,"receive":3,"ssl":123},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:15.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gemini.bgpr.eu.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 04 May 2026 08:59:15 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 108020\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-1a5f4\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 312063\r\nexpires: Sat, 24 Apr 2027 08:59:15 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3zqO87ln%2Bbhs0yOsvs9g8vcgmHIiir5ue54A2HfN27ETPg2BAPS4lU8PqeAEEjgpJVTkWV1%2BCmvCzR%2B28%2BGdSSJWQg%2BqUu7KyKh10LuPgw6WudbWJuOc01Zc796B26KTCMsZLSV5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: 9f664eeb7be17130-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":108020,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 108020, version 772.256","md5":"8b0ddedbb27cbc9971c8667caa8a0cc1","sha1":"4350f9ba93384634faf35f41c503c99c767f1069","sha256":"748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207","sha512":"d3b4791b988fcfd9911a2158163d0c44d6797650890b5d4ac769417e09d8fc2c67edc595be8e7927de0519a85eeb3577d0c7e385bdc99d762c7a6cfbad021b39","ssdeep":"3072:MUdDCdwgz0kLytDzAUhcJz8zfleLXsg4OEpUtbeONfQfG:1d+dNBBh8zflIWGP9Qe","tlshash":"8db312128031ef76fd4aa621de6b1807b03da30b67f249a9ded46a37c050997b471b4f","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-05-06T17:55:36.205277Z","times_seen":17508,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:15.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gemini.bgpr.eu.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gemini.bgpr.eu.org/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48256\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 02 May 2026 11:52:02 GMT\r\nexpires: Sun, 02 May 2027 11:52:02 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 28 May 2025 18:51:44 GMT\r\ncontent-type: font/woff2\r\nage: 162433\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48256,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48256, version 1.0","md5":"260c81a4759baf163c025001c4f27872","sha1":"f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298","sha256":"3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62","sha512":"9acec3e7a411a1eb6d072c3773bb14e5aa74d85d334674ec0fb018b7937174d5b612b756b2ce7aa3993d31dfe172516e7aaec79c7dd209eac5fd15d9aea077e9","ssdeep":"768:Gp4Wb3wv+eCLRZRtq9uGHpHveBOX5qw/14X+5edVWK4afHSTle4MRhVUNMT/TQDt:Gp483wdmXRtqhJPeByj/f4WK4mHIj8xw","tlshash":"be2302df9e4d72d29271267045338383798e2d8a50aae7a1061c0fe6de05b69d31fb9c","first_seen":"2025-05-30T10:47:22.433446Z","last_seen":"2026-05-06T17:55:36.202691Z","times_seen":16103,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":121,"dns":0,"connect":13,"send":0,"wait":10,"receive":5,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gemini.bgpr.eu.org/","date":"2026-05-04T08:59:15.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gemini.bgpr.eu.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gemini.bgpr.eu.org/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48256\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 02 May 2026 11:52:02 GMT\r\nexpires: Sun, 02 May 2027 11:52:02 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 28 May 2025 18:51:44 GMT\r\ncontent-type: font/woff2\r\nage: 162433\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48256,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48256, version 1.0","md5":"260c81a4759baf163c025001c4f27872","sha1":"f11d729bb0a4d8350d2ea3d0fc062cf6ef2d5298","sha256":"3100e775e8616cd2611beecfa23a4263d7037586789b43f035236a2e6fbd4c62","sha512":"9acec3e7a411a1eb6d072c3773bb14e5aa74d85d334674ec0fb018b7937174d5b612b756b2ce7aa3993d31dfe172516e7aaec79c7dd209eac5fd15d9aea077e9","ssdeep":"768:Gp4Wb3wv+eCLRZRtq9uGHpHveBOX5qw/14X+5edVWK4afHSTle4MRhVUNMT/TQDt:Gp483wdmXRtqhJPeByj/f4WK4mHIj8xw","tlshash":"be2302df9e4d72d29271267045338383798e2d8a50aae7a1061c0fe6de05b69d31fb9c","first_seen":"2025-05-30T10:47:22.433446Z","last_seen":"2026-05-06T17:55:36.202691Z","times_seen":16103,"resource_available":false,"data":null}},"time_used":258,"timings":{"blocked":115,"dns":1,"connect":8,"send":0,"wait":9,"receive":11,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}