{"report_id":"12fdc55a-327e-44dc-a3df-8d7d82ec09be","version":6,"status":"done","tags":[],"date":"2026-05-11T11:53:05Z","url":{"schema":"http","addr":"noris.capital","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":0,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"noris.capital/","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"title":"Norís Capital - Venture Capital \u0026 Investment Firm","dom":{"size":83264,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (56160)","md5":"0df848f1723d9f7a9843aeffcad613f0","sha1":"a62923799c5a2f6847e79043139344c81ed7ccb1","sha256":"0a58076054089c9f8f11aaba9b6d8ff9511d825f54d5837645c96a231e90fa07","sha512":"20ca69134cb8e27b26d7b7330680140736007af440b7a6337c0b4e7fdd5c24076d4421226771a1388c477dd3498b0ec502ab22f61101a63b194147891340719c","ssdeep":"768:5EU1q+kAq+k7q+kXULxuxvZsbkoN9aqRaXNWfbw5rhVakbuoYxBqXrdC6ApDrvyj:pkKkdkWQ0aUBCS5E+EE0wjSAkzHX","tlshash":"a383a57cb2d005bb656bcae2b2653b28b0fdc34bd5134448bafcc2e99bc6c44dd52664","dom_hash":"domhash4f01a706b14338b444f8a758a4fd9e80","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"noris.capital","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":0,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-15T11:53:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"noris.capital","ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-11T11:53:05.95691Z","last_seen":"2026-05-11T11:53:05.95691Z","alert_count":69,"request_count":23,"received_data":953307,"sent_data":10810,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"noris.capital/assets/index-Chf82Zov.js","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee415dd542e5ad91c45aa57dbcdf3289","sha1":"1e88f7edfb5378c3afef524627928c59569115eb","sha256":"6fee9cabd8768b452fd6d1ad6a747daa7d8ae04f51804d565665c0307691676b","sha512":"3f1558e735d4a38c7edfb3063098f048431e8778da0073964692d6aa0ac8bbefc114a6740973af855ae1022a964f4bf4a1039e6dbe04e357f794d0dc07f7a90d","ssdeep":"3072:HK4g44xJRbM2xiuwWw7JHtdKdSXoTJO/WYadIX4Im1/HV4Q+6clg3anx0wC+b4w9:HK44JbM2xSDJHtwgMyYaB4Vn+6cleh4","tlshash":"29946ce8b29576a9afa745e040af0106723f1d56b40d8464b13cecda3ab4409727bffd","size":442762,"data":"","first_seen":"2026-05-11T11:53:10.196891Z","last_seen":"2026-05-11T11:55:12.856434Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"noris.capital/assets/index.css","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/index.css HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 13 Apr 2026 21:11:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dd5c15-18813\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100371,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7d82c5ded4f7526bf3191e05c3929917","sha1":"888d05c19e2a482f7321bc31a8b6cc3759251b77","sha256":"eb4ba4bd797801cc577c5ff7c843806b39fe4eb60d88938154e1e18a92f3f3d9","sha512":"c74f64e98e220113fc57626833ac6ec548b223626309502e9e8d22cdfa51c34595850eb82f2cc5f7a55874b6285cd18f97b6ce90cc7a6c82bd7a8b74f8d09ae2","ssdeep":"1536:NcSxBhKpUZEEZVGQ+zuJaQSsMq+WDhzmAkX7zn88e0k0988R988q:JBhKuN6HzuXMq+WDhKAD","tlshash":"0ca3a690b229e93fbc3364f9538cf85c911974c0dd6906e9fe12a22256c7bf16e77218","first_seen":"2026-05-11T11:53:10.169015Z","last_seen":"2026-05-11T11:55:12.854089Z","times_seen":2,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/8daf5e3b56eb3374af341cb99b8af7b112b5ab13.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/8daf5e3b56eb3374af341cb99b8af7b112b5ab13.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 10331\r\nlast-modified: Mon, 13 Apr 2026 21:11:48 GMT\r\netag: \"69dd5c14-285b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10331,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGB, non-interlaced","md5":"ee739d3e0b1b7eda459971779ea9cd63","sha1":"8daf5e3b56eb3374af341cb99b8af7b112b5ab13","sha256":"8315c3822ae546d3cd1710170b89df9e6f93dbb1909c6baf32591d0c5fad0215","sha512":"25d5d58526dd719cb44586d09c99ec2dc84df1126ee6b9589611d1d0d0bb081b251b83ee0ba96ecffc5fb9c8804629a57ec242709feca8d05149aa90e285a7f0","ssdeep":"192:fKEIjJG4mRBQ6VLP4TCkV1JvHcRh5I89r1c+9YLWekhoTPxGwCA:fz0GLQ6VLgTC4JHcRh5JO2YLWexrR","tlshash":"6222a0a95842f729fdc9680f45294c3db2f179ad91c1ef2105d185b3a94ed46ecb48c4","first_seen":"2026-05-11T11:53:10.174441Z","last_seen":"2026-05-11T11:55:12.857212Z","times_seen":2,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/c2ef2cd47170438551037a9639cc085c4c7e5ea3.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/c2ef2cd47170438551037a9639cc085c4c7e5ea3.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 28279\r\nlast-modified: Mon, 13 Apr 2026 21:11:48 GMT\r\netag: \"69dd5c14-6e77\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28279,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"c6bc7b76bcd9bb7e98bfbad91dea6ac1","sha1":"c2ef2cd47170438551037a9639cc085c4c7e5ea3","sha256":"5029e2be178e41e8598e0e0c4fde21c0eadb9d2989c6dd134600a6bdad5c31b8","sha512":"f49b3814f324f386b7ee03694f6e3de74258e2601bdc9d74049c2127a2752d1bed294bee5eb3af209b0df7d5e29212bdde4d2f44bd5aea0762fd3f0b90c36af5","ssdeep":"768:olMZlIBXPhRyzcEDUSvwLtBTTiHCofd65iwIYhBf+XB5:KM7qXPKIEiNe4RP6j","tlshash":"ffc2f137e2119e3ff8b2c4090b14b959c1b709086f42b76aafad9179db17501d033eb6","first_seen":"2026-05-11T11:53:10.177394Z","last_seen":"2026-05-11T11:55:12.862425Z","times_seen":2,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/9bafbe045dae38917685af48f4d833946b27748b.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/9bafbe045dae38917685af48f4d833946b27748b.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 14224\r\nlast-modified: Mon, 13 Apr 2026 21:11:48 GMT\r\netag: \"69dd5c14-3790\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14224,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"adef252b5915913afa563c64b74516dc","sha1":"9bafbe045dae38917685af48f4d833946b27748b","sha256":"7cb4ef1fc48324445478a85ee2e9054eb2f82175d7468a7385ba451ef0e66790","sha512":"18c6694af3627ad2bf30775b841c0428e3757e6ada99690766780448911dcc4665cf460af20179cb0549853f7a258ab8e59fb97e4607150e3dd41a7e7e1d51ed","ssdeep":"384:o42L0vbFhmN1MU7iZbm8ZZgQK0YhtqkCPPcKY8:T2LubON+UOD7ctQp","tlshash":"b552d1d7320709f9eb431f7ea9d7859c373a3ba0e5d0843913f98ec4ecaa08a055d086","first_seen":"2026-05-11T11:53:10.179672Z","last_seen":"2026-05-11T11:55:12.868532Z","times_seen":2,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/a30f4841c544b0e476a690019d8eede7feeabc00.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/a30f4841c544b0e476a690019d8eede7feeabc00.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 27687\r\nlast-modified: Mon, 13 Apr 2026 21:11:48 GMT\r\netag: \"69dd5c14-6c27\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27687,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"1d3f3d6754b90a29af7466238d189156","sha1":"a30f4841c544b0e476a690019d8eede7feeabc00","sha256":"ce309b131ed548c29489c8defe4ac7685b851fc6b4bc8ba091cba1ad1073ea2a","sha512":"c4e780b54e1cc6842ea36ae080e48f2a0dbf312713f4c0381dedf3b44147c590bc86362721bd42a8034c8b977dbe29f662ada5c1412ee47413182e606a29b397","ssdeep":"768:asfEe48ASJ/P4Jwa+oTnzCMlUnfEIwpccDt:Nfk8ASJ/0oQlUnsKcJ","tlshash":"b1c2f143f49d43895e125ff6cfc670a47519436842ffa4b2a02a4b61cfe71b098ed29a","first_seen":"2026-05-11T11:53:10.181644Z","last_seen":"2026-05-11T11:55:12.86101Z","times_seen":2,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/9d9b7fb1df1b72cfff24d2f15c091ef871c2fabf.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/9d9b7fb1df1b72cfff24d2f15c091ef871c2fabf.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 14811\r\nlast-modified: Mon, 13 Apr 2026 21:11:48 GMT\r\netag: \"69dd5c14-39db\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14811,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGB, non-interlaced","md5":"ca605287e7bfb3b7b4e85fada3ea0bbf","sha1":"9d9b7fb1df1b72cfff24d2f15c091ef871c2fabf","sha256":"e4779c7ec57b762cc27af825ecf776943f7c29ab81b8ffd0f4e367ee35d1ef6a","sha512":"a72ba506724c2465802eb4ddfcb2f7327e05d4b2bdcfe208f0c1d39d457859398d8c02c0a7762b33a834fc46663cde6d8f917b47f7c64705503c6fad9f920432","ssdeep":"384:xVlUNB49/09gafNJHdYy/XpRP9Zssw8ZhH80I:e498JNJOCpRPfssjlI","tlshash":"9a62c034694ef5f2f39d4c6736380c690828d02d035644ca693cc9ae39cbe8f19f4666","first_seen":"2026-05-11T11:53:10.183605Z","last_seen":"2026-05-11T11:55:12.865607Z","times_seen":2,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/4522c0b821483483ea7952536d5cac5e5f2c220b.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.967Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/4522c0b821483483ea7952536d5cac5e5f2c220b.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 12452\r\nlast-modified: Mon, 13 Apr 2026 21:11:47 GMT\r\netag: \"69dd5c13-30a4\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12452,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"a78f04f101abb753e8c179ac17210f3d","sha1":"4522c0b821483483ea7952536d5cac5e5f2c220b","sha256":"b4ceaa6d820b6eae4668415219cf985d8cc5117b1be2bc86a73ac26dc8a3ee88","sha512":"8b41ed21802f900c3eabd0ac14e78bca885fb30e4eab35496624b17d2f167a1b5fcdf044dec16437f9fe7f9d6f77522f1b270c69489f191b192fafc31d2fe535","ssdeep":"384:hNwQHCbZ2eDA3f+1f2ZzDvpVf6gBAfGE+0F5UBiSd9:hNJHCbBQ+1+VD7SoFERHJQ9","tlshash":"bd42d06852af1bb95d0d10f09013894c210a80ec9ae759f0c99ec6223bcbe59f93d5eb","first_seen":"2026-05-11T11:53:10.185811Z","last_seen":"2026-05-11T11:55:12.866318Z","times_seen":2,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/aaae058542a1286b03665e2988a25d58f68a77fb.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/aaae058542a1286b03665e2988a25d58f68a77fb.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 13266\r\nlast-modified: Mon, 13 Apr 2026 21:11:48 GMT\r\netag: \"69dd5c14-33d2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13266,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"2de5e44bef40054b9b9840abce66ac41","sha1":"aaae058542a1286b03665e2988a25d58f68a77fb","sha256":"b606bd0dc69b596f170c51d9b4b527256a5dbbb71610810b93a9e39593493f23","sha512":"3232dff1ddf0166d4865edb16941a8c0afc50b047b361c17d642a82b532c08ba21fd0fe8119317be27272a7daa77ba247104f3036d32c4dc11dd7c0440fd51ff","ssdeep":"384:/vGhQthNuVYTp53m9fP5ytyey03d7GA6mZD50RP:yANu8IfBI1/9fZ90RP","tlshash":"9352c072f06b61dbd514d1e3e1ed1c6c1be1554ed432f48a3e18c3b75666892c2c07ae","first_seen":"2026-05-11T11:53:10.188009Z","last_seen":"2026-05-11T11:55:12.861705Z","times_seen":2,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/5cfacc94fec5ef95c42f0dae5ef7537a194ad1f1.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/5cfacc94fec5ef95c42f0dae5ef7537a194ad1f1.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 16586\r\nlast-modified: Mon, 13 Apr 2026 21:11:47 GMT\r\netag: \"69dd5c13-40ca\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16586,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"be6fdbc23065779787d1e7a5200b70f1","sha1":"5cfacc94fec5ef95c42f0dae5ef7537a194ad1f1","sha256":"6c826750b2b5564b8bde37acc15a93662e91fe951f990adff26d0fed421e242f","sha512":"ada756d4e6abdbed66fd9a504c1ca74a203b3b5f9657a487078168a280cd114c2a93119f0712096d7a9602cb0a74d47d8a42687893899ce6a632bb783adf9db5","ssdeep":"384:mPMqcyrWbmrVwwMlwnxQ/HWMEsyVwYqODFXol9FwDvX44e7Zzs4c:mPw9mBwwMWnQHWVsyVP6KjX4v7ZQF","tlshash":"9672d014eae76b76d64b2c5423d6e96f0d48cb71c15405c6d7818a216fbf602a6cebc0","first_seen":"2026-05-11T11:53:10.190406Z","last_seen":"2026-05-11T11:55:12.864148Z","times_seen":2,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/cde58396c1d5ffa137fa830c1e169ea2a0137f57.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/cde58396c1d5ffa137fa830c1e169ea2a0137f57.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 27841\r\nlast-modified: Mon, 13 Apr 2026 21:11:49 GMT\r\netag: \"69dd5c15-6cc1\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27841,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"f579e72214e6ec7b65479e940293b9f7","sha1":"cde58396c1d5ffa137fa830c1e169ea2a0137f57","sha256":"cf839a90e46e41ca754f434c9a02968c3ecc6b54b5b4d18fdf642ea6c1105189","sha512":"a288a38470896d27e1eea848acad5a838797d7cead82898968ab6966364a44bbabfa225770b1d01d68b1937c778590d47bc4e7f0357c8c5cd30fbd738ec227e5","ssdeep":"768:ehMkeHVHUpnDiMmDEtuWYguvajQYzlOYaClooCkCM:ehwHVHinqI4PXvajQPTClooCW","tlshash":"dec2e045b31aef6aa0332d634fd632e83b2c55768d5491be6702c28e9d8d734f252bc1","first_seen":"2026-05-11T11:53:10.192137Z","last_seen":"2026-05-11T11:55:12.860268Z","times_seen":2,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/aef452d7c7c39d80f385918d730a5f761ff4f04b.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/aef452d7c7c39d80f385918d730a5f761ff4f04b.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 23414\r\nlast-modified: Mon, 13 Apr 2026 21:11:48 GMT\r\netag: \"69dd5c14-5b76\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23414,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"daa876e1c38f1d67a414e0e97d56dfa6","sha1":"aef452d7c7c39d80f385918d730a5f761ff4f04b","sha256":"f4e13f52f5bf208ee1b94ad281dc5d64daa0d00acf3b883b9d0b12efb8646d86","sha512":"f6d644e16ad06270695d28504b05ceaf4bb574053f7a2089b8f1b2d5ef1fe325c27673cb909fa6e88b056051dd1bd311b62b6ba3d772f9f532e037460d17267f","ssdeep":"384:adQuAWSL8s+sx+oiDd3i9/mN7NlNZjwrkVHCjJTOyooEDhLr6h9Ljz:adDAWex+oixS5mHVw2HyJKxAh9Ljz","tlshash":"eeb2d09ea664eda4c64f59f861c6ee91871177bb016f4d0c0df984dfb581c2cae04b0b","first_seen":"2026-05-11T11:53:10.194662Z","last_seen":"2026-05-11T11:55:12.870987Z","times_seen":2,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/index-Chf82Zov.js","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/index-Chf82Zov.js HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Mon, 13 Apr 2026 21:11:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dd5c15-6c18a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":442762,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (37631)","md5":"ee415dd542e5ad91c45aa57dbcdf3289","sha1":"1e88f7edfb5378c3afef524627928c59569115eb","sha256":"6fee9cabd8768b452fd6d1ad6a747daa7d8ae04f51804d565665c0307691676b","sha512":"3f1558e735d4a38c7edfb3063098f048431e8778da0073964692d6aa0ac8bbefc114a6740973af855ae1022a964f4bf4a1039e6dbe04e357f794d0dc07f7a90d","ssdeep":"3072:HK4g44xJRbM2xiuwWw7JHtdKdSXoTJO/WYadIX4Im1/HV4Q+6clg3anx0wC+b4w9:HK44JbM2xSDJHtwgMyYaB4Vn+6cleh4","tlshash":"29946ce8b29576a9afa745e040af0106723f1d56b40d8464b13cecda3ab4409727bffd","first_seen":"2026-05-11T11:53:10.196891Z","last_seen":"2026-05-11T11:55:12.856434Z","times_seen":2,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/9b64ab2d35f3515da4a5785de98c768127bbd2d5.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/9b64ab2d35f3515da4a5785de98c768127bbd2d5.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 21801\r\nlast-modified: Mon, 13 Apr 2026 21:11:48 GMT\r\netag: \"69dd5c14-5529\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"251b9508fe9a209e0b9b26db1680a501","sha1":"9b64ab2d35f3515da4a5785de98c768127bbd2d5","sha256":"da2ab07a0d8537a53a5320f7a44431cf64b52943d72c123157ed62aabcf4357d","sha512":"46bfb67c0c40a4b731aab92f326dc336d48dd338c1f384b5a56906affe2ac1dea0756fbd163bc22d5c6e1963346d7e20bc1519bdb7c43ddec79a2c2ebd73cf08","ssdeep":"384:a0y2AILU2HmikPudHRdQ5Ob7kJJM5u0czElYQKfX+4oDwJRHsty2JELvuw:fyDFMmi2udA9PM6ElYQKfX3o7wHruw","tlshash":"08a2d1569d747ae955dec90cf08cf2d70aa4ebd1e4c2662bd04f0efe8b8ca3164c4589","first_seen":"2026-05-11T11:53:10.19875Z","last_seen":"2026-05-11T11:55:12.85795Z","times_seen":2,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/8bf98134a64d9bd2e71cb4f2492cd7f353966043.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/8bf98134a64d9bd2e71cb4f2492cd7f353966043.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 30097\r\nlast-modified: Mon, 13 Apr 2026 21:11:48 GMT\r\netag: \"69dd5c14-7591\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30097,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"653906d44886b380bc4801af932c9e3f","sha1":"8bf98134a64d9bd2e71cb4f2492cd7f353966043","sha256":"746f5bb8b1488fbae907f7e6653345c51d692bb8aac4cd1c66a1828a041d4894","sha512":"e01f7f41fc4657a45cc3833a7171f58c25c52c0e2a2754905e1594f36fec1bbc1cf13ab821368d08b2ac9f9b586190931ac9c746d7b3fb40b3a2ac0f42d8279d","ssdeep":"768:qmNXXPvvEOlmD8tWBElvczrztA5n5obi1NRLsBRRon4jT:qmtXPn7lmD83f5n5oG1NYrq4jT","tlshash":"84d2f19f8dc49129215a8cc069c7bbea95333b511fda8bac83794bcd38e474e5188789","first_seen":"2026-05-11T11:53:10.200885Z","last_seen":"2026-05-11T11:55:12.859454Z","times_seen":2,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/2fc4aa5726f64569a2caddf6ca9d27a88266f37a-D6i99vtk.svg","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:44.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/2fc4aa5726f64569a2caddf6ca9d27a88266f37a-D6i99vtk.svg HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:44 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 13 Apr 2026 21:11:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dd5c13-bcc\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3020,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0c0a6da421bb6fb346e368cce7bab8e0","sha1":"4da55a29ad403c2f0bd467ab455682afecdaf3d5","sha256":"4cca8ee62dbfd47e89494c271b14879c428f33b823d78027d20d46ea356af836","sha512":"6be0b86c5a3c5cfbeab4c40069d8cee453a1c12ee841595655bfd1a0db2c93d1f74e607e7a53f28b5883a04763e65baa0efc32a37bba67ef8535112095d5d12d","ssdeep":"","tlshash":"ce5177d8a3c490f4e91ccba5c9f48d78292760edba41c45c43463ed4c93f14daa9e4cb","first_seen":"2026-05-11T11:53:10.203856Z","last_seen":"2026-05-11T11:55:12.867031Z","times_seen":2,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-11T11:52:43.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 2387\r\nlast-modified: Mon, 13 Apr 2026 21:11:46 GMT\r\netag: \"24a0-64f5dee30da9f-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9376,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3676)","md5":"59bb824cd2ce42f899db7a43c41a0030","sha1":"a3e95ae8e7e20ac25ce1a57ee5ef0ebf793cfded","sha256":"7370e8cfa91ecbc79f18380c17cee7963d18f452bf508387ecf4955b840512ab","sha512":"a99c9bb6e02c21130ec972f0f877b4377262e3885f3b1512cf6d625c0b8f512e66fefd8a2eb48ca0dca7e2ca981e0c5b722ee8e30df492bd9e50385e13f18d98","ssdeep":"192:zRmXEry69k/JIDCqqHPAs5nkgwq69k/JIDCqqHPAs5nkR+Z+Z+joA:1mXksiCqqIonkWiCqqIonkcoA","tlshash":"b312a5fe86805cc9e838ca135159731cc63222dffa25480c79cdba4c5fd5984eada8b9","first_seen":"2026-05-11T11:53:10.205694Z","last_seen":"2026-05-11T11:55:12.855666Z","times_seen":2,"resource_available":true,"data":null}},"time_used":286,"timings":{"blocked":128,"dns":51,"connect":31,"send":0,"wait":30,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/e1922b926a2bd63031fbc55835ec3ecfdc1ad7d1.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/e1922b926a2bd63031fbc55835ec3ecfdc1ad7d1.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 17736\r\nlast-modified: Mon, 13 Apr 2026 21:11:49 GMT\r\netag: \"69dd5c15-4548\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17736,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"b03bd23a8943976aa7cd4cb9b3cc2d40","sha1":"e1922b926a2bd63031fbc55835ec3ecfdc1ad7d1","sha256":"87a3b3e8fc099579845be730a4e6b00b3082964259925aadda135e958abd7a51","sha512":"4e40bfd55ba3353fe2a21477ce733610aa92c1bce9c4df1bbefe22d149f8fe31d903515f8dd0adc3cdcce9618ede99348ec19b87bb04854f08f8bb12916d432c","ssdeep":"384:br55pWyDrBKF8oLI1V9qDElr6Ud5HkyAzv+ZA6D+i:XxWyDrBKFjI1bzlrFd5syZA6l","tlshash":"1082d16b34a92215e616559fab85183d3720113f877fc92f2cd722ff8e7090e3252a86","first_seen":"2026-05-11T11:53:10.208422Z","last_seen":"2026-05-11T11:55:12.858664Z","times_seen":2,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/054f55771acd0c2baee84f2bb82b40689373bf9a.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/054f55771acd0c2baee84f2bb82b40689373bf9a.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 23652\r\nlast-modified: Mon, 13 Apr 2026 21:11:47 GMT\r\netag: \"69dd5c13-5c64\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23652,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"2ff8bc4814f1f5bab92aad73e5ca66d0","sha1":"054f55771acd0c2baee84f2bb82b40689373bf9a","sha256":"700839ca79a8c7e1c9da4c0260337254fffc160ebf89d8697b6a6af7f803c812","sha512":"6ee93814b27ef54672d650b748108ead96a3a6cac376dcfcfc7e539684fa46ac7abe8e2cc80b95429891a2aceac5d67bd1d6d2308083ba076451982b4c5ac4ab","ssdeep":"384:Do0q4ylmqYwOKLlwUEdzWczn0z3X/aLOx3YB1JrlLgGiFApbiWk1KNT9THk:k0q4yljRij23PaL+3+1JrlLg8pbvNk","tlshash":"b1b2e1a9bb5ca33ccea8f60e131b8e5e440ddf174f45136a06d1dbc0a62a1fd0d59365","first_seen":"2026-05-11T11:53:10.2102Z","last_seen":"2026-05-11T11:55:12.854863Z","times_seen":2,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/84adaea9e2a14aa27b61ee36bb5a47ac65e70a92.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/84adaea9e2a14aa27b61ee36bb5a47ac65e70a92.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 16797\r\nlast-modified: Mon, 13 Apr 2026 21:11:48 GMT\r\netag: \"69dd5c14-419d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16797,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"b59ba670d00d70721aa5605937e6c666","sha1":"84adaea9e2a14aa27b61ee36bb5a47ac65e70a92","sha256":"04ad1ebade045401e2bb8c51e528f8b5bdce620408b13bf101ea3232ab4b920e","sha512":"c6bb8bce1dc42a9bb279b2b156ee72a5fe7958acba6b0d39881f76dcd377b0432d5dfa313c859a6b6978ffcbd9da85db7bb9e0d9e8985825fc3d462f8b5e7bbb","ssdeep":"384:Bl4GHe4NM/N8u5SLFyElBk9EBw7q8TPp1dwlFdOVovQ:Bbe4eHShyqWEaPpc3WovQ","tlshash":"b272e10c13401e2ef0402bbea553b041a06dfb87423ff3db9678d4afb121a39f996425","first_seen":"2026-05-11T11:53:10.211899Z","last_seen":"2026-05-11T11:55:12.863471Z","times_seen":2,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/184c8164e5d70e0982828bf7d7e0d21c642e6dcb.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/184c8164e5d70e0982828bf7d7e0d21c642e6dcb.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 25853\r\nlast-modified: Mon, 13 Apr 2026 21:11:47 GMT\r\netag: \"69dd5c13-64fd\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25853,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGB, non-interlaced","md5":"0222a4e1f703699f0cc44093e74c60a9","sha1":"184c8164e5d70e0982828bf7d7e0d21c642e6dcb","sha256":"2db7f57832ea8fec01c384e0841030b044f93e0e0331ab6abf2e821505d59834","sha512":"d9b58f55919de6bb03cf0c4b3842320f5b98fdbbd88aa9696735da51702b3ee952ddff9ff64dd341a9cafcee854406ef77a94a6ec8c03c8b791d9ddc5bbd8eab","ssdeep":"768:AgmvzXm8lsmPippM7ZVpYM09FutRDN2L+4fCz:AgczXmARZVuM8ARDYKz","tlshash":"e8c2e10ba37686e967417f9706251a3c957eb4a014150bc1390283cb959c2edfcffd6d","first_seen":"2026-05-11T11:53:10.213712Z","last_seen":"2026-05-11T11:55:12.864843Z","times_seen":2,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/89a7b9068976135838683d5e71599d4147b415f7.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/89a7b9068976135838683d5e71599d4147b415f7.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 27240\r\nlast-modified: Mon, 13 Apr 2026 21:11:48 GMT\r\netag: \"69dd5c14-6a68\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27240,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"98498fd8ec6a48aacbc07212e6a9a7eb","sha1":"89a7b9068976135838683d5e71599d4147b415f7","sha256":"f6ec1c230b3f24d42bfcd8a622dc6c50f470bf52a999ebb1327f7a9676c0375e","sha512":"2dfeec00f3e4be783ed4e951d435ed60ea224417d24dca1a32c443a2cf9db4b61d24ca37ce8714bbc571d0a39e5dbc4acc421e7c1e81fbecc096307539154326","ssdeep":"384:wGfE+204WP1+//BfZF2iKYm7nidqieVCMFnpDAQVeY4fz7XROJRddyK8DrM7DMx1:hGX/b8iKYmisfv3n4fz7B5Ws1","tlshash":"d7c2f115a837d0d9ab1696d80a31b03d6a6e7038867ec30c9793e23d0ff794194b9f07","first_seen":"2026-05-11T11:53:10.215262Z","last_seen":"2026-05-11T11:55:12.867704Z","times_seen":2,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/139114572611ba084b2d6ffa1f6ccaaecdcb3fa2.png","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:43.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/139114572611ba084b2d6ffa1f6ccaaecdcb3fa2.png HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:43 GMT\r\ncontent-type: image/png\r\ncontent-length: 35697\r\nlast-modified: Mon, 13 Apr 2026 21:11:47 GMT\r\netag: \"69dd5c13-8b71\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35697,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"0a072a08778429e936c0b213dba7f93a","sha1":"139114572611ba084b2d6ffa1f6ccaaecdcb3fa2","sha256":"acc33907cd98e1901fad32cc5f7ddf28ad4b31f34362b20e1419524ad570f9b4","sha512":"eb62412b4b3a38beb78b48bec2e1b676a20b21d0334ae655432cc44ea8049d9d98c280b18b4785377ab588c1fc550e6f4191f264b98dacf2ee76a6c38eb35dd0","ssdeep":"768:tfACzdw8xunLJiwKp8uv+lRXy2gwwZDSIglGEQ+1kF1Ye:SwK9LpAxvSty2gRSIEOlwe","tlshash":"92f2f1572274f9754cefede6168aa5a018e1bf04d841577afa82d84c4a97cccc34bf44","first_seen":"2026-05-11T11:53:10.216697Z","last_seen":"2026-05-11T11:55:12.869216Z","times_seen":2,"resource_available":false,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"noris.capital/assets/2fc4aa5726f64569a2caddf6ca9d27a88266f37a-D6i99vtk.svg","fqdn":"noris.capital","domain":"noris.capital","tld":"capital"},"ip":{"addr":"79.137.198.222","port":443,"asn":210644,"as":"Aeza International Ltd","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://noris.capital/","date":"2026-05-11T11:52:44.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"noris.capital","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:56:09 GMT","end":"Wed, 29 Jul 2026 06:56:08 GMT"},"fingerprint":{"sha1":"B4:4D:25:BB:B2:83:1E:C6:E6:19:B8:C1:43:9E:D9:A9:AB:95:DD:54","sha256":"AC:53:C7:2F:73:03:02:86:44:9E:35:56:CE:D1:42:FE:C5:7E:4D:8A:E2:C2:4F:97:5D:4C:72:F0:A3:DE:0C:38"}}},"request":{"raw":"GET /assets/2fc4aa5726f64569a2caddf6ca9d27a88266f37a-D6i99vtk.svg HTTP/1.1\r\nHost: noris.capital\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://noris.capital/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 11 May 2026 11:52:44 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 13 Apr 2026 21:11:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69dd5c13-bcc\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3020,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0c0a6da421bb6fb346e368cce7bab8e0","sha1":"4da55a29ad403c2f0bd467ab455682afecdaf3d5","sha256":"4cca8ee62dbfd47e89494c271b14879c428f33b823d78027d20d46ea356af836","sha512":"6be0b86c5a3c5cfbeab4c40069d8cee453a1c12ee841595655bfd1a0db2c93d1f74e607e7a53f28b5883a04763e65baa0efc32a37bba67ef8535112095d5d12d","ssdeep":"","tlshash":"ce5177d8a3c490f4e91ccba5c9f48d78292760edba41c45c43463ed4c93f14daa9e4cb","first_seen":"2026-05-11T11:53:10.203856Z","last_seen":"2026-05-11T11:55:12.867031Z","times_seen":2,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-11","alert":"Sinkholed","trigger":"noris.capital","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}